Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/3qUtP3FORoVI92fHhn9H5hXY_xk.roa
File: 3qUtP3FORoVI92fHhn9H5hXY_xk.roa (raw, json)
Hash identifier: Djp8F4wjD7qJ8LK61MJexggALQN/fIsKnyUcCjwwMVQ=
Subject key identifier: DE:A5:2D:3F:71:4E:46:85:48:F7:67:C7:86:7F:47:E6:15:D8:FF:19
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 2474
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/3qUtP3FORoVI92fHhn9H5hXY_xk.roa
Signing time: Tue 10 Jun 2025 12:39:04 +0000
ROA not before: Tue 10 Jun 2025 12:39:04 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9332 (0x2474)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 10 12:39:04 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=DEA52D3F714E468548F767C7867F47E615D8FF19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a9:1e:60:67:98:29:d7:09:a1:42:55:a1:b6:
f1:d5:f0:0b:48:a0:52:fe:8c:5e:91:3e:d6:8a:f9:
02:4c:4f:56:0c:d3:c7:c4:31:b7:ca:12:ed:fa:f8:
db:f8:9e:b2:e9:6a:cf:f0:b5:51:13:0d:dc:3e:cc:
d2:84:3c:4b:7f:34:ac:ac:5b:96:80:40:db:16:3d:
c9:64:f2:51:a3:75:3e:b1:f5:40:67:82:67:86:ce:
73:7d:2e:72:98:2b:c2:96:96:07:66:d3:cf:a1:8a:
94:ba:82:05:e8:1b:f1:10:69:0d:dd:0a:08:57:b5:
9b:c0:7f:6f:a8:40:e2:31:ad:fc:dc:45:77:4a:87:
23:1d:5e:51:89:9c:46:75:ae:8c:21:27:ca:24:e0:
57:1e:52:5a:0f:9f:7e:b4:ad:b4:26:30:31:cd:04:
df:5a:e4:b2:48:f1:dd:af:f1:c6:ff:a0:7c:91:ae:
1d:d3:03:e7:c6:77:e0:e9:a0:e7:30:8d:22:75:b3:
e0:12:2c:84:91:81:a5:e3:83:51:ed:ff:16:bf:3a:
ee:03:7c:1f:a6:29:99:4b:d5:4b:46:23:38:db:d0:
1e:be:3a:4f:35:f8:f0:2e:e3:3c:31:9e:af:7e:b6:
3d:a0:aa:74:9c:5d:ab:74:9d:07:01:ec:82:ee:28:
1a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:A5:2D:3F:71:4E:46:85:48:F7:67:C7:86:7F:47:E6:15:D8:FF:19
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/3qUtP3FORoVI92fHhn9H5hXY_xk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
67:e8:37:30:76:43:7a:cc:19:86:c3:90:02:26:ef:5c:25:d4:
16:32:0e:f8:0c:32:9a:f8:f2:b8:f8:b1:68:8e:2f:61:bf:a3:
7d:05:2e:3b:a5:33:c7:ef:5f:3a:c9:33:7f:e7:60:af:ef:84:
ef:1a:96:9e:14:5f:f7:9c:02:e3:09:32:be:3d:46:dd:a6:0a:
af:69:88:07:a9:a3:0d:a9:88:24:9d:d0:b1:df:f9:0d:62:fa:
d5:28:d3:35:1e:42:cb:98:46:16:69:f0:f8:98:97:36:3a:d9:
70:9c:bd:39:ff:62:b3:08:81:18:b6:8d:06:0a:85:ec:ec:c2:
6b:84:fb:68:e2:c8:49:c1:c7:b2:9f:34:97:85:db:0e:1e:98:
8b:e9:9f:c4:8b:24:17:9f:21:36:dc:89:c9:e3:5d:a1:e1:c8:
34:af:49:28:c2:5c:30:b5:8c:79:32:b3:69:31:3e:3f:81:fe:
44:38:7f:ab:c0:5d:19:88:48:77:70:ab:89:4d:d9:a8:9c:34:
16:95:47:f2:5c:12:30:0f:c9:7c:dc:b7:98:03:ab:d9:57:26:
d2:0b:0d:c6:93:1a:52:14:27:1c:19:f5:77:f9:38:f6:ce:e5:
9f:30:90:11:20:95:f9:ee:10:16:88:3f:c5:41:23:f2:2b:65:
d5:9f:30:ed
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICJHQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MTAx
MjM5MDRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKERFQTUyRDNGNzE0RTQ2
ODU0OEY3NjdDNzg2N0Y0N0U2MTVEOEZGMTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJqR5gZ5gp1wmhQlWhtvHV8AtIoFL+jF6RPtaK+QJMT1YM08fE
MbfKEu36+Nv4nrLpas/wtVETDdw+zNKEPEt/NKysW5aAQNsWPclk8lGjdT6x9UBn
gmeGznN9LnKYK8KWlgdm08+hipS6ggXoG/EQaQ3dCghXtZvAf2+oQOIxrfzcRXdK
hyMdXlGJnEZ1rowhJ8ok4FceUloPn360rbQmMDHNBN9a5LJI8d2v8cb/oHyRrh3T
A+fGd+DpoOcwjSJ1s+ASLISRgaXjg1Ht/xa/Ou4DfB+mKZlL1UtGIzjb0B6+Ok81
+PAu4zwxnq9+tj2gqnScXat0nQcB7ILuKBozAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQU3qUtP3FORoVI92fHhn9H5hXY/xkwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvM3FVdFAzRk9Sb1ZJ
OTJmSGhuOUg1aFhZX3hrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAGfoNzB2Q3rMGYbDkAIm71wl1BYy
DvgMMpr48rj4sWiOL2G/o30FLjulM8fvXzrJM3/nYK/vhO8alp4UX/ecAuMJMr49
Rt2mCq9piAepow2piCSd0LHf+Q1i+tUo0zUeQsuYRhZp8PiYlzY62XCcvTn/YrMI
gRi2jQYKhezswmuE+2jiyEnBx7KfNJeF2w4emIvpn8SLJBefITbcicnjXaHhyDSv
SSjCXDC1jHkys2kxPj+B/kQ4f6vAXRmISHdwq4lN2aicNBaVR/JcEjAPyXzct5gD
q9lXJtILDcaTGlIUJxwZ9Xf5OPbO5Z8wkBEglfnuEBaIP8VBI/IrZdWfMO0=
-----END CERTIFICATE-----
Generated at Sun Jun 15 10:18:21 2025 by rpki-client