Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2620/jGKVP5AyIpaJY_AX7r0aS7EhjSk.roa
File: jGKVP5AyIpaJY_AX7r0aS7EhjSk.roa (raw, json)
Hash identifier: rqnNypr7tucbEs+tmBI0LVS0Vn6f5puJDxqbKrBvQX4=
Subject key identifier: 8C:62:95:3F:90:32:22:96:89:63:F0:17:EE:BD:1A:4B:B1:21:8D:29
Certificate issuer: /CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF
Certificate serial: 19F2
Authority key identifier: 21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/jGKVP5AyIpaJY_AX7r0aS7EhjSk.roa
Signing time: Mon 26 Jan 2026 06:52:59 +0000
ROA not before: Mon 26 Jan 2026 06:52:59 +0000
ROA not after: Sat 09 Jan 2027 08:23:18 +0000
asID: 58593
IP address blocks: 52.130.64.0/19 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6642 (0x19f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF
Validity
Not Before: Jan 26 06:52:59 2026 GMT
Not After : Jan 9 08:23:18 2027 GMT
Subject: CN=8C62953F903222968963F017EEBD1A4BB1218D29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:49:05:ec:49:79:30:5b:bb:19:17:96:21:08:
94:30:a2:00:2c:dd:97:f7:52:a1:40:d8:a7:4f:16:
d9:86:9e:7d:e3:17:6c:2d:c7:4c:64:5f:13:68:06:
f6:30:fb:fd:0e:6a:d0:5e:74:08:9e:9d:e9:2b:c1:
01:eb:f8:5f:fb:0c:04:83:94:13:af:5d:b4:34:b6:
cf:5b:b9:e0:f0:be:c1:23:5f:d2:e0:6f:36:e2:99:
a9:f9:8b:8d:4f:7c:9f:ad:56:97:26:3b:da:c8:0b:
67:90:b6:33:54:9f:0c:3b:34:cc:81:9a:fb:4b:24:
0e:d2:86:65:f1:60:5b:e9:c0:fa:4d:3d:bc:cd:ac:
7e:25:e1:e0:92:9c:78:11:2f:2e:67:b9:3a:05:b0:
7c:8a:2a:f7:60:dd:bc:ad:19:3a:b2:d0:2e:e8:56:
40:46:88:04:d1:c3:48:2b:60:81:d9:06:5b:e4:d1:
aa:67:1e:23:53:74:bb:09:8e:17:9c:36:81:e4:ac:
2b:49:df:ad:32:7c:4c:3b:30:3b:2e:00:d5:f1:7b:
b0:1e:46:07:50:b0:3e:78:b1:35:26:c3:d7:3a:42:
96:a7:0d:e2:94:5c:d2:1d:a8:dd:d4:1c:1e:20:db:
7a:e6:15:fa:54:29:dc:37:4f:3c:0a:13:c9:4c:05:
f4:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:62:95:3F:90:32:22:96:89:63:F0:17:EE:BD:1A:4B:B1:21:8D:29
X509v3 Authority Key Identifier:
keyid:21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/jGKVP5AyIpaJY_AX7r0aS7EhjSk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
52.130.64.0/19
Signature Algorithm: sha256WithRSAEncryption
98:be:03:4d:fa:3a:5b:11:b6:9a:e0:8e:12:b4:dc:2d:b1:81:
06:c3:da:8c:85:78:83:4b:de:f3:1c:a7:98:f4:55:be:da:26:
8e:a1:69:38:f6:43:8d:bc:60:df:56:ce:8b:32:2c:85:6b:15:
19:c5:9c:9e:d5:43:98:8a:d7:c5:50:43:9e:b4:59:01:58:a2:
9a:bb:37:50:48:f3:b7:67:da:a1:ad:da:b6:6c:f9:c1:c4:0f:
af:f3:ee:29:c2:46:9f:62:b1:30:ae:bb:0a:2b:4e:62:7a:a3:
39:fa:5d:51:d1:44:a4:ae:e1:60:c6:d5:ff:8c:73:bc:8d:e4:
ef:3e:d8:92:d7:2a:2a:8e:a1:0b:45:74:c0:df:25:29:df:30:
bb:ff:ce:d0:49:42:5b:2f:81:e5:7b:25:98:63:ff:fc:64:73:
05:73:da:ed:63:9e:2d:05:49:8a:08:a2:0e:43:80:a0:66:1d:
a1:8f:d9:62:35:bb:69:87:6b:16:56:42:2d:d6:a5:ff:6d:55:
ce:8c:14:df:4e:58:9d:ff:ed:17:aa:c5:87:04:63:4f:69:20:
50:e3:83:6f:53:7d:92:9a:7d:12:df:36:20:1e:cc:64:12:e6:
3d:79:07:94:11:ba:ab:a1:dc:7f:0c:e9:97:a3:40:14:98:8c:
49:f7:89:9c
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICGfIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjFE
Qzg3NTk2NUMyQkE2MUQxREFDQkI0OERFRTE0MDU1NEFBNUFFRjAeFw0yNjAxMjYw
NjUyNTlaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDhDNjI5NTNGOTAzMjIy
OTY4OTYzRjAxN0VFQkQxQTRCQjEyMThEMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuSQXsSXkwW7sZF5YhCJQwogAs3Zf3UqFA2KdPFtmGnn3jF2wt
x0xkXxNoBvYw+/0OatBedAienekrwQHr+F/7DASDlBOvXbQ0ts9bueDwvsEjX9Lg
bzbiman5i41PfJ+tVpcmO9rIC2eQtjNUnww7NMyBmvtLJA7ShmXxYFvpwPpNPbzN
rH4l4eCSnHgRLy5nuToFsHyKKvdg3bytGTqy0C7oVkBGiATRw0grYIHZBlvk0apn
HiNTdLsJjhecNoHkrCtJ360yfEw7MDsuANXxe7AeRgdQsD54sTUmw9c6QpanDeKU
XNIdqN3UHB4g23rmFfpUKdw3TzwKE8lMBfQrAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUjGKVP5AyIpaJY/AX7r0aS7EhjSkwHwYDVR0jBBgwFoAUIdyHWWXCumHR2su0
je4UBVSqWu8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYy
MC9JZHlIV1dYQ3VtSFIyc3UwamU0VUJWU3FXdTguY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0lkeUhXV1hDdW1IUjJzdTBqZTRVQlZTcVd1OC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MjAvakdLVlA1QXlJcGFK
WV9BWDdyMGFTN0VoalNrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBTSCQDANBgkqhkiG9w0BAQsFAAOCAQEAmL4DTfo6WxG2muCOErTcLbGBBsPa
jIV4g0ve8xynmPRVvtomjqFpOPZDjbxg31bOizIshWsVGcWcntVDmIrXxVBDnrRZ
AViimrs3UEjzt2faoa3atmz5wcQPr/PuKcJGn2KxMK67CitOYnqjOfpdUdFEpK7h
YMbV/4xzvI3k7z7YktcqKo6hC0V0wN8lKd8wu//O0ElCWy+B5XslmGP//GRzBXPa
7WOeLQVJigiiDkOAoGYdoY/ZYjW7aYdrFlZCLdal/21VzowU305Ynf/tF6rFhwRj
T2kgUOODb1N9kpp9Et82IB7MZBLmPXkHlBG6q6Hcfwzpl6NAFJiMSfeJnA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:29:08 2026 by rpki-client