Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/6XglRA2ON2Vdkr4nb5bBN8dm0fo.roa
File: 6XglRA2ON2Vdkr4nb5bBN8dm0fo.roa (raw, json)
Hash identifier: kATCb2M3oLRS+dFBmdTyf8dHSemudS7mNO0mbwdRpk4=
Subject key identifier: E9:78:25:44:0D:8E:37:65:5D:92:BE:27:6F:96:C1:37:C7:66:D1:FA
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 20CF
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/6XglRA2ON2Vdkr4nb5bBN8dm0fo.roa
Signing time: Wed 04 Jun 2025 01:08:39 +0000
ROA not before: Wed 04 Jun 2025 01:08:39 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8399 (0x20cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 4 01:08:39 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=E97825440D8E37655D92BE276F96C137C766D1FA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:43:43:f0:b9:77:69:ab:c0:90:df:6f:a9:11:
ac:b4:25:41:58:04:93:f1:5e:d7:04:e6:6c:88:38:
64:c5:8b:f1:52:f9:2e:29:bd:55:6c:3d:73:1e:b0:
c7:b7:0e:58:ee:7f:18:4b:02:c3:40:c2:43:e9:d2:
37:3f:2f:8c:b4:d3:6a:15:7c:7c:05:da:55:07:56:
1b:7f:ca:5d:7e:e6:88:13:7f:78:8d:28:55:ca:d5:
72:52:28:ce:17:ea:bf:35:95:34:2c:d3:f4:fb:3e:
87:87:2f:7b:ce:cc:69:a5:cc:90:84:c1:31:b6:40:
0c:b6:f5:b9:90:88:0b:66:0b:be:e4:07:20:3e:ae:
1f:5e:32:3f:ad:51:93:4f:f0:bc:da:87:70:6c:b8:
55:87:81:7a:0f:a7:a1:5c:28:ff:a3:fb:ea:ce:c9:
c8:9e:0d:9f:6a:cc:6d:c2:93:3b:9f:e0:2e:02:ac:
6b:e1:ca:43:97:d4:57:0c:ed:de:07:2f:7a:5f:1b:
86:41:71:68:f7:59:23:b4:ba:31:5b:c8:28:cf:d9:
0b:a3:bc:f1:39:de:41:9f:43:ef:1f:92:3b:24:27:
16:b9:bc:0c:12:16:95:af:70:98:de:6d:9a:b0:46:
b8:fa:91:21:f2:50:ba:b4:bc:85:75:6a:1a:ac:44:
a3:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:78:25:44:0D:8E:37:65:5D:92:BE:27:6F:96:C1:37:C7:66:D1:FA
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/6XglRA2ON2Vdkr4nb5bBN8dm0fo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
ab:64:57:77:16:44:76:86:58:da:85:39:a5:ec:c5:b1:29:53:
f1:bf:00:a2:2f:ef:6c:36:b7:67:66:e6:f0:1c:06:8f:f1:04:
d4:d6:ce:57:fd:b1:c0:13:84:0a:a0:e9:70:a7:d8:19:a4:0a:
16:74:14:b4:5a:ca:e5:55:49:98:0f:2e:5a:a8:43:59:b7:cf:
94:b2:5c:ae:69:98:a6:74:5c:7e:2c:4e:3b:97:9f:52:a1:38:
55:66:e7:58:9b:e3:a0:64:4c:80:70:0d:4b:8c:c9:f6:e7:83:
44:57:cc:aa:f4:39:d5:76:6c:70:14:6f:7a:2b:c7:a5:6f:7e:
25:4c:01:df:8b:60:a5:77:cb:fe:f1:60:a6:96:1f:c4:4c:d3:
2c:7d:85:80:26:d3:8f:6b:f8:4d:93:91:1f:15:db:5c:a7:9c:
e1:9d:2d:88:7d:2b:28:9c:07:91:0c:40:22:ea:f9:d7:3c:77:
4f:95:47:8a:c0:d1:34:3b:6c:19:d6:22:f0:45:84:f4:c5:9b:
cf:97:dc:da:3d:98:04:23:5c:f6:fd:bc:6d:ca:3b:fe:d4:dc:
d4:e2:37:ea:cc:01:a8:51:b4:55:20:f5:ae:72:3b:59:25:31:
9c:ca:26:e3:2a:b4:39:fe:3a:f4:97:62:c1:b0:66:35:59:d5:
69:8a:d4:e3
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICIM8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDQw
MTA4MzlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEU5NzgyNTQ0MEQ4RTM3
NjU1RDkyQkUyNzZGOTZDMTM3Qzc2NkQxRkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbQ0PwuXdpq8CQ32+pEay0JUFYBJPxXtcE5myIOGTFi/FS+S4p
vVVsPXMesMe3DljufxhLAsNAwkPp0jc/L4y002oVfHwF2lUHVht/yl1+5ogTf3iN
KFXK1XJSKM4X6r81lTQs0/T7PoeHL3vOzGmlzJCEwTG2QAy29bmQiAtmC77kByA+
rh9eMj+tUZNP8Lzah3BsuFWHgXoPp6FcKP+j++rOycieDZ9qzG3Ckzuf4C4CrGvh
ykOX1FcM7d4HL3pfG4ZBcWj3WSO0ujFbyCjP2QujvPE53kGfQ+8fkjskJxa5vAwS
FpWvcJjebZqwRrj6kSHyULq0vIV1ahqsRKNpAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQU6XglRA2ON2Vdkr4nb5bBN8dm0fowHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvNlhnbFJBMk9OMlZk
a3I0bmI1YkJOOGRtMGZvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAKtkV3cWRHaGWNqFOaXsxbEpU/G/
AKIv72w2t2dm5vAcBo/xBNTWzlf9scAThAqg6XCn2BmkChZ0FLRayuVVSZgPLlqo
Q1m3z5SyXK5pmKZ0XH4sTjuXn1KhOFVm51ib46BkTIBwDUuMyfbng0RXzKr0OdV2
bHAUb3orx6VvfiVMAd+LYKV3y/7xYKaWH8RM0yx9hYAm049r+E2TkR8V21ynnOGd
LYh9KyicB5EMQCLq+dc8d0+VR4rA0TQ7bBnWIvBFhPTFm8+X3No9mAQjXPb9vG3K
O/7U3NTiN+rMAahRtFUg9a5yO1klMZzKJuMqtDn+OvSXYsGwZjVZ1WmK1OM=
-----END CERTIFICATE-----
Generated at Sun Jun 15 10:09:22 2025 by rpki-client