Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/9PVrN0IkppMLmipnvrBGFrnVhcU.roa
File: 9PVrN0IkppMLmipnvrBGFrnVhcU.roa (raw, json)
Hash identifier: kEDqvWwRb3Gb4WDiFb0zPlsadQRMd0M/2ACn81RRSfE=
Subject key identifier: F4:F5:6B:37:42:24:A6:93:0B:9A:2A:67:BE:B0:46:16:B9:D5:85:C5
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 24C0
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/9PVrN0IkppMLmipnvrBGFrnVhcU.roa
Signing time: Wed 11 Jun 2025 01:09:10 +0000
ROA not before: Wed 11 Jun 2025 01:09:10 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9408 (0x24c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 11 01:09:10 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=F4F56B374224A6930B9A2A67BEB04616B9D585C5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:a2:c3:20:fe:cc:29:4d:71:0f:17:8e:7c:17:
1e:99:cc:35:29:35:b9:0f:d4:f2:d8:07:a0:22:d8:
ad:02:66:c7:3e:c0:4d:6c:66:9c:ea:c7:54:53:f2:
0e:bf:77:18:b7:be:ab:49:db:a8:cf:5b:a3:05:b0:
99:d8:da:41:57:83:17:80:8e:db:14:a8:55:e6:15:
71:52:b4:a6:72:77:1a:dc:4b:79:91:f1:4a:cd:66:
13:b5:5a:91:7e:63:12:19:6c:33:1b:d7:7b:f3:de:
f7:d8:a7:bc:42:5d:7e:5a:8e:be:eb:7d:a6:0f:48:
4b:05:1f:51:9e:7b:72:84:53:8e:63:21:44:d1:77:
57:5c:4b:ba:7e:a9:b8:de:16:04:e0:57:a1:ec:fe:
73:8e:7a:79:14:3b:7e:5b:87:69:de:ec:d5:61:5c:
d4:71:38:68:c8:27:25:d3:8e:04:ac:0e:2b:99:9d:
7d:21:6c:16:86:29:4a:65:80:8a:4c:ac:7d:0d:93:
3b:2d:70:09:39:6e:2d:4c:3e:a6:63:7f:12:4b:b3:
db:a8:8f:02:7f:8d:60:cb:f6:be:2b:2f:70:3d:62:
ef:f1:45:15:48:66:07:3d:02:62:a2:d9:5d:93:17:
17:c7:04:0f:aa:85:1b:0c:b2:3b:7a:67:d8:6a:99:
7c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:F5:6B:37:42:24:A6:93:0B:9A:2A:67:BE:B0:46:16:B9:D5:85:C5
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/9PVrN0IkppMLmipnvrBGFrnVhcU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
24:d6:40:8b:a3:48:55:8c:c9:d0:13:9a:c9:03:e5:15:2b:4e:
69:15:02:dc:ee:25:8b:d6:d7:ad:54:ca:e3:59:67:f5:39:7d:
48:0d:58:60:17:c6:3c:ea:2a:10:a7:2e:1d:83:47:e8:91:21:
00:db:a3:1b:26:f0:81:36:4f:de:95:fd:e0:56:83:85:85:42:
a8:98:78:8d:23:de:7f:fc:6a:c6:65:c1:67:14:de:38:9b:96:
75:a8:83:04:13:4f:e0:32:68:63:92:a7:f5:25:ae:2f:f9:03:
c8:a3:75:da:44:50:82:16:a7:a0:57:25:63:59:e2:af:a7:df:
ca:ec:ce:84:23:4f:63:32:1c:a0:ee:61:97:05:39:0b:f6:c0:
bc:f2:67:ac:96:ed:cd:60:1f:2f:39:1d:4d:7b:b3:fc:b5:fd:
e7:38:39:92:19:05:41:f0:77:40:75:95:83:70:4e:21:ed:ea:
24:cf:d2:ac:69:0a:65:67:61:b1:c9:fb:b7:93:02:e8:81:95:
44:29:08:79:ee:6c:f3:1c:6c:7e:32:27:35:a3:a5:e7:0c:7c:
d0:06:27:66:21:6e:0a:e0:3c:ab:7d:10:04:eb:cd:47:c8:f7:
54:5a:29:85:4c:6a:c8:6e:cf:0f:b6:f4:73:06:c4:6d:b9:a3:
24:7c:54:f7
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICJMAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MTEw
MTA5MTBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEY0RjU2QjM3NDIyNEE2
OTMwQjlBMkE2N0JFQjA0NjE2QjlENTg1QzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmosMg/swpTXEPF458Fx6ZzDUpNbkP1PLYB6Ai2K0CZsc+wE1s
Zpzqx1RT8g6/dxi3vqtJ26jPW6MFsJnY2kFXgxeAjtsUqFXmFXFStKZydxrcS3mR
8UrNZhO1WpF+YxIZbDMb13vz3vfYp7xCXX5ajr7rfaYPSEsFH1Gee3KEU45jIUTR
d1dcS7p+qbjeFgTgV6Hs/nOOenkUO35bh2ne7NVhXNRxOGjIJyXTjgSsDiuZnX0h
bBaGKUplgIpMrH0NkzstcAk5bi1MPqZjfxJLs9uojwJ/jWDL9r4rL3A9Yu/xRRVI
Zgc9AmKi2V2TFxfHBA+qhRsMsjt6Z9hqmXy1AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQU9PVrN0IkppMLmipnvrBGFrnVhcUwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvOVBWck4wSWtwcE1M
bWlwbnZyQkdGcm5WaGNVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBACTWQIujSFWMydATmskD5RUrTmkV
AtzuJYvW161UyuNZZ/U5fUgNWGAXxjzqKhCnLh2DR+iRIQDboxsm8IE2T96V/eBW
g4WFQqiYeI0j3n/8asZlwWcU3jiblnWogwQTT+AyaGOSp/Ulri/5A8ijddpEUIIW
p6BXJWNZ4q+n38rszoQjT2MyHKDuYZcFOQv2wLzyZ6yW7c1gHy85HU17s/y1/ec4
OZIZBUHwd0B1lYNwTiHt6iTP0qxpCmVnYbHJ+7eTAuiBlUQpCHnubPMcbH4yJzWj
pecMfNAGJ2YhbgrgPKt9EATrzUfI91RaKYVMashuzw+29HMGxG25oyR8VPc=
-----END CERTIFICATE-----
Generated at Sun Jun 22 05:04:21 2025 by rpki-client