Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/9Sg8G9uRJQ_XlZ0_pvsE3xmX8N0.roa
File: 9Sg8G9uRJQ_XlZ0_pvsE3xmX8N0.roa (raw, json)
Hash identifier: iHVgK+51tasvVLNzj9dUWeSzdEiRSkEZQ0eIYU55d+A=
Subject key identifier: F5:28:3C:1B:DB:91:25:0F:D7:95:9D:3F:A6:FB:04:DF:19:97:F0:DD
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 1C70
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/9Sg8G9uRJQ_XlZ0_pvsE3xmX8N0.roa
Signing time: Tue 27 May 2025 06:38:09 +0000
ROA not before: Tue 27 May 2025 06:38:09 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7280 (0x1c70)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: May 27 06:38:09 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=F5283C1BDB91250FD7959D3FA6FB04DF1997F0DD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:38:77:2d:64:ec:8a:15:a6:a7:a0:51:ab:7e:
e6:2c:ac:aa:c7:39:08:1d:ba:17:62:48:7d:4c:26:
32:03:c4:be:1d:44:cf:1e:cc:15:06:d7:78:6d:b4:
1d:44:d9:9d:10:7e:98:49:57:f8:79:9c:8f:b3:38:
63:db:d3:e3:6a:4d:2e:c2:0d:5c:4b:18:c6:bc:8f:
8e:c2:75:5d:6e:c2:57:f9:d3:bf:d2:aa:fb:25:41:
35:de:0d:14:54:df:a4:b6:d5:df:49:f6:52:6b:eb:
3c:71:39:ee:9f:6d:21:09:22:fe:57:60:61:86:49:
09:8a:6a:8e:b8:44:5d:9c:7b:dd:e6:3f:bf:b2:89:
46:4c:cf:78:83:f1:73:4e:ef:b2:5d:56:3f:76:92:
00:64:49:9a:2e:7b:6e:27:63:67:60:16:da:82:f0:
07:be:ed:55:72:2b:e9:d0:27:06:44:48:a6:7c:6a:
be:f2:22:85:2f:79:9f:2b:aa:69:1c:59:0d:e2:b6:
b9:a9:e5:a4:04:73:ae:84:d4:c2:e7:07:bc:f4:cd:
f2:68:78:0d:22:5a:ee:bd:36:a0:ec:df:13:b1:b9:
ce:79:0e:f3:25:d9:86:ad:8e:71:d6:0a:53:4d:a5:
66:b8:30:4c:1e:32:ec:c8:f4:13:ca:ba:a5:9d:59:
f9:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:28:3C:1B:DB:91:25:0F:D7:95:9D:3F:A6:FB:04:DF:19:97:F0:DD
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/9Sg8G9uRJQ_XlZ0_pvsE3xmX8N0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
1c:17:0e:2e:8a:2f:cd:c9:28:2a:74:5f:f2:a8:0e:5b:0e:42:
0d:bb:85:99:02:68:1f:4d:59:98:bf:3b:4b:22:e9:12:cb:ae:
32:df:47:ce:0f:e5:00:bb:0e:14:48:c0:c7:86:d4:58:f9:b3:
4f:9d:7b:b5:92:b8:09:18:3f:57:73:d5:15:e4:11:f1:9d:be:
fc:82:1a:04:d2:9b:d8:3b:03:db:b1:9b:b3:26:f2:28:40:25:
a8:e3:83:cc:e6:e5:b5:0d:d7:36:0b:99:3e:37:b9:1e:97:fc:
1f:66:83:ab:af:8b:63:3c:a7:63:f5:60:20:6b:8a:40:40:0f:
94:97:50:e6:8c:15:75:50:67:7c:11:b5:a0:9c:bf:00:fd:03:
34:f3:c7:36:b7:ce:07:12:09:03:05:94:47:53:9d:85:5e:24:
33:65:c7:8b:82:3f:1c:6e:51:28:7b:29:0d:bc:cc:86:9b:04:
03:78:24:93:b2:02:81:4f:05:90:c6:38:31:f4:9d:be:03:a0:
56:ad:f7:93:0a:d6:e9:dd:87:34:aa:32:44:ae:22:99:ca:5d:
08:8f:9c:0f:e6:68:62:a0:a6:3e:a8:53:bc:93:67:6a:28:1a:
25:ec:3a:74:94:da:60:c6:34:d7:b1:d9:4c:bd:c9:26:5a:22:
84:ec:77:5b
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICHHAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA1Mjcw
NjM4MDlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEY1MjgzQzFCREI5MTI1
MEZENzk1OUQzRkE2RkIwNERGMTk5N0YwREQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDaOHctZOyKFaanoFGrfuYsrKrHOQgduhdiSH1MJjIDxL4dRM8e
zBUG13httB1E2Z0QfphJV/h5nI+zOGPb0+NqTS7CDVxLGMa8j47CdV1uwlf507/S
qvslQTXeDRRU36S21d9J9lJr6zxxOe6fbSEJIv5XYGGGSQmKao64RF2ce93mP7+y
iUZMz3iD8XNO77JdVj92kgBkSZoue24nY2dgFtqC8Ae+7VVyK+nQJwZESKZ8ar7y
IoUveZ8rqmkcWQ3itrmp5aQEc66E1MLnB7z0zfJoeA0iWu69NqDs3xOxuc55DvMl
2YatjnHWClNNpWa4MEweMuzI9BPKuqWdWfmdAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQU9Sg8G9uRJQ/XlZ0/pvsE3xmX8N0wHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvOVNnOEc5dVJKUV9Y
bFowX3B2c0UzeG1YOE4wLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBABwXDi6KL83JKCp0X/KoDlsOQg27
hZkCaB9NWZi/O0si6RLLrjLfR84P5QC7DhRIwMeG1Fj5s0+de7WSuAkYP1dz1RXk
EfGdvvyCGgTSm9g7A9uxm7Mm8ihAJajjg8zm5bUN1zYLmT43uR6X/B9mg6uvi2M8
p2P1YCBrikBAD5SXUOaMFXVQZ3wRtaCcvwD9AzTzxza3zgcSCQMFlEdTnYVeJDNl
x4uCPxxuUSh7KQ28zIabBAN4JJOyAoFPBZDGODH0nb4DoFat95MK1undhzSqMkSu
IpnKXQiPnA/maGKgpj6oU7yTZ2ooGiXsOnSU2mDGNNex2Uy9ySZaIoTsd1s=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:30:12 2025 by rpki-client