Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2988/YvkkzfNsMG-gGMhGG-RDkQr1SrQ.roa
File: YvkkzfNsMG-gGMhGG-RDkQr1SrQ.roa (raw, json)
Hash identifier: vShACIoA0Afzj3wrgfnkp6iISiTjbVGZ73quUmTzGSE=
Subject key identifier: 62:F9:24:CD:F3:6C:30:6F:A0:18:C8:46:1B:E4:43:91:0A:F5:4A:B4
Certificate issuer: /CN=012D4317BCA1660F88066F890F8C04AF557000CB
Certificate serial: 1BCA
Authority key identifier: 01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/YvkkzfNsMG-gGMhGG-RDkQr1SrQ.roa
Signing time: Sat 09 Mar 2024 23:42:23 +0000
ROA not before: Sat 09 Mar 2024 23:42:23 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 4538
IP address blocks: 2406:3340::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7114 (0x1bca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=012D4317BCA1660F88066F890F8C04AF557000CB
Validity
Not Before: Mar 9 23:42:23 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=62F924CDF36C306FA018C8461BE443910AF54AB4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:3a:9c:f5:f6:c6:64:1e:ad:a2:6c:ad:b7:2e:
5f:07:03:02:41:ee:16:52:50:b0:7a:cc:2d:d1:f5:
11:26:2f:e6:db:59:5b:ec:07:0a:f0:e3:41:01:05:
17:b6:90:4b:50:e1:f3:74:f6:33:4b:5f:73:e4:1e:
eb:7f:5a:8c:6b:3e:d6:3a:69:85:65:05:54:5b:a0:
1f:0e:c3:3a:f1:74:ca:96:46:68:da:e2:f8:db:88:
e3:b7:cd:45:9f:f9:5f:62:52:82:c4:a8:b0:8f:78:
01:0b:42:32:3a:c3:d0:7e:bc:b6:96:b1:11:b6:76:
43:97:ce:79:17:bf:ab:fa:a6:9c:8a:06:be:5f:9f:
e3:cd:60:cc:43:5e:8e:a4:4e:a6:25:fe:18:2c:44:
91:be:33:42:1a:8e:8e:c1:ae:49:45:5b:d1:3f:e2:
e4:42:8f:41:bf:af:dc:aa:c6:34:42:d2:4e:b1:d7:
c5:33:b7:fb:cc:90:5d:a2:46:78:91:59:a9:8e:b3:
9e:31:97:05:d4:e0:76:32:5b:78:90:89:e7:4f:d7:
8d:6d:b4:ed:b2:a0:9b:da:42:e9:56:84:d8:82:11:
33:15:9a:28:a1:a8:41:9a:5a:9e:c2:c3:3c:df:3e:
75:5a:de:0b:48:c5:9f:fd:16:0b:52:6d:c6:30:1b:
2e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:F9:24:CD:F3:6C:30:6F:A0:18:C8:46:1B:E4:43:91:0A:F5:4A:B4
X509v3 Authority Key Identifier:
keyid:01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/YvkkzfNsMG-gGMhGG-RDkQr1SrQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:3340::/32
Signature Algorithm: sha256WithRSAEncryption
11:5e:4c:0f:d6:8a:37:2c:80:b2:32:c6:d7:84:56:44:ce:ca:
a1:2d:68:7b:ef:27:99:04:a7:d2:79:6a:3c:23:69:dc:53:68:
21:bf:d0:5c:1b:1f:fe:4b:be:f8:65:d5:14:73:54:d7:c7:ce:
48:18:6b:19:aa:4b:2d:9f:d8:27:de:4b:cc:13:60:92:12:49:
d6:2d:43:ac:7f:40:54:89:48:bd:27:74:2f:c8:90:0a:81:3f:
0e:9b:b6:1f:96:ef:71:9a:80:cd:fd:5f:ad:46:6b:cd:0f:5a:
b8:7f:d9:04:bd:16:05:d0:a5:03:ee:8d:91:f0:9c:08:af:ea:
a3:b1:4c:13:2d:1a:ad:95:97:80:25:db:8d:c1:a7:89:2e:46:
72:fd:f0:a9:0e:af:1f:2c:65:74:3b:3b:aa:63:2f:84:db:a4:
c9:77:19:2e:02:bb:0c:be:80:00:bd:dd:1f:0d:de:a2:f7:81:
bc:41:d3:a1:42:84:1b:1f:c7:a6:b0:61:37:1c:79:2c:67:ae:
1e:9c:26:cc:6a:2c:c9:88:40:36:ed:c2:b8:d1:ed:db:9b:53:
31:3c:e6:4c:dd:78:c1:f9:1b:3a:2f:b3:4e:30:2c:da:00:2c:
0a:eb:95:6b:5e:5e:91:ad:df:94:67:22:91:62:ae:18:d5:1a:
3c:d9:b2:25
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICG8owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDEy
RDQzMTdCQ0ExNjYwRjg4MDY2Rjg5MEY4QzA0QUY1NTcwMDBDQjAeFw0yNDAzMDky
MzQyMjNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYyRjkyNENERjM2QzMw
NkZBMDE4Qzg0NjFCRTQ0MzkxMEFGNTRBQjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnOpz19sZkHq2ibK23Ll8HAwJB7hZSULB6zC3R9REmL+bbWVvs
Bwrw40EBBRe2kEtQ4fN09jNLX3PkHut/WoxrPtY6aYVlBVRboB8OwzrxdMqWRmja
4vjbiOO3zUWf+V9iUoLEqLCPeAELQjI6w9B+vLaWsRG2dkOXznkXv6v6ppyKBr5f
n+PNYMxDXo6kTqYl/hgsRJG+M0Iajo7BrklFW9E/4uRCj0G/r9yqxjRC0k6x18Uz
t/vMkF2iRniRWamOs54xlwXU4HYyW3iQiedP141ttO2yoJvaQulWhNiCETMVmiih
qEGaWp7CwzzfPnVa3gtIxZ/9FgtSbcYwGy4hAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUYvkkzfNsMG+gGMhGG+RDkQr1SrQwHwYDVR0jBBgwFoAUAS1DF7yhZg+IBm+J
D4wEr1VwAMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk4
OC9BUzFERjd5aFpnLUlCbS1KRDR3RXIxVndBTXMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0FTMURGN3loWmctSUJtLUpENHdFcjFWd0FNcy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5ODgvWXZra3pmTnNNRy1n
R01oR0ctUkRrUXIxU3JRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQGM0AwDQYJKoZIhvcNAQELBQADggEBABFeTA/WijcsgLIyxteEVkTOyqEt
aHvvJ5kEp9J5ajwjadxTaCG/0FwbH/5Lvvhl1RRzVNfHzkgYaxmqSy2f2CfeS8wT
YJISSdYtQ6x/QFSJSL0ndC/IkAqBPw6bth+W73GagM39X61Ga80PWrh/2QS9FgXQ
pQPujZHwnAiv6qOxTBMtGq2Vl4Al243Bp4kuRnL98KkOrx8sZXQ7O6pjL4TbpMl3
GS4Cuwy+gAC93R8N3qL3gbxB06FChBsfx6awYTcceSxnrh6cJsxqLMmIQDbtwrjR
7dubUzE85kzdeMH5Gzovs04wLNoALArrlWteXpGt35RnIpFirhjVGjzZsiU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:48:42 2025 by rpki-client