Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/3SUgn83d4NDPHVWDImh-IqCYFlk.roa
File: 3SUgn83d4NDPHVWDImh-IqCYFlk.roa (raw, json)
Hash identifier: 5HIzYO/X3FVXp/nnB4WuNZj5AzxmXL8nhLbWTEEHamw=
Subject key identifier: DD:25:20:9F:CD:DD:E0:D0:CF:1D:55:83:22:68:7E:22:A0:98:16:59
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 237E
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/3SUgn83d4NDPHVWDImh-IqCYFlk.roa
Signing time: Sun 08 Jun 2025 19:38:55 +0000
ROA not before: Sun 08 Jun 2025 19:38:55 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9086 (0x237e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 8 19:38:55 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=DD25209FCDDDE0D0CF1D558322687E22A0981659
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:e5:0b:fb:2e:d3:25:c5:35:91:27:17:9f:50:
01:f8:8b:97:3c:d0:fd:e6:d0:d7:30:5a:45:99:86:
90:67:5c:c7:63:15:09:cc:46:09:47:dc:80:ce:76:
2e:1b:4b:f3:42:06:d3:df:a4:9e:4e:62:3d:76:ab:
3c:d7:79:8f:53:39:3c:57:a6:06:7f:df:eb:68:21:
b1:af:ea:24:6a:b1:59:f9:b6:44:ab:51:f0:27:72:
fa:37:02:b4:ed:a4:16:ae:f1:2d:ec:ea:a6:db:b4:
43:ce:35:66:97:7e:b1:2d:94:96:52:18:09:fe:2a:
7b:93:de:62:5a:ef:82:93:1a:23:2f:52:7d:b2:7f:
4c:cd:84:91:21:98:ef:ff:a7:02:f8:5e:12:c2:a9:
e4:62:65:d7:ec:0e:60:dc:aa:79:45:6e:cf:e0:8c:
93:a1:50:61:66:98:66:4d:d8:37:bb:be:90:4c:ef:
39:fb:77:7b:62:9e:59:ab:4b:b4:5e:45:5d:35:f4:
eb:9b:ea:48:55:d7:cb:bb:a7:1e:9c:d6:58:ad:11:
d9:80:a4:47:7a:8a:24:04:74:b8:34:17:0a:49:7b:
44:74:43:4a:25:e2:1b:0a:af:ab:e9:fb:2e:7c:12:
13:63:e7:14:3f:8c:66:3c:e5:ff:4f:bc:16:16:64:
00:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:25:20:9F:CD:DD:E0:D0:CF:1D:55:83:22:68:7E:22:A0:98:16:59
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/3SUgn83d4NDPHVWDImh-IqCYFlk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
50:fb:f5:43:eb:c3:e2:89:91:02:6e:ed:38:c1:6e:9f:92:ca:
13:ef:05:56:6b:f9:3c:e4:dd:1a:a8:87:27:f1:5a:9c:bc:1b:
10:20:25:db:3e:77:9b:d6:3a:26:9e:ae:23:69:eb:6c:54:8c:
ee:7a:d3:2d:7a:d7:1b:d8:5a:77:be:67:e7:21:55:ee:ef:b1:
63:92:e3:f3:80:a8:29:e8:0f:0e:06:fd:70:4b:15:bc:be:5c:
bc:3b:e3:a6:3e:c9:f6:20:4b:d7:7a:90:92:38:2a:04:8b:79:
f3:46:45:3c:a1:d5:68:68:ba:01:58:b0:e1:04:3c:81:72:b2:
8e:e5:20:d1:f1:3d:95:ae:a8:5d:a6:d6:a5:87:c7:20:76:d2:
4d:bf:e3:2d:3f:26:38:81:bb:d5:77:b9:83:ff:1f:52:2f:a4:
43:1f:73:0a:de:0f:3f:ed:9e:74:c5:7b:d9:ee:a0:f3:70:d7:
69:8d:0c:0b:64:4c:f1:fc:86:16:e5:7b:23:31:ca:19:80:5a:
38:69:e6:b3:e2:87:3e:21:b6:ad:71:5c:77:b9:de:c9:2a:c5:
9c:d3:8b:52:c1:fe:bb:3d:26:50:c0:b2:d6:52:11:24:af:f4:
94:88:8b:23:21:52:6d:55:17:fb:c6:00:62:fc:bb:f5:4d:81:
34:e5:3f:26
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICI34wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDgx
OTM4NTVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEREMjUyMDlGQ0REREUw
RDBDRjFENTU4MzIyNjg3RTIyQTA5ODE2NTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDz5Qv7LtMlxTWRJxefUAH4i5c80P3m0NcwWkWZhpBnXMdjFQnM
RglH3IDOdi4bS/NCBtPfpJ5OYj12qzzXeY9TOTxXpgZ/3+toIbGv6iRqsVn5tkSr
UfAncvo3ArTtpBau8S3s6qbbtEPONWaXfrEtlJZSGAn+KnuT3mJa74KTGiMvUn2y
f0zNhJEhmO//pwL4XhLCqeRiZdfsDmDcqnlFbs/gjJOhUGFmmGZN2De7vpBM7zn7
d3tinlmrS7ReRV019Oub6khV18u7px6c1litEdmApEd6iiQEdLg0FwpJe0R0Q0ol
4hsKr6vp+y58EhNj5xQ/jGY85f9PvBYWZAAlAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQU3SUgn83d4NDPHVWDImh+IqCYFlkwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvM1NVZ244M2Q0TkRQ
SFZXREltaC1JcUNZRmxrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAFD79UPrw+KJkQJu7TjBbp+SyhPv
BVZr+Tzk3RqohyfxWpy8GxAgJds+d5vWOiaeriNp62xUjO560y161xvYWne+Z+ch
Ve7vsWOS4/OAqCnoDw4G/XBLFby+XLw746Y+yfYgS9d6kJI4KgSLefNGRTyh1Who
ugFYsOEEPIFyso7lINHxPZWuqF2m1qWHxyB20k2/4y0/JjiBu9V3uYP/H1IvpEMf
cwreDz/tnnTFe9nuoPNw12mNDAtkTPH8hhbleyMxyhmAWjhp5rPihz4htq1xXHe5
3skqxZzTi1LB/rs9JlDAstZSESSv9JSIiyMhUm1VF/vGAGL8u/VNgTTlPyY=
-----END CERTIFICATE-----
Generated at Sun Jun 15 10:19:57 2025 by rpki-client