Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2620/DtXFiS1ZqnLEaj5mYPqRgWbveZE.roa
File: DtXFiS1ZqnLEaj5mYPqRgWbveZE.roa (raw, json)
Hash identifier: 9UDe15X3z7TQUw8ynv5RZspb5vMUBZ5xuNtQIJ8H8X8=
Subject key identifier: 0E:D5:C5:89:2D:59:AA:72:C4:6A:3E:66:60:FA:91:81:66:EF:79:91
Certificate issuer: /CN=CDEF7111DE98BD756D92B34D394DA2D39EFF9B8E
Certificate serial: 19F6
Authority key identifier: CD:EF:71:11:DE:98:BD:75:6D:92:B3:4D:39:4D:A2:D3:9E:FF:9B:8E
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ze9xEd6YvXVtkrNNOU2i057_m44.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/DtXFiS1ZqnLEaj5mYPqRgWbveZE.roa
Signing time: Mon 26 Jan 2026 06:53:00 +0000
ROA not before: Mon 26 Jan 2026 06:53:00 +0000
ROA not after: Sat 09 Jan 2027 08:23:18 +0000
asID: 58593
IP address blocks: 2406:e500::/33 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6646 (0x19f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CDEF7111DE98BD756D92B34D394DA2D39EFF9B8E
Validity
Not Before: Jan 26 06:53:00 2026 GMT
Not After : Jan 9 08:23:18 2027 GMT
Subject: CN=0ED5C5892D59AA72C46A3E6660FA918166EF7991
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:4a:3f:8b:e6:ec:d2:f2:08:74:06:a2:87:50:
dd:e6:77:b7:29:72:ce:8e:91:9f:74:29:40:b0:72:
ef:d1:a5:3d:f1:9f:79:1e:b8:94:b0:e2:a3:97:c2:
aa:2f:e0:4e:91:fb:ff:c1:a5:59:6a:09:71:24:a7:
4a:8f:3f:b7:b8:8a:36:73:a9:d0:9f:75:58:39:34:
88:92:b8:b0:1a:81:5f:e8:dc:99:70:ca:75:13:1a:
bf:9a:e3:a0:8e:ec:ac:cb:f6:c6:cd:58:7e:4e:bd:
e7:b9:41:4f:35:42:77:ee:f8:64:19:d0:c1:a2:eb:
8b:7f:1b:28:95:a5:a0:59:f9:5b:3e:78:f5:ce:c3:
66:e1:f5:d1:3f:60:90:50:e6:7a:2b:87:c8:ad:98:
f8:7c:0d:0c:a3:b7:3b:af:e1:92:a7:79:91:55:76:
00:3b:62:56:17:98:4c:89:fb:ac:6f:b4:e5:62:20:
49:c1:15:47:43:27:fe:4c:8d:d9:69:3e:1e:26:f4:
95:82:38:40:10:64:0f:9d:e1:dc:77:4d:9a:d6:0c:
88:de:e4:7b:e8:b8:04:cc:24:0f:fb:2f:9c:f1:56:
e1:c0:e7:7f:b5:7d:02:ba:4d:59:97:fd:33:61:6e:
33:d0:0c:e7:a2:39:0f:bf:ca:ab:db:42:e7:59:5d:
bb:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:D5:C5:89:2D:59:AA:72:C4:6A:3E:66:60:FA:91:81:66:EF:79:91
X509v3 Authority Key Identifier:
keyid:CD:EF:71:11:DE:98:BD:75:6D:92:B3:4D:39:4D:A2:D3:9E:FF:9B:8E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/ze9xEd6YvXVtkrNNOU2i057_m44.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ze9xEd6YvXVtkrNNOU2i057_m44.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/DtXFiS1ZqnLEaj5mYPqRgWbveZE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:e500::/33
Signature Algorithm: sha256WithRSAEncryption
ce:aa:08:1c:c1:0e:ac:a6:98:92:9a:e4:07:05:c0:46:03:ef:
6c:1f:9c:ca:21:72:5b:63:12:9e:65:b2:04:93:aa:49:31:8e:
39:63:cc:3f:01:ac:56:d4:f1:26:05:49:da:af:cf:13:69:42:
b5:10:61:5e:28:38:2a:37:a4:32:53:39:8d:c1:f6:bd:ae:14:
87:41:20:40:4f:7e:80:cc:72:e6:85:55:25:bd:91:e2:ba:bf:
7f:45:a7:88:cb:2a:eb:d1:8f:e9:ea:8c:35:96:70:cc:b8:85:
5f:81:3f:1f:9f:fc:de:dd:6e:f9:54:11:1f:cb:94:9f:d4:3b:
81:4d:68:2f:05:7c:5f:dd:2c:07:92:35:29:7a:de:93:b9:d3:
7d:2a:7c:a8:a9:b6:e2:84:cb:85:49:73:22:43:ca:eb:00:8c:
55:3c:f0:9b:d8:c5:37:b0:78:b0:e3:13:da:6d:62:44:f9:5a:
60:1e:08:05:f2:71:35:48:3e:7f:b7:a2:9e:6c:1c:31:96:97:
96:3a:5d:50:e6:09:bb:ba:69:b2:c3:e8:f9:d9:c1:59:45:23:
ad:e1:47:08:ab:8e:41:c1:cc:f4:5a:76:80:7a:19:6f:28:e9:
14:f9:e7:06:bb:73:25:99:85:5a:31:46:09:34:e1:49:fe:a0:
ef:eb:d0:dc
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgICGfYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0RF
RjcxMTFERTk4QkQ3NTZEOTJCMzREMzk0REEyRDM5RUZGOUI4RTAeFw0yNjAxMjYw
NjUzMDBaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDBFRDVDNTg5MkQ1OUFB
NzJDNDZBM0U2NjYwRkE5MTgxNjZFRjc5OTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpSj+L5uzS8gh0BqKHUN3md7cpcs6OkZ90KUCwcu/RpT3xn3ke
uJSw4qOXwqov4E6R+//BpVlqCXEkp0qPP7e4ijZzqdCfdVg5NIiSuLAagV/o3Jlw
ynUTGr+a46CO7KzL9sbNWH5Ovee5QU81Qnfu+GQZ0MGi64t/GyiVpaBZ+Vs+ePXO
w2bh9dE/YJBQ5norh8itmPh8DQyjtzuv4ZKneZFVdgA7YlYXmEyJ+6xvtOViIEnB
FUdDJ/5MjdlpPh4m9JWCOEAQZA+d4dx3TZrWDIje5HvouATMJA/7L5zxVuHA53+1
fQK6TVmX/TNhbjPQDOeiOQ+/yqvbQudZXbsZAgMBAAGjggH1MIIB8TAdBgNVHQ4E
FgQUDtXFiS1ZqnLEaj5mYPqRgWbveZEwHwYDVR0jBBgwFoAUze9xEd6YvXVtkrNN
OU2i057/m44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYy
MC96ZTl4RWQ2WXZYVnRrck5OT1UyaTA1N19tNDQuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3plOXhFZDZZdlhWdGtyTk5PVTJpMDU3X200NC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MjAvRHRYRmlTMVpxbkxF
YWo1bVlQcVJnV2J2ZVpFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIw
CAMGByQG5QAAMA0GCSqGSIb3DQEBCwUAA4IBAQDOqggcwQ6sppiSmuQHBcBGA+9s
H5zKIXJbYxKeZbIEk6pJMY45Y8w/AaxW1PEmBUnar88TaUK1EGFeKDgqN6QyUzmN
wfa9rhSHQSBAT36AzHLmhVUlvZHiur9/RaeIyyrr0Y/p6ow1lnDMuIVfgT8fn/ze
3W75VBEfy5Sf1DuBTWgvBXxf3SwHkjUpet6TudN9KnyoqbbihMuFSXMiQ8rrAIxV
PPCb2MU3sHiw4xPabWJE+VpgHggF8nE1SD5/t6KebBwxlpeWOl1Q5gm7ummyw+j5
2cFZRSOt4UcIq45Bwcz0WnaAehlvKOkU+ecGu3MlmYVaMUYJNOFJ/qDv69Dc
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:45:54 2026 by rpki-client