Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/33/_HchNpPiucZHjxJdDgfsWKt7Xog.roa
File: _HchNpPiucZHjxJdDgfsWKt7Xog.roa (raw, json)
Hash identifier: kNUEHg8rOTa/hcGFTUV8dhvSGXIDG9kOTkD9ixsnoLs=
Subject key identifier: FC:77:21:36:93:E2:B9:C6:47:8F:12:5D:0E:07:EC:58:AB:7B:5E:88
Certificate issuer: /CN=2C0314DFDED41AB611D99F542063982FE38080BA
Certificate serial: AA
Authority key identifier: 2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/_HchNpPiucZHjxJdDgfsWKt7Xog.roa
Signing time: Thu 16 May 2024 08:15:47 +0000
ROA not before: Thu 16 May 2024 08:15:47 +0000
ROA not after: Tue 15 Apr 2025 07:02:50 +0000
asID: 7641
IP address blocks: 2403:600::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 170 (0xaa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2C0314DFDED41AB611D99F542063982FE38080BA
Validity
Not Before: May 16 08:15:47 2024 GMT
Not After : Apr 15 07:02:50 2025 GMT
Subject: CN=FC77213693E2B9C6478F125D0E07EC58AB7B5E88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:a5:d5:70:cb:4f:d6:88:91:4b:2d:6b:fe:9e:
b5:c1:17:d1:5e:15:35:f2:8e:c5:b0:3f:3e:6b:57:
9d:82:44:f6:cf:af:d2:f7:de:70:4f:25:75:67:d4:
a0:42:3d:46:e1:9f:76:58:b4:b0:04:3d:eb:38:df:
92:d1:f2:63:45:5b:db:1a:04:a4:30:21:ff:c2:e5:
96:86:e9:51:29:a0:60:c6:4f:9a:1d:db:03:6d:fb:
51:7f:d2:91:bb:d1:b1:bd:54:78:22:58:90:f9:4e:
52:e0:49:53:d6:2f:a7:a3:db:86:69:df:91:32:04:
a4:d9:74:dc:38:2d:5d:be:d8:f1:87:82:6a:55:a1:
1b:fb:21:d7:03:95:81:c8:c4:79:22:00:ca:c6:14:
5a:7b:63:97:78:9f:19:48:c6:ca:a8:11:43:25:2f:
ca:60:7b:de:f0:80:ea:f4:d0:c8:61:61:5b:69:fd:
d3:62:f8:a4:49:6e:6d:a0:4b:25:5c:13:06:5a:b9:
2c:dc:59:9a:4f:ca:f0:db:91:12:b0:3e:6e:86:fa:
0f:a1:3d:47:13:37:d6:c6:1f:c1:53:6f:6b:b6:e9:
0b:35:10:ba:b9:5d:02:06:2e:9c:7b:87:07:2a:00:
d3:74:b6:58:83:11:cf:f5:32:21:d3:75:5e:d8:84:
21:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:77:21:36:93:E2:B9:C6:47:8F:12:5D:0E:07:EC:58:AB:7B:5E:88
X509v3 Authority Key Identifier:
keyid:2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/_HchNpPiucZHjxJdDgfsWKt7Xog.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:600::/32
Signature Algorithm: sha256WithRSAEncryption
9a:38:17:39:c8:04:84:52:8d:77:96:90:9b:ed:c8:ba:17:5d:
35:7f:05:b9:db:4b:d0:96:4c:45:5c:d6:18:66:0c:62:19:f7:
2f:4b:18:cd:5a:d5:84:22:18:68:c2:f8:30:1a:28:04:aa:ea:
3b:92:3e:0e:bc:3f:a6:cb:5d:a3:ea:ef:2a:c4:54:0c:b0:55:
2d:5a:33:76:da:80:74:aa:5b:34:d1:fb:82:6a:3a:b0:9f:ed:
61:45:a0:10:90:5b:00:4b:a4:23:4d:8e:06:8d:9b:1b:29:63:
c0:7c:ec:af:6c:93:ef:7c:04:00:8d:63:d5:e2:c4:c4:2c:21:
14:16:a4:ff:d6:ef:df:32:01:40:e2:58:fa:a7:34:e3:56:7e:
7f:99:1c:b0:f3:3d:38:36:c7:f2:5e:d7:c0:76:7b:4a:92:0c:
00:f9:b3:9a:e5:93:96:12:cb:4c:bd:77:4b:7f:9a:05:e8:d3:
bb:32:d9:66:21:da:28:5d:cc:c9:0e:d2:b5:35:9c:df:78:49:
be:00:72:da:f0:67:65:24:ed:7a:9b:af:96:4d:79:77:7b:d7:
f4:b4:36:9e:fa:aa:4f:2f:83:c9:eb:0c:52:ea:3a:f3:13:eb:
e7:bf:57:ee:50:95:cb:c4:b8:5c:4c:48:5a:c4:c6:97:f1:cd:
66:11:29:4d
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICAKowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkMw
MzE0REZERUQ0MUFCNjExRDk5RjU0MjA2Mzk4MkZFMzgwODBCQTAeFw0yNDA1MTYw
ODE1NDdaFw0yNTA0MTUwNzAyNTBaMDMxMTAvBgNVBAMTKEZDNzcyMTM2OTNFMkI5
QzY0NzhGMTI1RDBFMDdFQzU4QUI3QjVFODgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDwpdVwy0/WiJFLLWv+nrXBF9FeFTXyjsWwPz5rV52CRPbPr9L3
3nBPJXVn1KBCPUbhn3ZYtLAEPes435LR8mNFW9saBKQwIf/C5ZaG6VEpoGDGT5od
2wNt+1F/0pG70bG9VHgiWJD5TlLgSVPWL6ej24Zp35EyBKTZdNw4LV2+2PGHgmpV
oRv7IdcDlYHIxHkiAMrGFFp7Y5d4nxlIxsqoEUMlL8pge97wgOr00MhhYVtp/dNi
+KRJbm2gSyVcEwZauSzcWZpPyvDbkRKwPm6G+g+hPUcTN9bGH8FTb2u26Qs1ELq5
XQIGLpx7hwcqANN0tliDEc/1MiHTdV7YhCHBAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU/HchNpPiucZHjxJdDgfsWKt7XogwHwYDVR0jBBgwFoAULAMU397UGrYR2Z9U
IGOYL+OAgLowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMv
TEFNVTM5N1VHcllSMlo5VUlHT1lMLU9BZ0xvLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MQU1VMzk3VUdyWVIyWjlVSUdPWUwtT0FnTG8uY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMy9fSGNoTnBQaXVjWkhqeEpk
RGdmc1dLdDdYb2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
JAMGADANBgkqhkiG9w0BAQsFAAOCAQEAmjgXOcgEhFKNd5aQm+3IuhddNX8FudtL
0JZMRVzWGGYMYhn3L0sYzVrVhCIYaML4MBooBKrqO5I+Drw/pstdo+rvKsRUDLBV
LVozdtqAdKpbNNH7gmo6sJ/tYUWgEJBbAEukI02OBo2bGyljwHzsr2yT73wEAI1j
1eLExCwhFBak/9bv3zIBQOJY+qc041Z+f5kcsPM9ODbH8l7XwHZ7SpIMAPmzmuWT
lhLLTL13S3+aBejTuzLZZiHaKF3MyQ7StTWc33hJvgBy2vBnZSTtepuvlk15d3vX
9LQ2nvqqTy+DyesMUuo68xPr579X7lCVy8S4XExIWsTGl/HNZhEpTQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:39:49 2025 by rpki-client