Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2620/M2Lcm5KJ-0vM5e_U21vCbnWPrnE.roa
File: M2Lcm5KJ-0vM5e_U21vCbnWPrnE.roa (raw, json)
Hash identifier: UTbd0u8IdzpM6wVVjXV+yR6rdiJjMTsFMFw7buVoZFQ=
Subject key identifier: 33:62:DC:9B:92:89:FB:4B:CC:E5:EF:D4:DB:5B:C2:6E:75:8F:AE:71
Certificate issuer: /CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF
Certificate serial: 19F9
Authority key identifier: 21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/M2Lcm5KJ-0vM5e_U21vCbnWPrnE.roa
Signing time: Mon 26 Jan 2026 06:53:00 +0000
ROA not before: Mon 26 Jan 2026 06:53:00 +0000
ROA not after: Sat 09 Jan 2027 08:23:18 +0000
asID: 58593
IP address blocks: 139.217.0.0/16 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6649 (0x19f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF
Validity
Not Before: Jan 26 06:53:00 2026 GMT
Not After : Jan 9 08:23:18 2027 GMT
Subject: CN=3362DC9B9289FB4BCCE5EFD4DB5BC26E758FAE71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:d5:35:d0:d0:1e:0d:cc:e5:98:74:23:ee:ab:
ea:62:65:e0:6c:63:87:3f:fd:61:2b:31:73:93:65:
79:1e:a0:8e:18:d3:19:eb:0b:0b:fb:d8:5d:9a:ac:
c5:dc:fb:49:36:43:4f:5f:fd:14:ff:68:c7:bb:bc:
c2:de:42:ae:cd:5d:3f:00:38:89:27:80:91:e0:57:
37:26:82:0f:c7:fa:48:b0:3c:c1:4d:c3:7b:9b:ac:
94:28:d6:f0:7b:19:c2:03:17:69:30:64:4b:f9:bf:
87:90:20:d5:e0:30:1c:ab:74:67:97:3a:79:53:c7:
52:6c:21:64:9d:2a:96:9b:62:b6:34:00:2f:c8:c4:
74:68:73:28:a4:5f:1e:b1:6c:e7:9e:59:a7:55:80:
29:4a:45:60:a0:88:f0:86:e4:02:0e:41:93:91:79:
38:64:02:dc:c6:1f:f5:82:98:20:fc:93:2c:e5:0f:
06:89:06:d4:89:d8:a3:e9:b0:d7:91:a8:a9:ed:9a:
b2:3c:b5:e9:a0:b8:54:54:f4:ac:f8:e8:6a:48:3f:
6f:b6:60:68:81:43:5e:d7:da:c0:15:b6:55:59:cc:
eb:59:58:f9:ed:cc:f5:2d:47:b4:82:a2:43:a2:86:
c9:1b:bf:1e:c8:ed:ff:63:75:d1:95:8a:c7:0c:ea:
84:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:62:DC:9B:92:89:FB:4B:CC:E5:EF:D4:DB:5B:C2:6E:75:8F:AE:71
X509v3 Authority Key Identifier:
keyid:21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/M2Lcm5KJ-0vM5e_U21vCbnWPrnE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
139.217.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7c:ee:83:a4:25:0d:58:f8:b3:df:e6:97:0d:59:2c:14:30:9f:
ef:3f:cb:c3:be:6b:41:35:4f:f3:66:cc:27:40:5c:ff:5e:8a:
84:37:c3:04:ea:65:28:e1:15:ec:d4:86:02:4d:12:ea:5f:35:
3b:89:bb:9f:39:a5:a1:52:71:42:f5:75:fc:c5:6b:3d:91:47:
77:b8:34:13:45:bf:21:5a:8b:e9:d0:10:44:c5:72:23:51:73:
8a:6f:da:e3:e6:f9:5d:4b:93:d4:c8:4b:56:25:8b:c5:dd:f7:
fc:a7:80:3e:f9:94:15:8a:74:aa:66:91:52:80:56:64:90:0b:
79:93:4c:5a:1a:7c:f7:94:b1:8c:0d:72:91:f2:90:ae:17:dc:
de:03:4e:8b:9d:96:66:b9:52:34:bf:27:d0:fb:c5:28:58:e7:
f7:b4:e3:fe:56:ac:06:2b:d5:c5:85:69:15:3a:0b:be:7f:6f:
0f:5d:b4:f9:95:8a:fa:95:53:ee:3e:f8:16:40:d4:a9:19:a4:
a2:0a:f1:28:4c:71:7e:8c:df:67:81:3d:77:d9:3d:66:12:36:
28:9d:02:73:9d:3a:b5:d3:6d:a6:ce:a3:8c:9b:87:ed:7e:4e:
bc:42:41:d8:3a:65:8e:91:1e:1f:a3:e2:2d:5b:f1:1e:2d:5c:
4e:c8:e1:2b
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICGfkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjFE
Qzg3NTk2NUMyQkE2MUQxREFDQkI0OERFRTE0MDU1NEFBNUFFRjAeFw0yNjAxMjYw
NjUzMDBaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDMzNjJEQzlCOTI4OUZC
NEJDQ0U1RUZENERCNUJDMjZFNzU4RkFFNzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDr1TXQ0B4NzOWYdCPuq+piZeBsY4c//WErMXOTZXkeoI4Y0xnr
Cwv72F2arMXc+0k2Q09f/RT/aMe7vMLeQq7NXT8AOIkngJHgVzcmgg/H+kiwPMFN
w3ubrJQo1vB7GcIDF2kwZEv5v4eQINXgMByrdGeXOnlTx1JsIWSdKpabYrY0AC/I
xHRocyikXx6xbOeeWadVgClKRWCgiPCG5AIOQZOReThkAtzGH/WCmCD8kyzlDwaJ
BtSJ2KPpsNeRqKntmrI8temguFRU9Kz46GpIP2+2YGiBQ17X2sAVtlVZzOtZWPnt
zPUtR7SCokOihskbvx7I7f9jddGViscM6oQ7AgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUM2Lcm5KJ+0vM5e/U21vCbnWPrnEwHwYDVR0jBBgwFoAUIdyHWWXCumHR2su0
je4UBVSqWu8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYy
MC9JZHlIV1dYQ3VtSFIyc3UwamU0VUJWU3FXdTguY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0lkeUhXV1hDdW1IUjJzdTBqZTRVQlZTcVd1OC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MjAvTTJMY201S0otMHZN
NWVfVTIxdkNibldQcm5FLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEw
BQMDAIvZMA0GCSqGSIb3DQEBCwUAA4IBAQB87oOkJQ1Y+LPf5pcNWSwUMJ/vP8vD
vmtBNU/zZswnQFz/XoqEN8ME6mUo4RXs1IYCTRLqXzU7ibufOaWhUnFC9XX8xWs9
kUd3uDQTRb8hWovp0BBExXIjUXOKb9rj5vldS5PUyEtWJYvF3ff8p4A++ZQVinSq
ZpFSgFZkkAt5k0xaGnz3lLGMDXKR8pCuF9zeA06LnZZmuVI0vyfQ+8UoWOf3tOP+
VqwGK9XFhWkVOgu+f28PXbT5lYr6lVPuPvgWQNSpGaSiCvEoTHF+jN9ngT132T1m
EjYonQJznTq1022mzqOMm4ftfk68QkHYOmWOkR4fo+ItW/EeLVxOyOEr
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:27:26 2026 by rpki-client