Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2620/yoqPCR_0MI64ewIYP02tHvr5vqA.roa
File: yoqPCR_0MI64ewIYP02tHvr5vqA.roa (raw, json)
Hash identifier: NqWabWFfU3AP5Dh7fuOqhVE8rlfJ7vpJxrHBzEzV9Ak=
Subject key identifier: CA:8A:8F:09:1F:F4:30:8E:B8:7B:02:18:3F:4D:AD:1E:FA:F9:BE:A0
Certificate issuer: /CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF
Certificate serial: 19FA
Authority key identifier: 21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/yoqPCR_0MI64ewIYP02tHvr5vqA.roa
Signing time: Mon 26 Jan 2026 06:53:01 +0000
ROA not before: Mon 26 Jan 2026 06:53:01 +0000
ROA not after: Sat 09 Jan 2027 08:23:18 +0000
asID: 58593
IP address blocks: 40.72.0.0/17 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6650 (0x19fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF
Validity
Not Before: Jan 26 06:53:01 2026 GMT
Not After : Jan 9 08:23:18 2027 GMT
Subject: CN=CA8A8F091FF4308EB87B02183F4DAD1EFAF9BEA0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:73:64:94:f1:a3:cd:08:45:8e:3d:aa:c0:3d:
fc:9c:69:18:df:7c:de:88:52:c4:d4:cb:50:1f:b7:
e2:61:6a:95:35:2f:9b:59:09:ff:6a:7c:2c:79:7f:
c5:20:06:66:01:af:63:65:08:31:13:57:2e:6c:5c:
a9:fd:9a:dc:57:08:8d:94:c5:1c:dd:00:9a:78:12:
2a:2c:df:df:cc:e7:7f:a6:38:08:10:1b:49:56:9a:
94:2c:e3:50:af:32:b6:07:8c:32:9e:1f:c8:d3:a0:
28:ba:da:3d:0b:b5:14:98:f6:67:d6:6f:f0:b7:42:
47:59:12:03:4e:40:34:47:08:af:93:26:1d:5e:af:
1e:96:c6:2a:53:0c:eb:83:da:85:73:40:d7:b4:c5:
51:4d:49:9c:cf:7d:0b:14:d2:92:47:29:ab:f5:f9:
30:4d:93:b9:ff:45:dd:e1:60:ae:1d:0c:f0:92:6d:
ae:45:b6:80:1f:39:db:8b:ec:df:71:b7:67:eb:39:
08:23:06:5d:02:7d:8b:14:24:71:20:33:41:58:49:
ca:53:7d:cd:81:c9:5f:4c:35:e2:8a:cc:1f:79:21:
25:13:af:e1:ff:2a:56:00:06:44:33:d4:93:5c:80:
a8:74:1b:ba:b5:9a:6a:d9:2e:06:df:27:45:66:51:
25:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:8A:8F:09:1F:F4:30:8E:B8:7B:02:18:3F:4D:AD:1E:FA:F9:BE:A0
X509v3 Authority Key Identifier:
keyid:21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/yoqPCR_0MI64ewIYP02tHvr5vqA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
40.72.0.0/17
Signature Algorithm: sha256WithRSAEncryption
3d:0f:16:46:8c:50:27:a4:bc:a8:09:5b:d2:34:8a:cf:cd:d2:
df:d8:ca:26:15:d5:19:e1:42:29:3c:a6:84:36:0f:0a:a4:c6:
c1:4f:0c:40:28:53:ce:9b:33:e1:4c:9c:57:67:1f:46:ec:48:
ac:8e:f7:ad:a0:20:7a:35:af:47:85:7e:19:0c:9a:11:4d:14:
f8:3d:ef:a3:d4:8c:eb:ee:d5:3f:89:7c:4e:98:bc:78:7c:3c:
01:54:8f:22:0c:d7:cb:9d:bd:15:14:bd:c3:21:99:55:c4:c1:
dc:9e:13:ac:97:90:ef:73:22:20:99:7a:33:1c:d3:cc:4c:bf:
e3:57:e7:fd:c4:e9:88:69:39:20:1a:d1:33:38:2d:ed:21:7d:
39:9d:b9:89:db:26:37:f0:c8:ae:14:46:26:f6:af:52:a2:60:
0a:31:79:4e:44:13:73:89:25:45:b5:ab:e4:7a:a6:0b:b9:e3:
37:05:5f:7c:14:48:7c:a5:f0:8b:04:81:f7:15:ec:69:b0:25:
a2:fb:5c:eb:0a:82:bb:05:42:0b:06:85:58:ae:96:f8:98:93:
3c:94:36:85:8a:67:5d:36:bd:27:1e:d6:34:39:7e:4a:98:5d:
26:84:b4:f9:cf:38:6a:f9:6a:5c:01:f8:9c:d5:a0:b9:d0:46:
53:7e:9c:3d
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICGfowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjFE
Qzg3NTk2NUMyQkE2MUQxREFDQkI0OERFRTE0MDU1NEFBNUFFRjAeFw0yNjAxMjYw
NjUzMDFaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKENBOEE4RjA5MUZGNDMw
OEVCODdCMDIxODNGNERBRDFFRkFGOUJFQTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7c2SU8aPNCEWOParAPfycaRjffN6IUsTUy1Aft+JhapU1L5tZ
Cf9qfCx5f8UgBmYBr2NlCDETVy5sXKn9mtxXCI2UxRzdAJp4Eios39/M53+mOAgQ
G0lWmpQs41CvMrYHjDKeH8jToCi62j0LtRSY9mfWb/C3QkdZEgNOQDRHCK+TJh1e
rx6WxipTDOuD2oVzQNe0xVFNSZzPfQsU0pJHKav1+TBNk7n/Rd3hYK4dDPCSba5F
toAfOduL7N9xt2frOQgjBl0CfYsUJHEgM0FYScpTfc2ByV9MNeKKzB95ISUTr+H/
KlYABkQz1JNcgKh0G7q1mmrZLgbfJ0VmUSWFAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUyoqPCR/0MI64ewIYP02tHvr5vqAwHwYDVR0jBBgwFoAUIdyHWWXCumHR2su0
je4UBVSqWu8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYy
MC9JZHlIV1dYQ3VtSFIyc3UwamU0VUJWU3FXdTguY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0lkeUhXV1hDdW1IUjJzdTBqZTRVQlZTcVd1OC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MjAveW9xUENSXzBNSTY0
ZXdJWVAwMnRIdnI1dnFBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEByhIADANBgkqhkiG9w0BAQsFAAOCAQEAPQ8WRoxQJ6S8qAlb0jSKz83S39jK
JhXVGeFCKTymhDYPCqTGwU8MQChTzpsz4UycV2cfRuxIrI73raAgejWvR4V+GQya
EU0U+D3vo9SM6+7VP4l8Tpi8eHw8AVSPIgzXy529FRS9wyGZVcTB3J4TrJeQ73Mi
IJl6MxzTzEy/41fn/cTpiGk5IBrRMzgt7SF9OZ25idsmN/DIrhRGJvavUqJgCjF5
TkQTc4klRbWr5HqmC7njNwVffBRIfKXwiwSB9xXsabAlovtc6wqCuwVCCwaFWK6W
+JiTPJQ2hYpnXTa9Jx7WNDl+SphdJoS0+c84avlqXAH4nNWgudBGU36cPQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:26:28 2026 by rpki-client