Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/848/2sXsVY7_2Ij-UFBaTCDkxAjTHQI.roa
File: 2sXsVY7_2Ij-UFBaTCDkxAjTHQI.roa (raw, json)
Hash identifier: n2pOELU8tQSAxmbcXnybdckj6tPykjWnvA6eNWU3+iI=
Subject key identifier: DA:C5:EC:55:8E:FF:D8:88:FE:50:50:5A:4C:20:E4:C4:08:D3:1D:02
Certificate issuer: /CN=4716CB5B4481EC13AEDD40B2C302C50F601AF77D
Certificate serial: 17FA
Authority key identifier: 47:16:CB:5B:44:81:EC:13:AE:DD:40:B2:C3:02:C5:0F:60:1A:F7:7D
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/RxbLW0SB7BOu3UCywwLFD2Aa930.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/848/2sXsVY7_2Ij-UFBaTCDkxAjTHQI.roa
Signing time: Wed 13 Mar 2024 01:21:22 +0000
ROA not before: Wed 13 Mar 2024 01:21:22 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 31216
IP address blocks: 2401:5180::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6138 (0x17fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4716CB5B4481EC13AEDD40B2C302C50F601AF77D
Validity
Not Before: Mar 13 01:21:22 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DAC5EC558EFFD888FE50505A4C20E4C408D31D02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:3f:52:20:8d:41:97:df:9e:3a:ca:e5:f2:59:
c5:81:72:77:4b:7b:b0:5d:67:fa:53:6a:ef:46:44:
fa:6f:04:84:8f:3d:ca:c7:71:04:00:5a:0f:30:dd:
80:13:81:b4:04:28:6b:bd:bb:79:9f:aa:db:aa:6c:
01:bf:6f:7c:0b:2e:67:95:c6:91:4f:7a:3c:98:27:
cc:33:c7:40:05:fe:3b:00:2e:28:b0:a5:48:ea:d3:
8c:af:e5:b6:54:e0:2a:58:2e:10:e3:c9:15:bd:7c:
37:58:27:74:aa:00:c6:13:8d:e3:37:70:e5:03:52:
05:5f:27:34:4d:25:a6:03:58:a9:56:90:55:54:16:
f0:ca:03:a8:15:d9:92:34:33:17:61:d3:03:1d:b7:
35:ef:cf:0c:12:11:0b:5b:a9:c0:3c:47:a7:b2:02:
fd:7c:a2:bd:02:a1:85:d8:e8:d4:07:c6:88:03:9c:
e8:78:79:a0:39:9f:20:d9:fc:cd:95:d7:1e:fa:24:
24:7b:25:d8:f0:1f:9a:a4:4c:ce:7b:7c:d4:ef:83:
8d:de:29:01:87:65:cd:bc:e6:24:5c:d0:62:cd:5f:
1d:72:cd:37:1f:dc:0f:1f:fd:66:67:45:af:cc:b7:
1e:fe:9b:1a:46:cf:38:07:b3:7c:9e:60:7d:79:1c:
5c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:C5:EC:55:8E:FF:D8:88:FE:50:50:5A:4C:20:E4:C4:08:D3:1D:02
X509v3 Authority Key Identifier:
keyid:47:16:CB:5B:44:81:EC:13:AE:DD:40:B2:C3:02:C5:0F:60:1A:F7:7D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/848/RxbLW0SB7BOu3UCywwLFD2Aa930.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/RxbLW0SB7BOu3UCywwLFD2Aa930.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/848/2sXsVY7_2Ij-UFBaTCDkxAjTHQI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:5180::/32
Signature Algorithm: sha256WithRSAEncryption
21:78:4f:a1:ee:7b:09:8b:81:ef:04:36:24:06:b9:d4:d0:32:
82:64:f2:e5:22:3e:7a:bc:5f:2c:87:f4:17:b3:4c:0b:85:93:
e1:d3:d6:10:db:6d:f1:59:65:67:a5:46:f5:c7:e7:28:4e:33:
3e:ab:1e:14:25:45:cb:0e:89:15:54:13:4b:e1:7f:5c:d3:e2:
98:47:9f:28:dd:9a:37:05:4c:db:f7:17:79:30:32:74:de:a1:
fd:9d:b1:a5:2a:30:00:f1:e6:24:82:36:c7:92:a8:57:a1:89:
c8:72:96:5f:eb:30:e9:9d:78:a5:ca:98:79:98:5f:a4:0f:d5:
e8:8c:53:74:a5:82:fa:96:b4:eb:50:5c:d8:58:b7:de:0a:75:
a3:3d:cd:20:9f:53:24:c7:0f:a3:72:18:48:d1:94:4b:bc:d8:
44:d2:5a:0a:d4:15:cc:62:1e:c2:42:3d:ac:10:81:f8:2f:64:
0c:4b:7c:a2:64:09:b0:ff:b0:ad:70:c2:03:ca:8f:63:15:0c:
c1:39:0a:a0:a2:0e:f0:72:4c:38:b9:07:e1:37:c6:88:14:52:
99:c1:09:14:d7:fa:17:4c:4f:4a:4f:91:05:3f:ab:a4:dc:b1:
66:d4:36:f9:b3:03:52:d7:00:cd:a6:7a:c0:2e:9f:55:e0:83:
76:c0:64:45
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICF/owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDcx
NkNCNUI0NDgxRUMxM0FFREQ0MEIyQzMwMkM1MEY2MDFBRjc3RDAeFw0yNDAzMTMw
MTIxMjJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERBQzVFQzU1OEVGRkQ4
ODhGRTUwNTA1QTRDMjBFNEM0MDhEMzFEMDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClP1IgjUGX3546yuXyWcWBcndLe7BdZ/pTau9GRPpvBISPPcrH
cQQAWg8w3YATgbQEKGu9u3mfqtuqbAG/b3wLLmeVxpFPejyYJ8wzx0AF/jsALiiw
pUjq04yv5bZU4CpYLhDjyRW9fDdYJ3SqAMYTjeM3cOUDUgVfJzRNJaYDWKlWkFVU
FvDKA6gV2ZI0Mxdh0wMdtzXvzwwSEQtbqcA8R6eyAv18or0CoYXY6NQHxogDnOh4
eaA5nyDZ/M2V1x76JCR7JdjwH5qkTM57fNTvg43eKQGHZc285iRc0GLNXx1yzTcf
3A8f/WZnRa/Mtx7+mxpGzzgHs3yeYH15HFznAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQU2sXsVY7/2Ij+UFBaTCDkxAjTHQIwHwYDVR0jBBgwFoAURxbLW0SB7BOu3UCy
wwLFD2Aa930wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODQ4
L1J4YkxXMFNCN0JPdTNVQ3l3d0xGRDJBYTkzMC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvUnhiTFcwU0I3Qk91M1VDeXd3TEZEMkFhOTMwLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODQ4LzJzWHNWWTdfMklqLVVG
QmFUQ0RreEFqVEhRSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcD
BQAkAVGAMA0GCSqGSIb3DQEBCwUAA4IBAQAheE+h7nsJi4HvBDYkBrnU0DKCZPLl
Ij56vF8sh/QXs0wLhZPh09YQ223xWWVnpUb1x+coTjM+qx4UJUXLDokVVBNL4X9c
0+KYR58o3Zo3BUzb9xd5MDJ03qH9nbGlKjAA8eYkgjbHkqhXoYnIcpZf6zDpnXil
yph5mF+kD9XojFN0pYL6lrTrUFzYWLfeCnWjPc0gn1Mkxw+jchhI0ZRLvNhE0loK
1BXMYh7CQj2sEIH4L2QMS3yiZAmw/7CtcMIDyo9jFQzBOQqgog7wckw4uQfhN8aI
FFKZwQkU1/oXTE9KT5EFP6uk3LFm1Db5swNS1wDNpnrALp9V4IN2wGRF
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:14:38 2025 by rpki-client