Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3134/5OEuFKPxJaq1YidFs9FhBAB9P64.roa
File: 5OEuFKPxJaq1YidFs9FhBAB9P64.roa (raw, json)
Hash identifier: ai6iEpYFHCC4+YcYY1ILAHS+XendDmfNBlH2O+XrO30=
Subject key identifier: E4:E1:2E:14:A3:F1:25:AA:B5:62:27:45:B3:D1:61:04:00:7D:3F:AE
Certificate issuer: /CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B
Certificate serial: 08
Authority key identifier: 1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/5OEuFKPxJaq1YidFs9FhBAB9P64.roa
Signing time: Mon 24 Jun 2024 01:34:48 +0000
ROA not before: Mon 24 Jun 2024 01:34:48 +0000
ROA not after: Tue 24 Jun 2025 01:23:54 +0000
asID: 146762
IP address blocks: 2400:5f60::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8 (0x8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B
Validity
Not Before: Jun 24 01:34:48 2024 GMT
Not After : Jun 24 01:23:54 2025 GMT
Subject: CN=E4E12E14A3F125AAB5622745B3D16104007D3FAE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:00:ef:7f:a3:67:8e:d0:68:a0:0f:02:b6:ba:
96:33:2b:c7:26:e3:9f:74:4d:59:c8:ee:4c:7a:89:
20:7e:a2:81:29:d7:1f:47:fa:99:b8:a8:42:af:4c:
50:32:be:95:1f:3a:15:01:0e:35:fa:61:27:4d:8a:
8c:00:a9:e9:d9:b5:49:60:b8:7f:ac:c7:c9:07:db:
90:33:c4:37:1f:ab:65:c9:c6:11:bb:d6:9b:57:2d:
ef:f4:9b:cc:62:c5:87:e9:11:0e:81:fd:4b:93:7e:
8c:45:eb:34:c1:d9:c0:10:eb:d4:f8:ab:fb:5b:af:
da:73:ed:4a:fe:ae:ca:72:28:96:7f:81:7a:fb:af:
c2:36:ef:72:89:d0:61:eb:7e:0d:d1:e8:52:44:db:
2d:0a:95:db:e1:5b:e0:88:a4:1f:9a:8a:31:5e:60:
cb:90:56:eb:be:5a:23:00:6c:c5:c7:fd:40:74:9a:
73:db:b7:48:a0:02:53:b4:35:6c:29:bc:33:c3:c4:
c9:d1:2f:a8:34:2c:87:78:fd:5d:5c:27:9f:de:58:
9d:e1:73:40:e4:5e:fc:45:66:47:9a:5d:16:d4:f6:
51:3a:4c:6f:f6:22:25:4c:53:02:01:be:f5:e0:d1:
11:40:5e:80:85:b8:de:76:8d:b4:c2:19:7a:bc:14:
27:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:E1:2E:14:A3:F1:25:AA:B5:62:27:45:B3:D1:61:04:00:7D:3F:AE
X509v3 Authority Key Identifier:
keyid:1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/5OEuFKPxJaq1YidFs9FhBAB9P64.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:5f60::/32
Signature Algorithm: sha256WithRSAEncryption
31:49:da:c5:b9:60:e9:5f:82:df:47:69:17:74:c9:1f:a9:e9:
2a:36:85:b4:36:e1:e2:99:61:be:da:06:d5:f8:68:1d:17:e5:
5c:e5:f3:e8:ca:40:cb:2f:de:b7:40:f9:01:85:9d:7a:90:6e:
24:e8:b6:0c:54:95:03:7f:87:9c:d8:68:f1:dd:0a:95:fb:8e:
5d:f0:74:b4:92:76:7b:0b:2c:d1:ee:00:cb:ef:17:54:6c:c9:
45:73:a3:cb:72:a1:2f:64:3d:b8:85:36:2c:35:61:af:54:31:
49:f8:25:54:f0:d5:b2:a0:15:3b:9f:35:e1:72:84:c4:57:27:
d7:d9:b5:11:73:39:b8:4b:94:e5:3a:1e:ec:8d:8e:42:f0:91:
f8:77:cc:ce:40:1e:2c:3e:6e:39:59:0c:c0:55:91:8e:08:6c:
d7:17:c9:e9:76:ef:40:53:70:53:82:6a:51:f2:da:6e:b7:1d:
30:b3:ba:1a:9b:4a:32:ea:4f:b2:f8:c4:48:dc:72:45:4c:b6:
56:0f:8c:67:be:6d:3d:5b:6f:c4:87:32:b3:6f:8b:39:01:af:
f1:6d:7e:eb:16:27:d4:24:20:07:a0:d6:8c:17:7b:a3:d3:bf:
2c:63:90:43:a6:73:0f:e7:19:4d:db:9d:c2:c2:3e:1b:99:df:
53:2f:bb:45
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgIBCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygxQkM2
RDlBOUY0QTIyNkE2MUY1RkExQTkxNjM5NDFENEIzNUJBMzVCMB4XDTI0MDYyNDAx
MzQ0OFoXDTI1MDYyNDAxMjM1NFowMzExMC8GA1UEAxMoRTRFMTJFMTRBM0YxMjVB
QUI1NjIyNzQ1QjNEMTYxMDQwMDdEM0ZBRTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALQA73+jZ47QaKAPAra6ljMrxybjn3RNWcjuTHqJIH6igSnXH0f6
mbioQq9MUDK+lR86FQEONfphJ02KjACp6dm1SWC4f6zHyQfbkDPENx+rZcnGEbvW
m1ct7/SbzGLFh+kRDoH9S5N+jEXrNMHZwBDr1Pir+1uv2nPtSv6uynIoln+Bevuv
wjbvconQYet+DdHoUkTbLQqV2+Fb4IikH5qKMV5gy5BW675aIwBsxcf9QHSac9u3
SKACU7Q1bCm8M8PEydEvqDQsh3j9XVwnn95YneFzQORe/EVmR5pdFtT2UTpMb/Yi
JUxTAgG+9eDREUBegIW43naNtMIZerwUJ7cCAwEAAaOCAfQwggHwMB0GA1UdDgQW
BBTk4S4Uo/ElqrViJ0Wz0WEEAH0/rjAfBgNVHSMEGDAWgBQbxtmp9KImph9foakW
OUHUs1ujWzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMTM0
L0c4YlpxZlNpSnFZZlg2R3BGamxCMUxOYm8xcy5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvRzhiWnFmU2lKcVlmWDZHcEZqbEIxTE5ibzFzLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEzNC81T0V1RktQeEphcTFZ
aWRGczlGaEJBQjlQNjQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH
AwUAJABfYDANBgkqhkiG9w0BAQsFAAOCAQEAMUnaxblg6V+C30dpF3TJH6npKjaF
tDbh4plhvtoG1fhoHRflXOXz6MpAyy/et0D5AYWdepBuJOi2DFSVA3+HnNho8d0K
lfuOXfB0tJJ2ewss0e4Ay+8XVGzJRXOjy3KhL2Q9uIU2LDVhr1QxSfglVPDVsqAV
O5814XKExFcn19m1EXM5uEuU5Toe7I2OQvCR+HfMzkAeLD5uOVkMwFWRjghs1xfJ
6XbvQFNwU4JqUfLabrcdMLO6GptKMupPsvjESNxyRUy2Vg+MZ75tPVtvxIcys2+L
OQGv8W1+6xYn1CQgB6DWjBd7o9O/LGOQQ6ZzD+cZTdudwsI+G5nfUy+7RQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:34:33 2025 by rpki-client