Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/623/liJwVHX5CvBQ0_IDspeSsNb35U8.roa
File: liJwVHX5CvBQ0_IDspeSsNb35U8.roa (raw, json)
Hash identifier: wbNxUeqbgCRLEFJJbp85Z3KaXXhpmCIg2IewGiMBkRo=
Subject key identifier: 96:22:70:54:75:F9:0A:F0:50:D3:F2:03:B2:97:92:B0:D6:F7:E5:4F
Certificate issuer: /CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756
Certificate serial: 2D
Authority key identifier: DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/liJwVHX5CvBQ0_IDspeSsNb35U8.roa
Signing time: Tue 23 Apr 2024 02:40:23 +0000
ROA not before: Tue 23 Apr 2024 02:40:23 +0000
ROA not after: Tue 15 Apr 2025 09:24:38 +0000
asID: 58834
IP address blocks: 2407:9f00::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45 (0x2d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756
Validity
Not Before: Apr 23 02:40:23 2024 GMT
Not After : Apr 15 09:24:38 2025 GMT
Subject: CN=9622705475F90AF050D3F203B29792B0D6F7E54F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:2a:31:09:bd:b4:50:24:77:16:82:b0:50:33:
79:9d:9f:2f:e1:91:aa:75:7d:60:b2:69:ed:04:c7:
d3:19:75:b7:e3:35:8e:7b:1c:21:d5:7c:90:46:7b:
b8:5a:a5:1f:fd:1e:0b:3c:df:7c:12:e5:77:13:75:
bc:22:29:ef:47:8d:f2:9f:16:0d:2e:dc:f7:45:c2:
bc:d8:76:16:0c:9c:10:23:72:ef:f6:d0:72:db:e7:
7e:ee:d3:2b:1e:0b:3c:70:34:df:2f:62:fa:43:2b:
d3:28:6e:d9:60:6f:60:10:74:6a:38:65:3e:70:c4:
b5:f0:09:a6:f2:cf:61:e8:00:97:73:e5:72:37:df:
e8:ab:ff:3f:ff:b9:7a:2a:a5:41:b7:02:4a:9d:bc:
57:5f:29:df:9f:96:6d:bb:2e:2e:d7:c3:3e:ea:c8:
c2:87:60:37:0f:8e:7d:6e:be:34:ba:e7:b4:5e:05:
f7:03:0d:59:d9:3f:b5:ad:f1:1b:e9:2e:f6:7e:6d:
e7:ab:f4:4e:57:ec:1f:cb:0d:55:03:d8:d0:ce:44:
41:e7:67:b9:92:99:21:92:b8:78:4e:2a:57:f8:31:
0d:71:3e:41:e3:6b:a2:5f:81:e3:b5:2c:e9:62:a7:
96:a6:a0:3c:7a:bb:0f:bb:b3:de:69:a7:29:34:ec:
dd:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:22:70:54:75:F9:0A:F0:50:D3:F2:03:B2:97:92:B0:D6:F7:E5:4F
X509v3 Authority Key Identifier:
keyid:DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/liJwVHX5CvBQ0_IDspeSsNb35U8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9f00::/32
Signature Algorithm: sha256WithRSAEncryption
63:a2:e3:21:0f:0c:63:11:97:4c:5b:51:31:b6:f6:e1:b0:c9:
f3:fd:fd:57:50:e5:ab:49:fb:5d:25:54:8e:e8:4d:d8:40:de:
34:ab:a8:4c:9d:85:02:8f:c5:63:f4:0b:f5:ac:c0:51:63:58:
d7:6a:00:13:b8:33:44:0e:20:a6:8e:a7:dc:a8:65:4d:7f:7f:
d5:f8:c7:7b:9f:05:c3:0f:9f:3d:a2:8b:a3:99:df:bd:c7:d2:
9e:8c:b4:fa:ff:76:95:82:1f:69:49:46:08:b4:df:36:46:56:
bb:5a:a2:9d:17:52:83:85:e4:46:a8:b1:cf:f7:d7:a5:75:59:
ad:45:1b:c2:c4:45:85:05:c9:2d:d5:3d:53:cc:7b:47:30:22:
d9:32:71:7e:7a:de:5d:91:b5:8a:0d:83:3d:f6:c1:4b:bf:19:
8c:46:70:c9:4a:bf:ce:7f:35:6c:24:15:7a:ba:04:03:57:f9:
78:2d:bd:7c:06:6c:ad:90:d2:ae:69:c4:ef:a6:dd:3a:23:c9:
08:46:0e:fa:4e:6d:e6:04:45:3f:6e:0c:a7:57:3a:75:bb:d6:
ad:75:ae:5f:63:9e:3b:4d:41:5c:5a:b4:cc:c4:81:65:c3:eb:
19:98:aa:8f:2a:de:a6:1c:ee:05:cd:79:71:13:52:e7:dc:51:
ca:0f:73:ca
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgIBLTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhERUJG
QzkwMEVEQzM0RjgxREE0ODI3RjFGOUY2M0QwNEUwRTJGNzU2MB4XDTI0MDQyMzAy
NDAyM1oXDTI1MDQxNTA5MjQzOFowMzExMC8GA1UEAxMoOTYyMjcwNTQ3NUY5MEFG
MDUwRDNGMjAzQjI5NzkyQjBENkY3RTU0RjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAPsqMQm9tFAkdxaCsFAzeZ2fL+GRqnV9YLJp7QTH0xl1t+M1jnsc
IdV8kEZ7uFqlH/0eCzzffBLldxN1vCIp70eN8p8WDS7c90XCvNh2FgycECNy7/bQ
ctvnfu7TKx4LPHA03y9i+kMr0yhu2WBvYBB0ajhlPnDEtfAJpvLPYegAl3Plcjff
6Kv/P/+5eiqlQbcCSp28V18p35+WbbsuLtfDPurIwodgNw+OfW6+NLrntF4F9wMN
Wdk/ta3xG+ku9n5t56v0TlfsH8sNVQPY0M5EQednuZKZIZK4eE4qV/gxDXE+QeNr
ol+B47Us6WKnlqagPHq7D7uz3mmnKTTs3S8CAwEAAaOCAfIwggHuMB0GA1UdDgQW
BBSWInBUdfkK8FDT8gOyl5Kw1vflTzAfBgNVHSMEGDAWgBTev8kA7cNPgdpIJ/H5
9j0E4OL3VjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFwGA1UdHwRVMFMwUaBP
oE2GS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82MjMv
M3JfSkFPM0RUNEhhU0NmeC1mWTlCT0RpOTFZLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC8zcl9KQU8zRFQ0SGFTQ2Z4LWZZOUJPRGk5MVkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBnAYIKwYBBQUHAQsEgY8wgYwwVwYIKwYBBQUHMAuGS3JzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82MjMvbGlKd1ZIWDVDdkJRMF9J
RHNwZVNzTmIzNVU4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmlj
LmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMF
ACQHnwAwDQYJKoZIhvcNAQELBQADggEBAGOi4yEPDGMRl0xbUTG29uGwyfP9/VdQ
5atJ+10lVI7oTdhA3jSrqEydhQKPxWP0C/WswFFjWNdqABO4M0QOIKaOp9yoZU1/
f9X4x3ufBcMPnz2ii6OZ373H0p6MtPr/dpWCH2lJRgi03zZGVrtaop0XUoOF5Eao
sc/316V1Wa1FG8LERYUFyS3VPVPMe0cwItkycX563l2RtYoNgz32wUu/GYxGcMlK
v85/NWwkFXq6BANX+XgtvXwGbK2Q0q5pxO+m3TojyQhGDvpObeYERT9uDKdXOnW7
1q11rl9jnjtNQVxatMzEgWXD6xmYqo8q3qYc7gXNeXETUufcUcoPc8o=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:37:23 2025 by rpki-client