Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/IfCOZ9JdW2uzSt64Qiykk8CtwfA.roa
File: IfCOZ9JdW2uzSt64Qiykk8CtwfA.roa (raw, json)
Hash identifier: 1o3jTGd6o/QJYKZ7aFuI+GrKdTVtAKWJSz70apIWZtY=
Subject key identifier: 21:F0:8E:67:D2:5D:5B:6B:B3:4A:DE:B8:42:2C:A4:93:C0:AD:C1:F0
Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Certificate serial: 16FA
Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/IfCOZ9JdW2uzSt64Qiykk8CtwfA.roa
Signing time: Wed 13 Mar 2024 01:21:50 +0000
ROA not before: Wed 13 Mar 2024 01:21:50 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 4811
IP address blocks: 2401:3480:2000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5882 (0x16fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Validity
Not Before: Mar 13 01:21:50 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=21F08E67D25D5B6BB34ADEB8422CA493C0ADC1F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4f:bb:0d:be:93:09:22:1f:f2:cc:70:bb:15:
ce:82:94:8e:68:7f:ae:86:b5:20:8e:51:d1:30:5a:
cc:45:4f:57:47:89:e8:65:29:81:ed:ea:8c:dc:9b:
9c:f6:3f:4b:e5:18:a3:63:ac:2f:b1:b8:0b:f8:c7:
f5:24:17:de:99:fb:73:2f:c8:cd:1c:13:5a:21:19:
7d:57:82:d6:3e:0f:0e:df:79:24:79:48:75:ad:e6:
62:a1:99:21:22:46:00:f4:e7:cd:c4:67:99:a4:98:
a1:cb:4a:b0:4a:e4:62:a2:2c:bc:f2:81:04:7b:37:
ce:3c:62:83:43:d5:2a:f9:12:ae:85:5f:51:70:71:
16:51:49:71:d2:70:1b:32:d7:0b:23:7c:dd:69:39:
7a:06:91:67:97:0c:2a:4e:56:b7:d7:e6:ad:d3:9b:
f0:da:d9:36:69:39:ce:97:d7:fd:b7:48:11:20:f8:
92:7d:e3:df:b4:df:01:8b:9c:f2:ce:e7:2d:a5:dd:
2d:ca:46:b6:55:f9:90:12:98:d2:ac:bf:68:01:4d:
02:a7:e5:e5:1e:53:6c:48:da:ed:b1:85:9e:3b:9a:
45:64:8d:ca:e4:d8:76:f6:01:77:02:47:f4:5b:05:
7f:24:1a:78:48:1d:48:03:40:48:66:1d:7c:2a:98:
b5:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:F0:8E:67:D2:5D:5B:6B:B3:4A:DE:B8:42:2C:A4:93:C0:AD:C1:F0
X509v3 Authority Key Identifier:
keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/IfCOZ9JdW2uzSt64Qiykk8CtwfA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:3480:2000::/48
Signature Algorithm: sha256WithRSAEncryption
44:d2:c5:c4:75:de:21:3f:ad:07:1e:aa:12:0c:11:de:69:7c:
13:80:dd:ec:22:9e:9d:3d:1e:6d:cd:d3:b0:84:02:ab:7f:e0:
4e:90:99:e5:1f:9d:c5:49:56:7b:33:cb:14:cc:cf:ff:83:45:
02:94:60:9a:29:34:42:1a:0e:4c:4e:10:eb:10:f2:58:b0:a8:
e1:20:b9:9d:f3:6c:74:6b:f4:84:9d:49:6d:89:1c:8a:73:76:
80:21:16:6f:e4:4e:54:39:ae:36:d9:17:88:3e:8d:70:8d:6e:
b1:9e:66:ab:69:2f:e5:a1:e2:7f:cc:14:3c:02:dc:f3:3e:2e:
ee:f6:c5:80:f8:dc:74:59:25:f2:41:6f:22:df:7d:e6:4a:bd:
4d:eb:a7:0c:52:ba:ca:9e:94:35:26:e9:bb:c2:e7:32:b4:2f:
e2:2e:95:9f:b4:98:d4:3d:98:b5:cb:5b:c8:ef:7c:13:79:72:
f9:9a:42:76:4e:15:18:8b:18:ed:51:98:06:70:1c:ee:6e:f4:
0c:8a:7d:7c:fe:4c:7f:45:8d:34:e5:2f:c2:df:a4:39:df:3e:
4a:3d:e2:bb:33:93:75:ba:86:5e:61:1f:04:49:e8:48:55:40:
dd:01:bd:ad:26:e0:ea:15:9e:ef:5c:39:90:b8:c3:c8:41:d5:
20:12:2c:a1
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICFvowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3
MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNDAzMTMw
MTIxNTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIxRjA4RTY3RDI1RDVC
NkJCMzRBREVCODQyMkNBNDkzQzBBREMxRjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+T7sNvpMJIh/yzHC7Fc6ClI5of66GtSCOUdEwWsxFT1dHiehl
KYHt6ozcm5z2P0vlGKNjrC+xuAv4x/UkF96Z+3MvyM0cE1ohGX1XgtY+Dw7feSR5
SHWt5mKhmSEiRgD0583EZ5mkmKHLSrBK5GKiLLzygQR7N848YoND1Sr5Eq6FX1Fw
cRZRSXHScBsy1wsjfN1pOXoGkWeXDCpOVrfX5q3Tm/Da2TZpOc6X1/23SBEg+JJ9
49+03wGLnPLO5y2l3S3KRrZV+ZASmNKsv2gBTQKn5eUeU2xI2u2xhZ47mkVkjcrk
2Hb2AXcCR/RbBX8kGnhIHUgDQEhmHXwqmLVRAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUIfCOZ9JdW2uzSt64Qiykk8CtwfAwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI
l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3
L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L0lmQ09aOUpkVzJ1elN0
NjRRaXlrazhDdHdmQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAkATSAIAAwDQYJKoZIhvcNAQELBQADggEBAETSxcR13iE/rQceqhIMEd5pfBOA
3ewinp09Hm3N07CEAqt/4E6QmeUfncVJVnszyxTMz/+DRQKUYJopNEIaDkxOEOsQ
8liwqOEguZ3zbHRr9ISdSW2JHIpzdoAhFm/kTlQ5rjbZF4g+jXCNbrGeZqtpL+Wh
4n/MFDwC3PM+Lu72xYD43HRZJfJBbyLffeZKvU3rpwxSusqelDUm6bvC5zK0L+Iu
lZ+0mNQ9mLXLW8jvfBN5cvmaQnZOFRiLGO1RmAZwHO5u9AyKfXz+TH9FjTTlL8Lf
pDnfPko94rszk3W6hl5hHwRJ6EhVQN0Bva0m4OoVnu9cOZC4w8hB1SASLKE=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:44:37 2025 by rpki-client