Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2988/KfP0ZCUuC1PhF8CzdtWtzcszduY.roa
File: KfP0ZCUuC1PhF8CzdtWtzcszduY.roa (raw, json)
Hash identifier: r/AGnm9YcBTVWRVhDcRk7BQDUKW02eT+VxXbyfnGKHY=
Subject key identifier: 29:F3:F4:64:25:2E:0B:53:E1:17:C0:B3:76:D5:AD:CD:CB:33:76:E6
Certificate issuer: /CN=012D4317BCA1660F88066F890F8C04AF557000CB
Certificate serial: 1BCC
Authority key identifier: 01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/KfP0ZCUuC1PhF8CzdtWtzcszduY.roa
Signing time: Sat 09 Mar 2024 23:44:04 +0000
ROA not before: Sat 09 Mar 2024 23:44:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 4538
IP address blocks: 2406:3340::/36 maxlen: 36
2406:3340:1000::/36 maxlen: 36
2406:3340:2000::/36 maxlen: 36
2406:3340:3000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7116 (0x1bcc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=012D4317BCA1660F88066F890F8C04AF557000CB
Validity
Not Before: Mar 9 23:44:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=29F3F464252E0B53E117C0B376D5ADCDCB3376E6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:c0:dc:09:b8:98:f3:03:08:60:2c:54:e1:41:
1f:9c:cd:2e:73:ce:eb:30:da:6f:9c:fd:06:26:30:
bd:cd:f9:73:34:f0:03:1f:76:1d:a1:1e:db:35:1e:
fe:2f:14:28:c4:70:04:52:54:5c:bd:82:72:a1:9e:
2d:3b:30:1c:79:43:18:4e:b6:e2:98:7a:33:64:e1:
7c:55:07:ac:e4:c4:80:fd:d1:f4:62:cb:09:06:fe:
a8:9c:49:08:a4:05:de:c8:65:ad:c5:a7:8c:12:b4:
a2:4a:89:ee:f5:3a:0b:e6:4c:80:52:4e:8c:b6:79:
b3:e8:00:e6:b5:1b:69:3a:0e:87:49:76:06:1e:e9:
44:96:28:ca:9e:c9:00:3d:25:43:58:78:36:1c:e0:
f7:96:21:76:07:b4:1b:36:94:f9:8f:5e:48:f7:a1:
ce:07:c0:40:d7:f2:73:6a:7d:14:89:26:1d:33:eb:
4a:a9:27:22:17:6d:d8:bc:0e:03:c7:ec:88:a8:7c:
87:d4:81:96:b3:60:24:83:3f:ee:09:5e:dc:df:1a:
e6:e7:9d:c8:78:4e:df:88:87:6b:b2:17:82:99:2b:
97:0e:1f:31:93:2d:af:d5:77:6b:91:c9:f6:fd:dd:
2f:f0:b8:d0:8c:d0:69:5d:20:63:2b:ff:e0:75:6f:
f7:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:F3:F4:64:25:2E:0B:53:E1:17:C0:B3:76:D5:AD:CD:CB:33:76:E6
X509v3 Authority Key Identifier:
keyid:01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/KfP0ZCUuC1PhF8CzdtWtzcszduY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:3340::/34
Signature Algorithm: sha256WithRSAEncryption
31:8c:4d:88:49:ce:e6:5d:7c:49:ce:c5:49:23:47:b7:5a:ca:
fd:ef:3c:eb:39:9f:29:63:7a:4b:5d:36:91:80:e7:f5:11:28:
a8:3b:96:1c:88:b7:da:a9:10:68:11:2d:d9:40:eb:fc:42:00:
e4:95:5c:53:c5:a0:a9:e7:63:f6:cf:6d:43:a1:4b:d5:2d:64:
92:bd:12:f3:f0:55:f5:2b:72:a1:6f:2b:9c:f5:6a:7b:89:af:
14:46:3a:9c:1a:56:99:53:5a:42:02:69:7b:d2:d4:54:81:f6:
81:6c:37:90:98:f2:42:45:84:3a:25:ce:c7:b6:eb:b7:f5:dd:
89:6e:c8:a3:4c:5d:b7:7d:14:9b:36:67:ee:62:cd:84:f5:d4:
14:de:29:22:49:27:c6:ff:7e:2a:2f:6d:6f:c1:e5:a5:01:ca:
6f:fb:1b:7c:a5:6d:8d:5d:13:bb:b5:72:7d:30:7b:de:3b:b6:
1c:35:2d:ee:90:a4:0e:22:ba:4a:9b:59:d2:2c:0f:4d:24:2c:
8d:2b:58:cc:e8:f9:36:56:ac:f2:17:ef:21:c7:72:1c:70:96:
ec:74:ab:4c:cc:d1:26:e3:74:39:7b:e1:b7:7d:0f:d4:d5:d0:
3d:c2:dd:16:4f:8d:74:63:95:bf:f3:fc:d6:af:0c:d9:17:a9:
30:8a:11:8f
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgICG8wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDEy
RDQzMTdCQ0ExNjYwRjg4MDY2Rjg5MEY4QzA0QUY1NTcwMDBDQjAeFw0yNDAzMDky
MzQ0MDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI5RjNGNDY0MjUyRTBC
NTNFMTE3QzBCMzc2RDVBRENEQ0IzMzc2RTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYwNwJuJjzAwhgLFThQR+czS5zzusw2m+c/QYmML3N+XM08AMf
dh2hHts1Hv4vFCjEcARSVFy9gnKhni07MBx5QxhOtuKYejNk4XxVB6zkxID90fRi
ywkG/qicSQikBd7IZa3Fp4wStKJKie71OgvmTIBSToy2ebPoAOa1G2k6DodJdgYe
6USWKMqeyQA9JUNYeDYc4PeWIXYHtBs2lPmPXkj3oc4HwEDX8nNqfRSJJh0z60qp
JyIXbdi8DgPH7IiofIfUgZazYCSDP+4JXtzfGubnnch4Tt+Ih2uyF4KZK5cOHzGT
La/Vd2uRyfb93S/wuNCM0GldIGMr/+B1b/ctAgMBAAGjggH1MIIB8TAdBgNVHQ4E
FgQUKfP0ZCUuC1PhF8CzdtWtzcszduYwHwYDVR0jBBgwFoAUAS1DF7yhZg+IBm+J
D4wEr1VwAMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk4
OC9BUzFERjd5aFpnLUlCbS1KRDR3RXIxVndBTXMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0FTMURGN3loWmctSUJtLUpENHdFcjFWd0FNcy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5ODgvS2ZQMFpDVXVDMVBo
RjhDemR0V3R6Y3N6ZHVZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIw
CAMGBiQGM0AAMA0GCSqGSIb3DQEBCwUAA4IBAQAxjE2ISc7mXXxJzsVJI0e3Wsr9
7zzrOZ8pY3pLXTaRgOf1ESioO5YciLfaqRBoES3ZQOv8QgDklVxTxaCp52P2z21D
oUvVLWSSvRLz8FX1K3Khbyuc9Wp7ia8URjqcGlaZU1pCAml70tRUgfaBbDeQmPJC
RYQ6Jc7Htuu39d2JbsijTF23fRSbNmfuYs2E9dQU3ikiSSfG/34qL21vweWlAcpv
+xt8pW2NXRO7tXJ9MHveO7YcNS3ukKQOIrpKm1nSLA9NJCyNK1jM6Pk2VqzyF+8h
x3IccJbsdKtMzNEm43Q5e+G3fQ/U1dA9wt0WT410Y5W/8/zWrwzZF6kwihGP
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:47:10 2025 by rpki-client