Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/DRqLolyzybs7smpox22UkN-gdaM.roa
File: DRqLolyzybs7smpox22UkN-gdaM.roa (raw, json)
Hash identifier: R2MrxXBhfrp30NYYP9gPMxLd/W3+cZzXtkmSGiZ6VUc=
Subject key identifier: 0D:1A:8B:A2:5C:B3:C9:BB:3B:B2:6A:68:C7:6D:94:90:DF:A0:75:A3
Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Certificate serial: 18DD
Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/DRqLolyzybs7smpox22UkN-gdaM.roa
Signing time: Tue 10 Feb 2026 05:00:45 +0000
ROA not before: Tue 10 Feb 2026 05:00:45 +0000
ROA not after: Fri 23 Oct 2026 03:01:03 +0000
asID: 55990
IP address blocks: 2409:2003::/47 maxlen: 47
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6365 (0x18dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Validity
Not Before: Feb 10 05:00:45 2026 GMT
Not After : Oct 23 03:01:03 2026 GMT
Subject: CN=0D1A8BA25CB3C9BB3BB26A68C76D9490DFA075A3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:08:90:73:32:b6:6a:e8:0a:ed:00:cc:0c:7e:
b2:1f:77:1c:e5:e3:18:8e:53:02:52:9f:b5:eb:60:
6c:43:55:29:58:ee:a3:c1:d1:4c:1f:7a:c7:0c:5b:
29:d6:03:88:a1:d3:84:3e:b4:4a:e9:82:b4:77:01:
72:20:23:75:fc:7d:5b:78:62:7d:81:a4:f7:d8:e8:
f1:b7:d9:2e:e8:9b:d2:d8:e3:d0:f6:26:19:3d:69:
1a:85:c3:3d:78:cd:5a:e5:6a:ef:0b:d9:f6:fa:26:
bb:c0:77:8a:16:d9:46:a2:1a:80:ed:a7:34:b1:2f:
4a:e3:64:40:9a:34:1b:1b:f4:e5:36:ea:74:90:6a:
57:4d:44:62:30:e9:66:b4:13:e1:6a:30:74:ee:f9:
9b:66:41:b0:99:15:af:eb:17:e7:e3:92:65:85:40:
3b:2a:3f:0d:0f:20:9f:13:6e:5f:92:be:41:2a:01:
5a:6a:05:36:08:6a:83:e7:72:88:86:fa:44:87:a2:
57:9b:58:34:01:60:34:8b:84:53:c4:11:73:79:95:
a8:43:50:ec:94:51:73:ff:52:32:51:71:80:2f:6a:
02:33:49:cc:15:27:22:66:c8:78:b1:c2:33:88:2c:
e2:fa:5e:78:d8:ba:d4:71:c7:6f:25:4f:14:f4:b7:
ab:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:1A:8B:A2:5C:B3:C9:BB:3B:B2:6A:68:C7:6D:94:90:DF:A0:75:A3
X509v3 Authority Key Identifier:
keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/DRqLolyzybs7smpox22UkN-gdaM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2409:2003::/47
Signature Algorithm: sha256WithRSAEncryption
1e:9f:2e:1f:18:5d:e8:87:96:f8:f7:4d:ff:d0:25:2c:01:32:
3f:75:ca:17:a8:38:4c:b8:95:23:15:c5:5b:89:0f:65:da:82:
89:ee:40:d5:94:f6:7a:48:a6:e5:83:2f:95:e6:68:00:81:fd:
3e:84:23:b2:77:a8:77:0f:e8:9c:fc:eb:67:05:7b:48:3b:f1:
4e:c7:28:10:27:3e:8f:d2:a0:6f:fc:86:3b:dd:e4:f6:20:f4:
54:a6:ac:56:59:7b:04:01:6a:83:57:0c:24:b6:72:e5:33:4d:
22:1e:12:d6:6c:47:61:81:3a:12:25:df:23:e9:f9:10:53:1d:
c8:b2:7d:5f:c1:4b:6e:23:ae:a9:ae:2a:5b:68:41:36:dc:63:
17:91:f1:5a:40:0b:45:48:3c:f0:cf:81:df:1e:f6:59:31:90:
cb:b2:3e:57:67:12:97:99:07:86:82:32:6c:c7:06:8e:17:ce:
db:19:5d:b0:4c:0f:3a:f4:a5:82:64:95:c1:03:f3:d0:f0:c9:
5b:4d:92:08:80:af:e5:86:d4:98:a4:fe:8d:e1:d5:4a:47:24:
69:0c:7e:33:5e:40:21:6c:57:12:a9:77:35:79:eb:13:67:c6:
bd:f2:85:00:d3:e6:d4:a0:e1:ab:f8:07:87:20:28:09:39:5f:
e8:8e:aa:9d
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgICGN0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD
RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNjAyMTAw
NTAwNDVaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDBEMUE4QkEyNUNCM0M5
QkIzQkIyNkE2OEM3NkQ5NDkwREZBMDc1QTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpCJBzMrZq6ArtAMwMfrIfdxzl4xiOUwJSn7XrYGxDVSlY7qPB
0UwfescMWynWA4ih04Q+tErpgrR3AXIgI3X8fVt4Yn2BpPfY6PG32S7om9LY49D2
Jhk9aRqFwz14zVrlau8L2fb6JrvAd4oW2UaiGoDtpzSxL0rjZECaNBsb9OU26nSQ
aldNRGIw6Wa0E+FqMHTu+ZtmQbCZFa/rF+fjkmWFQDsqPw0PIJ8Tbl+SvkEqAVpq
BTYIaoPncoiG+kSHolebWDQBYDSLhFPEEXN5lahDUOyUUXP/UjJRcYAvagIzScwV
JyJmyHixwjOILOL6XnjYutRxx28lTxT0t6tzAgMBAAGjggH2MIIB8jAdBgNVHQ4E
FgQUDRqLolyzybs7smpox22UkN+gdaMwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb
RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx
NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvRFJxTG9seXp5YnM3
c21wb3gyMlVrTi1nZGFNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHASQJIAMAADANBgkqhkiG9w0BAQsFAAOCAQEAHp8uHxhd6IeW+PdN/9AlLAEy
P3XKF6g4TLiVIxXFW4kPZdqCie5A1ZT2ekim5YMvleZoAIH9PoQjsneodw/onPzr
ZwV7SDvxTscoECc+j9Kgb/yGO93k9iD0VKasVll7BAFqg1cMJLZy5TNNIh4S1mxH
YYE6EiXfI+n5EFMdyLJ9X8FLbiOuqa4qW2hBNtxjF5HxWkALRUg88M+B3x72WTGQ
y7I+V2cSl5kHhoIybMcGjhfO2xldsEwPOvSlgmSVwQPz0PDJW02SCICv5YbUmKT+
jeHVSkckaQx+M15AIWxXEql3NXnrE2fGvfKFANPm1KDhq/gHhyAoCTlf6I6qnQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:27:28 2026 by rpki-client