Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/AaLK7p4hwbLqxn0H3o8hgx4SD4w.roa
File: AaLK7p4hwbLqxn0H3o8hgx4SD4w.roa (raw, json)
Hash identifier: hCcXBAnHXdHDiaUdCYHapKD6hu+U24tJ/7146RwYuig=
Subject key identifier: 01:A2:CA:EE:9E:21:C1:B2:EA:C6:7D:07:DE:8F:21:83:1E:12:0F:8C
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 1FB0
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/AaLK7p4hwbLqxn0H3o8hgx4SD4w.roa
Signing time: Mon 02 Jun 2025 01:08:35 +0000
ROA not before: Mon 02 Jun 2025 01:08:35 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8112 (0x1fb0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 2 01:08:35 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=01A2CAEE9E21C1B2EAC67D07DE8F21831E120F8C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8b:19:e2:1d:9f:b6:1f:ef:93:53:e3:e8:e0:
bb:91:86:45:69:7b:5c:c3:4b:43:67:b1:8c:6d:1e:
f0:7b:64:50:89:40:ea:eb:05:17:91:5d:c5:ce:26:
b0:6e:68:ba:1b:f7:b2:82:1a:ed:97:66:0a:cd:7e:
2b:a8:c1:ff:7d:8d:04:f4:d4:14:97:c5:a2:41:25:
f1:d1:e4:d5:80:a2:ae:d0:d6:06:51:4e:5a:c9:14:
9e:ec:36:35:4f:7d:e0:17:c0:48:cf:c0:f4:e8:de:
97:98:69:fc:76:c3:12:89:d2:9b:85:e0:3f:92:ca:
b1:25:d2:04:d6:ea:8f:85:5a:cc:ed:67:fa:a8:86:
61:50:71:cb:7c:b9:5a:00:d4:86:65:b5:de:2d:2c:
cb:80:71:b5:22:02:3e:7b:5a:a3:c6:9a:0f:b5:c0:
49:72:62:83:2a:30:d5:a3:32:61:2e:da:ae:eb:47:
15:2d:95:98:b5:2e:8f:d2:3a:ef:1c:67:62:36:a6:
b3:c1:84:42:11:40:b2:16:10:a8:4e:5b:46:ef:c1:
03:0c:58:e0:b7:b3:eb:4f:3f:f8:1b:4e:f9:bb:66:
29:ae:8c:41:0c:c2:8d:7c:29:64:f6:75:31:c7:7b:
8b:5a:e0:44:b1:18:59:97:c3:37:1f:71:f7:1f:16:
8b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:A2:CA:EE:9E:21:C1:B2:EA:C6:7D:07:DE:8F:21:83:1E:12:0F:8C
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/AaLK7p4hwbLqxn0H3o8hgx4SD4w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
96:ee:67:23:a7:b5:31:0d:ed:3a:62:c6:6c:6a:a1:26:79:61:
8b:46:a4:59:1b:03:ef:3c:bc:a9:29:9f:d3:db:bc:dc:41:dc:
23:54:56:db:f6:d5:5a:b9:aa:04:8d:c7:cd:cd:82:70:3f:db:
ee:14:dd:01:c4:39:2e:cc:b6:a4:d5:f1:28:50:15:30:05:d3:
b4:3b:d6:4d:7c:94:db:76:12:84:95:c4:8c:86:cb:b6:38:b4:
22:14:a6:ac:a8:50:49:4c:f5:97:82:82:89:e4:0b:71:41:79:
ac:9e:41:9e:83:ce:4c:ca:c1:d8:37:f1:da:97:47:64:ea:7d:
44:59:f7:84:7a:27:b6:c3:98:97:72:00:40:9e:e7:b1:4d:32:
d0:1c:8f:90:9a:3e:79:2a:3f:7e:93:49:ea:71:87:8d:da:f7:
7c:ef:7f:d5:a0:4d:80:cc:25:9c:7c:24:ae:45:50:0c:a2:99:
09:67:f0:93:84:07:e0:0e:86:39:81:0f:92:4d:bc:48:b6:fe:
b4:a5:71:cb:3b:f4:d7:ba:da:26:e0:92:e6:04:6f:3b:0d:cc:
41:f2:86:62:04:82:42:47:0a:18:46:a3:b3:2f:fc:bd:40:4c:
44:db:0e:6f:12:6c:03:68:32:53:ef:27:38:f8:66:8e:6d:cb:
08:6b:90:35
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICH7AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDIw
MTA4MzVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDAxQTJDQUVFOUUyMUMx
QjJFQUM2N0QwN0RFOEYyMTgzMUUxMjBGOEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtixniHZ+2H++TU+Po4LuRhkVpe1zDS0NnsYxtHvB7ZFCJQOrr
BReRXcXOJrBuaLob97KCGu2XZgrNfiuowf99jQT01BSXxaJBJfHR5NWAoq7Q1gZR
TlrJFJ7sNjVPfeAXwEjPwPTo3peYafx2wxKJ0puF4D+SyrEl0gTW6o+FWsztZ/qo
hmFQcct8uVoA1IZltd4tLMuAcbUiAj57WqPGmg+1wElyYoMqMNWjMmEu2q7rRxUt
lZi1Lo/SOu8cZ2I2prPBhEIRQLIWEKhOW0bvwQMMWOC3s+tPP/gbTvm7ZimujEEM
wo18KWT2dTHHe4ta4ESxGFmXwzcfcfcfFovXAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUAaLK7p4hwbLqxn0H3o8hgx4SD4wwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvQWFMSzdwNGh3Ykxx
eG4wSDNvOGhneDRTRDR3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAJbuZyOntTEN7TpixmxqoSZ5YYtG
pFkbA+88vKkpn9PbvNxB3CNUVtv21Vq5qgSNx83NgnA/2+4U3QHEOS7MtqTV8ShQ
FTAF07Q71k18lNt2EoSVxIyGy7Y4tCIUpqyoUElM9ZeCgonkC3FBeayeQZ6DzkzK
wdg38dqXR2TqfURZ94R6J7bDmJdyAECe57FNMtAcj5CaPnkqP36TSepxh43a93zv
f9WgTYDMJZx8JK5FUAyimQln8JOEB+AOhjmBD5JNvEi2/rSlccs79Ne62ibgkuYE
bzsNzEHyhmIEgkJHChhGo7Mv/L1ATETbDm8SbANoMlPvJzj4Zo5tywhrkDU=
-----END CERTIFICATE-----
Generated at Sun Jun 15 10:20:53 2025 by rpki-client