Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3134/dTMFnNYS9LqVMpJIioge2ooc5gE.roa
File: dTMFnNYS9LqVMpJIioge2ooc5gE.roa (raw, json)
Hash identifier: pCXNC0r3wfXitDNymXsPE77AREO+Pz310OZK4OIzz2Q=
Subject key identifier: 75:33:05:9C:D6:12:F4:BA:95:32:92:48:8A:88:1E:DA:8A:1C:E6:01
Certificate issuer: /CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B
Certificate serial: 0B
Authority key identifier: 1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/dTMFnNYS9LqVMpJIioge2ooc5gE.roa
Signing time: Mon 24 Jun 2024 07:33:55 +0000
ROA not before: Mon 24 Jun 2024 07:33:55 +0000
ROA not after: Tue 24 Jun 2025 01:23:54 +0000
asID: 146761
IP address blocks: 2400:5f60::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11 (0xb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B
Validity
Not Before: Jun 24 07:33:55 2024 GMT
Not After : Jun 24 01:23:54 2025 GMT
Subject: CN=7533059CD612F4BA953292488A881EDA8A1CE601
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:7e:12:76:b9:ef:6e:a5:0b:e5:0f:b5:a7:3a:
c9:05:13:7d:4b:80:1c:aa:0d:93:f2:29:a7:80:74:
55:fe:8b:76:38:cc:19:4c:75:d1:bd:fb:ac:31:ee:
49:6c:e0:15:f8:65:0e:81:f4:b8:8a:66:9b:83:0c:
ef:e1:62:e3:a1:ca:65:59:58:c6:c4:57:5d:44:54:
85:f8:f6:e5:3d:03:c9:38:26:d6:b4:e1:e1:8c:d9:
8a:00:99:09:35:bf:b6:7f:b7:fe:49:2a:c7:79:61:
72:47:ca:c7:8b:48:91:25:c1:a3:4e:02:e8:95:9d:
83:95:f6:3d:d2:e9:8a:4e:c7:81:dd:b7:d2:20:e9:
87:56:6e:35:10:5d:b6:e5:24:ef:2b:ab:72:0f:38:
25:e1:10:22:37:33:e8:9c:3e:c9:f4:6f:35:5e:77:
2e:cf:37:fc:a4:e9:13:a3:d2:1f:36:4f:32:e3:9f:
a3:54:2b:d3:aa:62:cb:4e:07:50:c0:2b:38:78:71:
c8:b5:9e:ad:d3:5a:fb:6d:cc:d5:16:52:a2:80:82:
5b:6a:9a:fc:18:73:de:67:10:3e:f0:b6:25:16:7d:
41:c3:29:9b:e2:d9:04:ab:51:5b:30:2e:8d:be:dc:
0a:39:52:d7:85:63:ce:35:46:ae:4e:07:fd:b2:6c:
bd:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:33:05:9C:D6:12:F4:BA:95:32:92:48:8A:88:1E:DA:8A:1C:E6:01
X509v3 Authority Key Identifier:
keyid:1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/dTMFnNYS9LqVMpJIioge2ooc5gE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:5f60::/32
Signature Algorithm: sha256WithRSAEncryption
0e:ed:7b:cd:7c:71:75:f7:43:0e:f2:4e:86:4a:73:4b:4d:3f:
69:3a:b1:80:af:12:ca:40:e4:1b:fc:99:79:34:8b:18:7f:f6:
73:bb:cd:06:be:52:b7:f6:e3:d3:af:b8:70:fa:2c:85:ed:26:
d8:7e:4a:ed:c2:67:f8:78:1b:08:99:68:f7:94:22:71:01:3c:
4a:fa:4f:15:89:d5:46:e3:67:4e:db:b5:47:12:88:8b:4c:33:
77:ff:c6:5d:9a:b2:68:f0:0f:50:68:c8:99:b1:50:12:b3:47:
b2:41:8e:1c:9f:ec:23:87:05:38:59:d5:77:86:c7:bf:7f:0e:
14:55:b5:35:a1:48:a4:ea:62:00:4e:f0:49:bb:4b:98:da:e6:
4f:47:59:d4:70:d6:6b:75:ae:ef:85:71:ef:3a:c1:83:f7:a9:
1b:57:06:39:69:1f:4c:44:64:2d:ae:64:e1:dc:5c:d7:9a:39:
66:2e:37:c2:86:ab:3b:69:6a:ab:20:7c:89:cb:35:1d:0f:e1:
5e:52:7b:bf:3c:d4:b0:0c:35:7a:ba:63:89:94:09:b3:c0:44:
76:e3:35:28:e2:0b:4b:ab:d4:04:a5:a6:e4:e9:e7:bf:06:ec:
36:ab:c8:51:6d:4b:82:70:2f:9a:6f:a3:ea:c2:c5:32:9f:6c:
04:3d:20:51
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgIBCzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygxQkM2
RDlBOUY0QTIyNkE2MUY1RkExQTkxNjM5NDFENEIzNUJBMzVCMB4XDTI0MDYyNDA3
MzM1NVoXDTI1MDYyNDAxMjM1NFowMzExMC8GA1UEAxMoNzUzMzA1OUNENjEyRjRC
QTk1MzI5MjQ4OEE4ODFFREE4QTFDRTYwMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAOF+Ena5726lC+UPtac6yQUTfUuAHKoNk/Ipp4B0Vf6LdjjMGUx1
0b37rDHuSWzgFfhlDoH0uIpmm4MM7+Fi46HKZVlYxsRXXURUhfj25T0DyTgm1rTh
4YzZigCZCTW/tn+3/kkqx3lhckfKx4tIkSXBo04C6JWdg5X2PdLpik7Hgd230iDp
h1ZuNRBdtuUk7yurcg84JeEQIjcz6Jw+yfRvNV53Ls83/KTpE6PSHzZPMuOfo1Qr
06piy04HUMArOHhxyLWerdNa+23M1RZSooCCW2qa/Bhz3mcQPvC2JRZ9QcMpm+LZ
BKtRWzAujb7cCjlS14VjzjVGrk4H/bJsvVcCAwEAAaOCAfQwggHwMB0GA1UdDgQW
BBR1MwWc1hL0upUykkiKiB7aihzmATAfBgNVHSMEGDAWgBQbxtmp9KImph9foakW
OUHUs1ujWzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMTM0
L0c4YlpxZlNpSnFZZlg2R3BGamxCMUxOYm8xcy5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvRzhiWnFmU2lKcVlmWDZHcEZqbEIxTE5ibzFzLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEzNC9kVE1Gbk5ZUzlMcVZN
cEpJaW9nZTJvb2M1Z0Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH
AwUAJABfYDANBgkqhkiG9w0BAQsFAAOCAQEADu17zXxxdfdDDvJOhkpzS00/aTqx
gK8SykDkG/yZeTSLGH/2c7vNBr5St/bj06+4cPoshe0m2H5K7cJn+HgbCJlo95Qi
cQE8SvpPFYnVRuNnTtu1RxKIi0wzd//GXZqyaPAPUGjImbFQErNHskGOHJ/sI4cF
OFnVd4bHv38OFFW1NaFIpOpiAE7wSbtLmNrmT0dZ1HDWa3Wu74Vx7zrBg/epG1cG
OWkfTERkLa5k4dxc15o5Zi43woarO2lqqyB8ics1HQ/hXlJ7vzzUsAw1erpjiZQJ
s8BEduM1KOILS6vUBKWm5OnnvwbsNqvIUW1LgnAvmm+j6sLFMp9sBD0gUQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:45:13 2025 by rpki-client