Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/KebNhNqHYlNdAxB9cgzJuTzHbFs.roa
File: KebNhNqHYlNdAxB9cgzJuTzHbFs.roa (raw, json)
Hash identifier: 5TjKvSC7WlvKE6HkDjGaROjX06WQePtjRheVhtqxHWo=
Subject key identifier: 29:E6:CD:84:DA:87:62:53:5D:03:10:7D:72:0C:C9:B9:3C:C7:6C:5B
Certificate issuer: /CN=9A5C74AE3F8CD3B679AC56C473F450378591926B
Certificate serial: 1C81
Authority key identifier: 9A:5C:74:AE:3F:8C:D3:B6:79:AC:56:C4:73:F4:50:37:85:91:92:6B
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mlx0rj-M07Z5rFbEc_RQN4WRkms.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/KebNhNqHYlNdAxB9cgzJuTzHbFs.roa
Signing time: Fri 17 Jan 2025 01:23:28 +0000
ROA not before: Fri 17 Jan 2025 01:23:28 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 9391
IP address blocks: 2402:ae00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7297 (0x1c81)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9A5C74AE3F8CD3B679AC56C473F450378591926B
Validity
Not Before: Jan 17 01:23:28 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=29E6CD84DA8762535D03107D720CC9B93CC76C5B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3b:6d:0c:f4:3c:7d:10:02:68:b6:4e:dd:c3:
d0:6b:18:16:c3:37:ce:88:f3:1a:54:bb:8d:65:29:
14:73:e5:73:61:cf:64:88:6a:08:56:c9:6d:2d:32:
08:46:21:b8:9f:00:04:79:03:e8:c9:07:be:ec:36:
93:28:5e:f1:c3:30:a8:b1:40:22:be:7d:b8:77:c9:
6c:ce:be:94:9a:df:5e:89:28:9f:c4:83:a9:03:26:
87:a1:be:ca:c7:65:24:dc:06:dd:35:eb:20:ca:f1:
e6:5c:27:ed:4a:d4:5e:aa:a1:0b:f4:d3:3d:ac:0f:
42:01:af:1f:2c:e8:db:c8:c3:1c:67:53:f0:10:7b:
90:a6:96:a7:63:6a:b0:f0:40:fc:b7:29:d7:5a:59:
1c:77:e7:94:54:8d:0b:e1:73:4e:f5:ae:a6:49:63:
77:34:b4:8a:42:11:2b:57:89:1e:08:a2:9c:bf:ca:
39:13:8b:88:8b:db:98:9f:e3:47:77:67:5c:58:fe:
b9:1e:53:0c:40:9e:39:9d:37:70:39:46:54:77:46:
79:75:50:f2:ae:48:c8:48:c6:d8:86:72:bc:55:f2:
3e:bd:b1:5f:1e:1c:8a:14:7f:97:89:1f:f7:5e:ab:
18:5e:ea:d3:1a:5f:7d:ee:8f:6d:7c:3a:9d:17:c5:
db:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:E6:CD:84:DA:87:62:53:5D:03:10:7D:72:0C:C9:B9:3C:C7:6C:5B
X509v3 Authority Key Identifier:
keyid:9A:5C:74:AE:3F:8C:D3:B6:79:AC:56:C4:73:F4:50:37:85:91:92:6B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/mlx0rj-M07Z5rFbEc_RQN4WRkms.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mlx0rj-M07Z5rFbEc_RQN4WRkms.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/KebNhNqHYlNdAxB9cgzJuTzHbFs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:ae00::/32
Signature Algorithm: sha256WithRSAEncryption
b0:43:70:6d:22:b6:d9:f3:dc:5e:36:3e:f6:bb:e5:0a:10:78:
29:b6:37:e1:88:ae:bc:ca:30:cd:83:6b:86:85:ac:ce:5c:de:
df:e9:b5:06:a1:f0:39:70:73:0c:c7:7d:f5:70:04:47:b0:54:
ba:3f:c8:ee:29:67:01:a8:89:58:5c:8b:f2:55:0d:f4:79:ee:
90:f9:27:f2:5d:a2:2c:7c:b6:fd:a8:36:dd:aa:42:80:b1:ae:
c0:63:11:fd:b4:2b:53:d6:8b:25:0f:b7:ea:ce:eb:e3:ad:b6:
47:46:06:d6:af:04:8d:df:24:64:04:5e:49:7e:17:15:49:c5:
9d:c3:41:e3:57:e6:00:0d:f8:92:02:23:b8:f5:a8:7b:d7:8a:
6d:ba:43:69:de:1f:9d:7d:7a:f1:ef:5e:5b:10:66:35:1a:13:
5f:15:24:79:f7:3f:ec:76:23:e3:d1:94:c2:16:69:59:25:10:
73:35:6a:b9:b8:bf:6b:4f:a7:e2:73:a2:75:7f:bb:6c:2d:51:
d6:78:73:f6:25:76:60:9b:53:32:f1:7e:8d:9c:57:53:0a:a5:
3f:7c:50:58:0e:7e:3f:24:ef:00:68:fe:3c:da:fb:e5:d9:80:
8f:6e:99:fa:60:8f:61:f1:a1:19:86:6d:52:98:f8:8c:76:15:
58:2e:1a:9c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICHIEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUE1
Qzc0QUUzRjhDRDNCNjc5QUM1NkM0NzNGNDUwMzc4NTkxOTI2QjAeFw0yNTAxMTcw
MTIzMjhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDI5RTZDRDg0REE4NzYy
NTM1RDAzMTA3RDcyMENDOUI5M0NDNzZDNUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwO20M9Dx9EAJotk7dw9BrGBbDN86I8xpUu41lKRRz5XNhz2SI
aghWyW0tMghGIbifAAR5A+jJB77sNpMoXvHDMKixQCK+fbh3yWzOvpSa316JKJ/E
g6kDJoehvsrHZSTcBt016yDK8eZcJ+1K1F6qoQv00z2sD0IBrx8s6NvIwxxnU/AQ
e5CmlqdjarDwQPy3KddaWRx355RUjQvhc071rqZJY3c0tIpCEStXiR4Iopy/yjkT
i4iL25if40d3Z1xY/rkeUwxAnjmdN3A5RlR3Rnl1UPKuSMhIxtiGcrxV8j69sV8e
HIoUf5eJH/deqxhe6tMaX33uj218Op0XxdtfAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUKebNhNqHYlNdAxB9cgzJuTzHbFswHwYDVR0jBBgwFoAUmlx0rj+M07Z5rFbE
c/RQN4WRkmswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
bWx4MHJqLU0wN1o1ckZiRWNfUlFONFdSa21zLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9tbHgwcmotTTA3WjVyRmJFY19SUU40V1JrbXMuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9LZWJOaE5xSFlsTmRBeEI5
Y2d6SnVUekhiRnMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
JAKuADANBgkqhkiG9w0BAQsFAAOCAQEAsENwbSK22fPcXjY+9rvlChB4KbY34Yiu
vMowzYNrhoWszlze3+m1BqHwOXBzDMd99XAER7BUuj/I7ilnAaiJWFyL8lUN9Hnu
kPkn8l2iLHy2/ag23apCgLGuwGMR/bQrU9aLJQ+36s7r4622R0YG1q8Ejd8kZARe
SX4XFUnFncNB41fmAA34kgIjuPWoe9eKbbpDad4fnX168e9eWxBmNRoTXxUkefc/
7HYj49GUwhZpWSUQczVqubi/a0+n4nOidX+7bC1R1nhz9iV2YJtTMvF+jZxXUwql
P3xQWA5+PyTvAGj+PNr75dmAj26Z+mCPYfGhGYZtUpj4jHYVWC4anA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:32 2025 by rpki-client