Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/561/tBvcwWRGb-qYTTnVrha35aS_C6g.roa
File: tBvcwWRGb-qYTTnVrha35aS_C6g.roa (raw, json)
Hash identifier: l4QU1iZ1dI6f05fPWx9IBlxzwuXa1Kiezx2NFUFPfcE=
Subject key identifier: B4:1B:DC:C1:64:46:6F:EA:98:4D:39:D5:AE:16:B7:E5:A4:BF:0B:A8
Certificate issuer: /CN=83E77F37B3B93850835BAA30EE8FC12D55F87054
Certificate serial: 1731
Authority key identifier: 83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/tBvcwWRGb-qYTTnVrha35aS_C6g.roa
Signing time: Fri 24 May 2024 02:26:44 +0000
ROA not before: Fri 24 May 2024 02:26:44 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 4808
IP address blocks: 2406:4d00::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5937 (0x1731)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83E77F37B3B93850835BAA30EE8FC12D55F87054
Validity
Not Before: May 24 02:26:44 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B41BDCC164466FEA984D39D5AE16B7E5A4BF0BA8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:22:c0:c8:ff:e5:31:45:bc:de:7f:4c:8b:57:
a1:00:4d:d1:85:56:88:f4:f9:93:79:a9:c3:ff:0a:
6a:58:a6:03:3b:bc:36:64:e2:a1:b1:a5:ca:45:2f:
6f:8c:d8:ac:58:c1:45:f6:97:ec:bc:6e:b7:c1:16:
c5:f0:43:7f:fb:6b:8b:13:b3:4f:ec:98:80:dc:05:
93:39:bb:b6:70:55:89:5d:c8:29:6c:02:bc:dc:e2:
9f:61:7d:d9:1b:6c:d2:42:c7:2b:7b:b9:45:d8:d3:
19:0b:32:25:36:49:4f:4f:2f:fe:97:93:0b:0f:7e:
bd:ac:f8:47:81:c4:4b:41:30:d8:09:cb:ca:3c:fa:
13:0c:46:84:86:c6:22:e0:86:c8:dc:73:44:c4:ea:
9b:97:78:20:91:1d:93:c3:38:56:07:82:61:31:32:
c6:15:9d:ed:40:54:78:90:0b:2b:85:5c:89:68:48:
66:1b:3e:e2:c1:cd:e0:da:16:f3:26:86:e6:b2:c8:
64:74:ec:a0:4f:1c:91:d2:da:bd:be:03:6c:70:77:
bc:ce:e6:a8:0b:1e:ad:c1:fb:f3:40:bb:9a:97:16:
c2:7f:ab:59:20:38:1a:8b:5d:8e:8f:29:6c:e3:83:
dd:6d:e9:a6:61:8b:33:b2:e7:81:a3:07:2d:0a:ba:
2f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:1B:DC:C1:64:46:6F:EA:98:4D:39:D5:AE:16:B7:E5:A4:BF:0B:A8
X509v3 Authority Key Identifier:
keyid:83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/tBvcwWRGb-qYTTnVrha35aS_C6g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:4d00::/48
Signature Algorithm: sha256WithRSAEncryption
98:08:a2:e1:d0:71:ed:25:73:1b:f8:07:38:44:46:d8:47:18:
11:f4:58:2d:93:26:d1:ea:b3:56:34:ea:85:9b:5a:be:d0:96:
48:9b:1e:5f:42:a2:88:ef:a1:30:19:19:30:38:28:8a:7c:bb:
7c:86:ba:5b:f4:a3:c6:57:73:1c:c9:a9:32:26:f9:7b:d4:e7:
5d:4c:6c:e8:d8:da:10:78:04:31:b8:1e:71:26:ab:02:05:82:
85:d7:e7:f9:fa:b6:f8:a4:40:5d:fb:15:13:59:9b:c3:5c:c3:
74:10:47:87:fb:49:b6:cb:7a:a8:94:fa:3c:a5:02:99:7d:90:
5f:8c:ab:40:68:1a:a2:e8:76:d9:bb:ca:da:57:c1:ba:55:b9:
5e:9e:9b:dc:28:92:04:8a:0c:fa:0b:58:f0:78:2b:1b:ad:7b:
66:80:fd:27:5a:6e:20:26:6a:c2:6c:fd:61:37:b8:c4:9b:cc:
1f:13:e6:c5:68:13:c9:43:0a:68:b2:80:83:42:e2:92:54:81:
60:57:50:38:27:4a:5a:76:7a:80:e6:ef:f7:7b:35:06:4b:8a:
8f:c7:85:96:f9:71:cb:31:19:89:f4:f8:ce:76:ac:3c:a9:4a:
76:cc:40:43:57:93:57:7a:2d:40:6f:2a:c8:08:22:b6:37:2a:
3c:b0:e6:d6
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICFzEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODNF
NzdGMzdCM0I5Mzg1MDgzNUJBQTMwRUU4RkMxMkQ1NUY4NzA1NDAeFw0yNDA1MjQw
MjI2NDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI0MUJEQ0MxNjQ0NjZG
RUE5ODREMzlENUFFMTZCN0U1QTRCRjBCQTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfIsDI/+UxRbzef0yLV6EATdGFVoj0+ZN5qcP/CmpYpgM7vDZk
4qGxpcpFL2+M2KxYwUX2l+y8brfBFsXwQ3/7a4sTs0/smIDcBZM5u7ZwVYldyCls
Arzc4p9hfdkbbNJCxyt7uUXY0xkLMiU2SU9PL/6XkwsPfr2s+EeBxEtBMNgJy8o8
+hMMRoSGxiLghsjcc0TE6puXeCCRHZPDOFYHgmExMsYVne1AVHiQCyuFXIloSGYb
PuLBzeDaFvMmhuayyGR07KBPHJHS2r2+A2xwd7zO5qgLHq3B+/NAu5qXFsJ/q1kg
OBqLXY6PKWzjg91t6aZhizOy54GjBy0Kui8rAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUtBvcwWRGb+qYTTnVrha35aS/C6gwHwYDVR0jBBgwFoAUg+d/N7O5OFCDW6ow
7o/BLVX4cFQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYx
L2ctZF9ON081T0ZDRFc2b3c3b19CTFZYNGNGUS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZy1kX043TzVPRkNEVzZvdzdvX0JMVlg0Y0ZRLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYxL3RCdmN3V1JHYi1xWVRU
blZyaGEzNWFTX0M2Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAkBk0AAAAwDQYJKoZIhvcNAQELBQADggEBAJgIouHQce0lcxv4BzhERthHGBH0
WC2TJtHqs1Y06oWbWr7QlkibHl9CoojvoTAZGTA4KIp8u3yGulv0o8ZXcxzJqTIm
+XvU511MbOjY2hB4BDG4HnEmqwIFgoXX5/n6tvikQF37FRNZm8Ncw3QQR4f7SbbL
eqiU+jylApl9kF+Mq0BoGqLodtm7ytpXwbpVuV6em9wokgSKDPoLWPB4Kxute2aA
/SdabiAmasJs/WE3uMSbzB8T5sVoE8lDCmiygINC4pJUgWBXUDgnSlp2eoDm7/d7
NQZLio/HhZb5ccsxGYn0+M52rDypSnbMQENXk1d6LUBvKsgIIrY3Kjyw5tY=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:33 2025 by rpki-client