Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/bGYWsnfgxhOz8srRymbDcNYC6No.roa
File: bGYWsnfgxhOz8srRymbDcNYC6No.roa (raw, json)
Hash identifier: 7BMlof6Kv6pCQ0dbqClF/d+SqsjKir8fsOuU4qSdpK0=
Subject key identifier: 6C:66:16:B2:77:E0:C6:13:B3:F2:CA:D1:CA:66:C3:70:D6:02:E8:DA
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 16B5
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/bGYWsnfgxhOz8srRymbDcNYC6No.roa
Signing time: Tue 03 Sep 2024 08:16:44 +0000
ROA not before: Tue 03 Sep 2024 08:16:44 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5813 (0x16b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Sep 3 08:16:44 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6C6616B277E0C613B3F2CAD1CA66C370D602E8DA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:6b:c9:d0:87:78:75:ee:41:ed:df:25:52:47:
dc:df:36:65:c9:07:f6:75:8a:5c:e0:5c:a3:ff:d3:
0c:7e:4b:81:05:d3:bb:70:bb:60:94:01:34:71:b3:
bd:39:a9:9c:f6:7c:6a:f7:30:d6:03:9d:72:af:12:
a2:d9:51:71:c4:1b:db:ec:0e:61:82:d8:c8:bd:d3:
47:34:ce:e4:ca:09:ab:1f:77:51:3c:fc:42:a4:e7:
a7:01:98:28:33:b2:3b:60:19:27:d4:50:da:26:f6:
31:90:ff:0e:2f:d6:6a:3e:72:9f:f6:d7:c4:3c:f3:
0c:38:df:cb:5a:7f:6e:9c:07:b1:14:67:0b:cc:9d:
a6:54:01:9a:bb:45:82:55:5c:69:19:94:70:20:fd:
81:9c:03:a3:e0:c3:4a:35:65:9d:53:a3:89:f2:dd:
04:84:ee:9d:d1:a7:22:f5:69:97:a3:e8:86:53:19:
32:07:c0:a8:0c:ba:c8:25:d3:c5:e2:37:38:3c:8b:
9c:98:a9:d4:14:de:79:84:b7:aa:eb:be:9c:35:83:
ea:70:8a:fa:d7:30:7e:ed:17:00:aa:4e:51:af:b0:
16:36:b8:4f:31:d8:77:28:2a:79:9c:9d:95:b1:1f:
58:45:ef:a5:14:2c:38:79:38:68:b4:4f:b9:e1:68:
1d:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:66:16:B2:77:E0:C6:13:B3:F2:CA:D1:CA:66:C3:70:D6:02:E8:DA
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/bGYWsnfgxhOz8srRymbDcNYC6No.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
60:48:c9:14:3c:7e:9a:be:70:31:95:d8:3e:f6:5c:ad:12:61:
f5:f1:c5:90:be:bc:8a:49:ee:fa:be:cb:f0:4b:78:68:5d:63:
18:51:02:41:a1:6d:9c:1c:eb:a7:80:02:28:75:4b:ca:4f:fb:
38:25:6b:c4:a1:31:d1:38:89:69:84:04:e1:75:86:9f:58:cc:
a4:1a:6d:f2:26:7b:71:a6:a0:bb:e4:0c:2b:c8:20:5a:7a:7e:
38:1d:4a:a0:aa:71:54:ea:5b:7b:2b:aa:d7:ac:6b:91:97:12:
69:4f:9e:25:1f:ff:55:74:79:3e:28:95:a9:55:4d:fa:0f:8b:
5b:e7:f5:56:9b:e2:ff:f9:86:52:ca:10:e8:cb:5b:da:73:bc:
e7:18:9f:d5:b2:56:9d:ed:8e:bd:39:1f:57:c2:5d:db:32:c5:
85:4a:dc:80:44:34:e8:c5:18:b9:23:e6:e5:89:94:2a:05:b5:
38:c0:be:26:89:95:c0:a3:24:ed:f6:db:9e:16:79:57:c6:d7:
21:18:c3:c0:ac:1f:56:73:68:6d:db:53:de:e8:89:24:3f:89:
b3:76:10:2f:44:8f:34:54:5f:89:47:af:43:b1:f9:ad:de:83:
6f:8c:8e:54:df:04:c7:cf:2f:13:ad:15:07:e7:88:ca:49:88:
11:b2:16:60
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICFrUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNDA5MDMw
ODE2NDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZDNjYxNkIyNzdFMEM2
MTNCM0YyQ0FEMUNBNjZDMzcwRDYwMkU4REEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCva8nQh3h17kHt3yVSR9zfNmXJB/Z1ilzgXKP/0wx+S4EF07tw
u2CUATRxs705qZz2fGr3MNYDnXKvEqLZUXHEG9vsDmGC2Mi900c0zuTKCasfd1E8
/EKk56cBmCgzsjtgGSfUUNom9jGQ/w4v1mo+cp/218Q88ww438taf26cB7EUZwvM
naZUAZq7RYJVXGkZlHAg/YGcA6Pgw0o1ZZ1To4ny3QSE7p3RpyL1aZej6IZTGTIH
wKgMusgl08XiNzg8i5yYqdQU3nmEt6rrvpw1g+pwivrXMH7tFwCqTlGvsBY2uE8x
2HcoKnmcnZWxH1hF76UULDh5OGi0T7nhaB2tAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUbGYWsnfgxhOz8srRymbDcNYC6NowHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvYkdZV3NuZmd4aE96
OHNyUnltYkRjTllDNk5vLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAGBIyRQ8fpq+cDGV2D72XK0SYfXx
xZC+vIpJ7vq+y/BLeGhdYxhRAkGhbZwc66eAAih1S8pP+zgla8ShMdE4iWmEBOF1
hp9YzKQabfIme3GmoLvkDCvIIFp6fjgdSqCqcVTqW3srqtesa5GXEmlPniUf/1V0
eT4olalVTfoPi1vn9Vab4v/5hlLKEOjLW9pzvOcYn9WyVp3tjr05H1fCXdsyxYVK
3IBENOjFGLkj5uWJlCoFtTjAviaJlcCjJO32254WeVfG1yEYw8CsH1ZzaG3bU97o
iSQ/ibN2EC9EjzRUX4lHr0Ox+a3eg2+MjlTfBMfPLxOtFQfniMpJiBGyFmA=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:44:55 2025 by rpki-client