Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/332/nMwvJvkVNucvPoqqur_6Tz69qmQ.roa
File: nMwvJvkVNucvPoqqur_6Tz69qmQ.roa (raw, json)
Hash identifier: aWs448x0evL7CHazqrlSUrBXvTS6JQ6+WNndYOCvyYs=
Subject key identifier: 9C:CC:2F:26:F9:15:36:E7:2F:3E:8A:AA:BA:BF:FA:4F:3E:BD:AA:64
Certificate issuer: /CN=8646EA74356E704AEDD163ECA94E5A442308DF78
Certificate serial: 211F
Authority key identifier: 86:46:EA:74:35:6E:70:4A:ED:D1:63:EC:A9:4E:5A:44:23:08:DF:78
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hkbqdDVucErt0WPsqU5aRCMI33g.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/nMwvJvkVNucvPoqqur_6Tz69qmQ.roa
Signing time: Tue 01 Apr 2025 01:31:13 +0000
ROA not before: Tue 01 Apr 2025 01:31:13 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 24424
IP address blocks: 2401:3800::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8479 (0x211f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8646EA74356E704AEDD163ECA94E5A442308DF78
Validity
Not Before: Apr 1 01:31:13 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=9CCC2F26F91536E72F3E8AAABABFFA4F3EBDAA64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c4:3d:94:49:f5:46:4a:1c:b4:fc:50:65:af:
63:f5:70:68:2e:1f:3e:d1:67:bc:62:f1:61:a9:c9:
9f:b2:e9:d5:66:17:49:77:4f:cf:0e:d8:7a:a5:71:
99:88:12:41:40:3e:fb:c2:9d:21:c6:e0:09:10:72:
43:d1:88:2a:5c:81:a0:6b:26:3f:2f:35:ae:e3:0c:
cc:80:57:a5:88:14:82:a5:f1:28:f7:fb:2e:d8:7b:
57:d3:ed:f7:50:5c:7a:04:73:aa:5f:02:00:66:ca:
6c:36:44:0a:9a:bb:13:a0:68:42:e9:0e:7d:08:67:
64:48:8e:d6:34:e3:1c:ea:88:ce:84:95:a0:40:4e:
99:16:b4:41:40:15:30:1f:6e:f3:09:8f:f7:56:7f:
61:b7:a6:a0:51:95:e3:74:7a:55:c6:2d:45:1f:40:
9f:f0:f2:07:f9:8e:17:0a:9b:6a:c8:d8:e8:62:0c:
07:7c:14:5d:c9:0d:b2:36:cf:a5:1e:2f:c2:8c:52:
86:3a:a2:61:cb:4a:36:63:df:3e:0c:2f:7c:9e:8a:
00:48:35:4f:d4:d8:17:4b:a3:58:51:67:7e:ac:df:
c8:0a:3c:36:58:de:b9:0d:f5:5a:97:52:3c:d4:7e:
8d:a1:b2:3a:d4:95:1e:34:05:78:50:2a:1c:87:25:
21:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:CC:2F:26:F9:15:36:E7:2F:3E:8A:AA:BA:BF:FA:4F:3E:BD:AA:64
X509v3 Authority Key Identifier:
keyid:86:46:EA:74:35:6E:70:4A:ED:D1:63:EC:A9:4E:5A:44:23:08:DF:78
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/hkbqdDVucErt0WPsqU5aRCMI33g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hkbqdDVucErt0WPsqU5aRCMI33g.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/nMwvJvkVNucvPoqqur_6Tz69qmQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:3800::/32
Signature Algorithm: sha256WithRSAEncryption
d7:2d:63:c8:b1:c2:95:12:09:44:7b:17:76:2c:0c:98:f0:2b:
01:d0:4c:d9:9a:e0:2f:8d:db:b7:7c:68:fa:02:a9:ef:84:2d:
61:6b:8d:73:21:3e:95:eb:ed:39:b3:47:49:0f:f0:6e:73:c5:
7b:f2:09:e8:ca:dc:a1:a5:79:d0:43:17:97:c1:ae:0c:39:62:
ae:7e:55:b4:1f:82:b2:d8:eb:e1:7b:48:93:13:a6:50:f5:8a:
c8:0b:c4:80:b5:ab:a3:de:7b:49:3c:af:83:e2:6e:c9:55:d2:
f8:d4:70:00:34:e9:6c:c8:10:da:49:87:c9:4a:41:c6:96:ca:
35:87:9a:a8:73:cd:e9:f2:fd:c1:15:a0:77:bb:b5:15:36:23:
eb:40:37:22:c6:5c:21:6a:99:52:09:42:ee:f0:63:41:95:90:
1e:60:fc:fa:b4:8c:3e:f2:92:33:2d:ee:10:97:c2:48:7f:6a:
0e:c3:e3:99:2f:82:ef:b9:a5:c4:76:b1:6d:ff:52:03:78:43:
b1:ed:67:a0:3b:9f:0b:40:19:98:83:48:d0:da:e5:2e:d8:e2:
5d:72:51:4c:bc:2f:f6:55:a2:39:2e:6f:70:b2:ed:97:d5:ad:
30:44:4f:bd:52:be:65:11:44:f3:26:f8:86:f5:71:c9:8e:4d:
d7:bb:79:11
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICIR8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODY0
NkVBNzQzNTZFNzA0QUVERDE2M0VDQTk0RTVBNDQyMzA4REY3ODAeFw0yNTA0MDEw
MTMxMTNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDlDQ0MyRjI2RjkxNTM2
RTcyRjNFOEFBQUJBQkZGQTRGM0VCREFBNjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5xD2USfVGShy0/FBlr2P1cGguHz7RZ7xi8WGpyZ+y6dVmF0l3
T88O2HqlcZmIEkFAPvvCnSHG4AkQckPRiCpcgaBrJj8vNa7jDMyAV6WIFIKl8Sj3
+y7Ye1fT7fdQXHoEc6pfAgBmymw2RAqauxOgaELpDn0IZ2RIjtY04xzqiM6ElaBA
TpkWtEFAFTAfbvMJj/dWf2G3pqBRleN0elXGLUUfQJ/w8gf5jhcKm2rI2OhiDAd8
FF3JDbI2z6UeL8KMUoY6omHLSjZj3z4ML3yeigBINU/U2BdLo1hRZ36s38gKPDZY
3rkN9VqXUjzUfo2hsjrUlR40BXhQKhyHJSH1AgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUnMwvJvkVNucvPoqqur/6Tz69qmQwHwYDVR0jBBgwFoAUhkbqdDVucErt0WPs
qU5aRCMI33gwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMy
L2hrYnFkRFZ1Y0VydDBXUHNxVTVhUkNNSTMzZy5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvaGticWREVnVjRXJ0MFdQc3FVNWFSQ01JMzNnLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMyL25Nd3ZKdmtWTnVjdlBv
cXF1cl82VHo2OXFtUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcD
BQAkATgAMA0GCSqGSIb3DQEBCwUAA4IBAQDXLWPIscKVEglEexd2LAyY8CsB0EzZ
muAvjdu3fGj6AqnvhC1ha41zIT6V6+05s0dJD/Buc8V78gnoytyhpXnQQxeXwa4M
OWKuflW0H4Ky2Ovhe0iTE6ZQ9YrIC8SAtauj3ntJPK+D4m7JVdL41HAANOlsyBDa
SYfJSkHGlso1h5qoc83p8v3BFaB3u7UVNiPrQDcixlwhaplSCULu8GNBlZAeYPz6
tIw+8pIzLe4Ql8JIf2oOw+OZL4LvuaXEdrFt/1IDeEOx7WegO58LQBmYg0jQ2uUu
2OJdclFMvC/2VaI5Lm9wsu2X1a0wRE+9Ur5lEUTzJviG9XHJjk3Xu3kR
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:36:45 2025 by rpki-client