Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2823/HwS5Xz_R8kbWY-novmqF5XbU3J8.roa
File: HwS5Xz_R8kbWY-novmqF5XbU3J8.roa (raw, json)
Hash identifier: p86mZ0e3El0qLrukkbyHGYi6pgKjRtTIsJ8jYn4sSk8=
Subject key identifier: 1F:04:B9:5F:3F:D1:F2:46:D6:63:E9:E8:BE:6A:85:E5:76:D4:DC:9F
Certificate issuer: /CN=6647DAB6455116964FAC00012CCC83174D4E46E1
Certificate serial: 12A0
Authority key identifier: 66:47:DA:B6:45:51:16:96:4F:AC:00:01:2C:CC:83:17:4D:4E:46:E1
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZkfatkVRFpZPrAABLMyDF01ORuE.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2823/HwS5Xz_R8kbWY-novmqF5XbU3J8.roa
Signing time: Fri 17 Jan 2025 01:26:57 +0000
ROA not before: Fri 17 Jan 2025 01:26:57 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 137730
IP address blocks: 2403:d9c0::/48 maxlen: 48
2403:d9c0:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4768 (0x12a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6647DAB6455116964FAC00012CCC83174D4E46E1
Validity
Not Before: Jan 17 01:26:57 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=1F04B95F3FD1F246D663E9E8BE6A85E576D4DC9F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:57:6b:ef:83:ec:a1:cb:8c:1f:6c:23:5b:63:
0d:49:00:ea:43:56:b5:0c:a0:29:36:26:cf:c0:bf:
bb:95:23:87:34:2d:77:b4:71:c2:4b:2f:c6:2e:7f:
7c:30:a3:25:1d:c1:10:12:6b:5d:98:19:7c:eb:58:
8a:b3:5f:36:74:33:8c:02:7b:3d:51:d7:18:b1:4a:
34:e8:02:ef:04:f9:cc:1f:86:00:91:63:26:4f:ba:
e6:19:f6:09:f6:14:fe:f8:b5:c3:ab:55:65:5c:69:
73:9c:c0:73:0e:14:a9:e6:c8:70:2e:d5:63:5f:98:
bb:96:e5:73:d1:29:c2:b2:59:9e:81:f6:7d:32:e8:
5c:12:f7:00:c9:5e:fb:69:85:37:6b:8c:69:dc:d3:
ca:6d:18:6c:55:84:3c:f9:94:9f:a1:a8:29:79:3c:
e4:26:9b:af:3d:f3:13:ef:4a:3e:4e:3b:f3:c7:95:
91:d1:3a:88:3c:e4:42:5c:fd:66:25:bd:d8:e7:2a:
c4:a2:a5:11:29:2f:25:08:c3:11:28:1f:47:ec:86:
70:69:48:d9:7f:de:b8:90:5b:35:bb:98:aa:5c:55:
7e:8c:23:1e:9e:a6:37:59:8b:9f:8c:9c:70:93:66:
e7:88:2e:a7:7b:cf:4e:10:d2:2c:a7:41:15:c5:2d:
b1:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:04:B9:5F:3F:D1:F2:46:D6:63:E9:E8:BE:6A:85:E5:76:D4:DC:9F
X509v3 Authority Key Identifier:
keyid:66:47:DA:B6:45:51:16:96:4F:AC:00:01:2C:CC:83:17:4D:4E:46:E1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2823/ZkfatkVRFpZPrAABLMyDF01ORuE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZkfatkVRFpZPrAABLMyDF01ORuE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2823/HwS5Xz_R8kbWY-novmqF5XbU3J8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:d9c0::/48
2403:d9c0:2::/48
Signature Algorithm: sha256WithRSAEncryption
11:60:7a:b7:97:1e:37:75:c6:98:34:6e:f8:26:44:dc:23:f2:
3b:5f:4b:8c:e5:6a:11:6e:26:f4:d2:90:d1:54:27:d1:2e:fa:
de:86:dc:e8:8e:b9:d2:96:dc:e3:0d:7d:e7:61:26:bf:b5:80:
9e:11:ee:92:e8:8d:ef:ea:ae:81:8b:e4:1d:57:ce:c2:f2:67:
de:97:4b:b6:b1:cf:e3:5b:a6:79:b8:b8:31:9e:1f:4a:4f:02:
39:0f:c8:47:fa:8e:ab:0a:6b:e9:93:32:8f:42:13:8b:2c:3e:
62:d5:93:09:3b:5f:7d:8d:43:c2:76:4d:f1:14:69:88:da:cd:
8d:f4:af:88:61:72:f0:e5:6f:c7:8f:a9:71:bc:6b:da:fc:d6:
70:c1:d5:be:29:56:6c:ca:3d:6d:22:2f:9b:21:71:e8:c6:e0:
42:33:30:b4:41:03:27:28:df:6d:9c:35:5c:77:2e:0f:34:31:
4f:e3:94:51:d9:a4:db:a1:73:e5:74:6a:1a:8e:ed:92:ca:76:
ad:bd:e7:09:39:b4:77:c3:8c:31:1d:0f:cf:bd:d6:12:8c:a7:
87:2b:5f:a9:b5:ec:4d:76:f4:ab:76:20:a7:7f:b7:b6:24:62:
12:eb:88:60:9f:b5:dc:7f:03:36:db:18:1b:95:9c:14:40:38:
e0:3b:a8:83
-----BEGIN CERTIFICATE-----
MIIE4zCCA8ugAwIBAgICEqAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjY0
N0RBQjY0NTUxMTY5NjRGQUMwMDAxMkNDQzgzMTc0RDRFNDZFMTAeFw0yNTAxMTcw
MTI2NTdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDFGMDRCOTVGM0ZEMUYy
NDZENjYzRTlFOEJFNkE4NUU1NzZENERDOUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvV2vvg+yhy4wfbCNbYw1JAOpDVrUMoCk2Js/Av7uVI4c0LXe0
ccJLL8Yuf3wwoyUdwRASa12YGXzrWIqzXzZ0M4wCez1R1xixSjToAu8E+cwfhgCR
YyZPuuYZ9gn2FP74tcOrVWVcaXOcwHMOFKnmyHAu1WNfmLuW5XPRKcKyWZ6B9n0y
6FwS9wDJXvtphTdrjGnc08ptGGxVhDz5lJ+hqCl5POQmm6898xPvSj5OO/PHlZHR
Oog85EJc/WYlvdjnKsSipREpLyUIwxEoH0fshnBpSNl/3riQWzW7mKpcVX6MIx6e
pjdZi5+MnHCTZueILqd7z04Q0iynQRXFLbGdAgMBAAGjggH/MIIB+zAdBgNVHQ4E
FgQUHwS5Xz/R8kbWY+novmqF5XbU3J8wHwYDVR0jBBgwFoAUZkfatkVRFpZPrAAB
LMyDF01ORuEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjgy
My9aa2ZhdGtWUkZwWlByQUFCTE15REYwMU9SdUUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1prZmF0a1ZSRnBaUHJBQUJMTXlERjAxT1J1RS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4MjMvSHdTNVh6X1I4a2JX
WS1ub3ZtcUY1WGJVM0o4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDArBggrBgEFBQcBBwEB/wQcMBowGAQCAAIw
EgMHACQD2cAAAAMHACQD2cAAAjANBgkqhkiG9w0BAQsFAAOCAQEAEWB6t5ceN3XG
mDRu+CZE3CPyO19LjOVqEW4m9NKQ0VQn0S763obc6I650pbc4w1952Emv7WAnhHu
kuiN7+qugYvkHVfOwvJn3pdLtrHP41umebi4MZ4fSk8COQ/IR/qOqwpr6ZMyj0IT
iyw+YtWTCTtffY1DwnZN8RRpiNrNjfSviGFy8OVvx4+pcbxr2vzWcMHVvilWbMo9
bSIvmyFx6MbgQjMwtEEDJyjfbZw1XHcuDzQxT+OUUdmk26Fz5XRqGo7tksp2rb3n
CTm0d8OMMR0Pz73WEoynhytfqbXsTXb0q3Ygp3+3tiRiEuuIYJ+13H8DNtsYG5Wc
FEA44Duogw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:52:27 2025 by rpki-client