Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/l-OcCesTSuBdO5IoSKzcBLmGV3I.roa
File: l-OcCesTSuBdO5IoSKzcBLmGV3I.roa (raw, json)
Hash identifier: V+qfdOP7fF5YPbI2fv4sNhq08smvoF+WOztOV3zR7uI=
Subject key identifier: 97:E3:9C:09:EB:13:4A:E0:5D:3B:92:28:48:AC:DC:04:B9:86:57:72
Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Certificate serial: 16FB
Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/l-OcCesTSuBdO5IoSKzcBLmGV3I.roa
Signing time: Wed 13 Mar 2024 01:21:50 +0000
ROA not before: Wed 13 Mar 2024 01:21:50 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 23724
IP address blocks: 2401:3480::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5883 (0x16fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Validity
Not Before: Mar 13 01:21:50 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=97E39C09EB134AE05D3B922848ACDC04B9865772
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e8:09:0a:f4:1f:5f:a4:96:33:b9:bb:43:11:
05:f7:6f:cd:19:f4:19:55:04:40:21:cf:a3:90:e7:
b9:77:45:e3:f9:5e:cc:a0:d1:a5:42:4b:f1:1d:8b:
dd:42:7a:d3:aa:6d:f8:5c:29:ee:33:5e:c7:9f:9b:
06:bf:9c:36:4d:27:11:58:8b:32:19:7f:16:53:2a:
e8:00:6c:0a:0a:fb:09:fc:da:fa:a0:41:5c:84:19:
7e:bf:f2:67:f6:93:b0:79:6a:ba:53:76:fd:62:33:
e9:c8:54:1f:29:63:c3:0f:94:96:06:c6:f4:8a:62:
50:e4:c6:23:bf:66:74:aa:16:8d:54:7f:d5:cf:37:
62:70:94:1a:0e:ef:b5:25:24:cc:cb:e1:64:37:8c:
84:71:cc:18:e1:59:2e:aa:01:20:e4:38:76:57:96:
04:26:9b:fa:06:1d:a0:9f:c4:d4:99:9c:fe:87:f9:
b1:d7:6b:59:b6:27:ea:88:1a:a2:4e:e7:75:29:54:
4b:e8:8a:c8:8c:8d:58:4f:1d:73:6f:5f:66:de:71:
b2:3f:19:f2:50:f1:ea:f6:1f:f5:d9:3e:72:bc:22:
5a:3e:d5:95:fe:20:75:f7:88:b7:9c:aa:fb:13:1e:
78:74:ca:12:f1:b8:f1:e0:e8:86:f3:f5:b3:bc:3d:
80:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:E3:9C:09:EB:13:4A:E0:5D:3B:92:28:48:AC:DC:04:B9:86:57:72
X509v3 Authority Key Identifier:
keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/l-OcCesTSuBdO5IoSKzcBLmGV3I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:3480::/36
Signature Algorithm: sha256WithRSAEncryption
46:ca:ec:a5:f1:c0:e3:53:ca:9c:df:af:0e:e2:b9:27:9b:cf:
de:6b:63:e7:38:81:be:52:fc:f5:93:17:90:d4:0a:f6:d5:cd:
64:07:7a:a6:d6:3e:70:44:94:d8:7e:c0:ce:15:61:1b:90:7b:
e2:6c:64:57:e1:f5:12:36:a7:65:33:22:c6:6e:a0:65:29:32:
86:27:0d:ee:be:c6:fb:13:b4:f5:9b:63:3a:e3:04:6c:b7:e5:
7e:03:52:7c:3a:a3:39:04:bb:6b:12:0b:7d:32:6c:b8:59:ce:
0c:78:31:c4:dd:bc:dd:85:04:df:62:d7:8d:0b:05:c3:64:dd:
87:45:e0:b8:8f:01:82:cc:c1:28:25:84:bd:46:9d:17:aa:9c:
9a:d6:06:f1:55:c4:81:e8:c7:af:a6:10:d3:d7:f3:47:08:70:
3a:06:01:aa:7e:be:51:bd:a1:b3:65:f0:4b:7c:b8:e8:36:04:
5e:60:18:83:d0:9d:9b:dd:16:bd:12:1c:9c:0f:06:5b:48:86:
00:e0:e4:22:7a:70:0a:a1:30:cc:26:07:0e:af:ff:23:18:ca:
05:a3:01:ae:73:81:8b:49:62:98:44:1d:ca:64:74:69:fb:06:
6a:66:3a:9f:ed:90:c2:77:b8:a5:13:76:a4:60:2a:2e:15:d1:
e6:7e:fc:92
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICFvswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3
MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNDAzMTMw
MTIxNTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk3RTM5QzA5RUIxMzRB
RTA1RDNCOTIyODQ4QUNEQzA0Qjk4NjU3NzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDB6AkK9B9fpJYzubtDEQX3b80Z9BlVBEAhz6OQ57l3ReP5Xsyg
0aVCS/Edi91CetOqbfhcKe4zXsefmwa/nDZNJxFYizIZfxZTKugAbAoK+wn82vqg
QVyEGX6/8mf2k7B5arpTdv1iM+nIVB8pY8MPlJYGxvSKYlDkxiO/ZnSqFo1Uf9XP
N2JwlBoO77UlJMzL4WQ3jIRxzBjhWS6qASDkOHZXlgQmm/oGHaCfxNSZnP6H+bHX
a1m2J+qIGqJO53UpVEvoisiMjVhPHXNvX2becbI/GfJQ8er2H/XZPnK8Ilo+1ZX+
IHX3iLecqvsTHnh0yhLxuPHg6Ibz9bO8PYClAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUl+OcCesTSuBdO5IoSKzcBLmGV3IwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI
l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3
L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L2wtT2NDZXNUU3VCZE81
SW9TS3pjQkxtR1YzSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgD
BgQkATSAADANBgkqhkiG9w0BAQsFAAOCAQEARsrspfHA41PKnN+vDuK5J5vP3mtj
5ziBvlL89ZMXkNQK9tXNZAd6ptY+cESU2H7AzhVhG5B74mxkV+H1EjanZTMixm6g
ZSkyhicN7r7G+xO09ZtjOuMEbLflfgNSfDqjOQS7axILfTJsuFnODHgxxN283YUE
32LXjQsFw2Tdh0XguI8BgszBKCWEvUadF6qcmtYG8VXEgejHr6YQ09fzRwhwOgYB
qn6+Ub2hs2XwS3y46DYEXmAYg9Cdm90WvRIcnA8GW0iGAODkInpwCqEwzCYHDq//
IxjKBaMBrnOBi0limEQdymR0afsGamY6n+2Qwne4pRN2pGAqLhXR5n78kg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:35:04 2025 by rpki-client