Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/GLUSM5RzxvYvKitNPhXVAf6-nOA.roa
File: GLUSM5RzxvYvKitNPhXVAf6-nOA.roa (raw, json)
Hash identifier: fMV/D6oOIaUez3Gnibolo0Ns3g8KMfQiL9c4MQq6V2g=
Subject key identifier: 18:B5:12:33:94:73:C6:F6:2F:2A:2B:4D:3E:15:D5:01:FE:BE:9C:E0
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 25FD
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/GLUSM5RzxvYvKitNPhXVAf6-nOA.roa
Signing time: Fri 13 Jun 2025 06:09:13 +0000
ROA not before: Fri 13 Jun 2025 06:09:13 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9725 (0x25fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 13 06:09:13 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=18B512339473C6F62F2A2B4D3E15D501FEBE9CE0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:17:8d:27:a6:f9:9d:a0:47:46:03:8b:b8:a3:
91:37:4f:6f:c6:c9:d6:e9:0f:a9:b5:ee:6e:37:bc:
bc:f2:44:7b:a7:cd:31:33:5d:3e:08:2a:9b:5c:84:
8a:18:c5:82:b9:6a:2e:44:8f:0e:8c:7c:6d:06:a2:
f2:35:97:b3:af:0b:8b:3c:32:f6:ba:5c:31:d3:01:
2d:08:be:00:04:47:89:17:51:7b:d6:9c:79:8d:6c:
e3:8f:e9:1e:7d:85:27:2e:f0:b4:6a:ec:f7:77:bc:
2d:7e:84:19:91:07:a6:f0:fe:9b:76:f9:23:dd:61:
60:6f:3c:5a:cf:4b:92:c6:4b:05:c0:17:dc:ac:92:
df:07:d1:56:20:d2:0c:0b:6a:a7:c0:d0:fc:b1:f9:
55:68:37:c3:da:e6:b0:09:fb:ee:03:ad:59:ef:30:
8e:8c:bc:de:58:bf:aa:12:45:fb:76:36:84:44:5b:
0b:21:95:a6:56:6b:7a:1a:98:c5:4a:88:1f:23:eb:
34:18:03:58:93:bd:ea:a3:89:9c:3d:c8:ff:ed:fa:
d1:e1:8f:b4:27:c3:b7:02:10:b5:df:6c:86:90:51:
e7:08:62:89:2f:32:b8:1d:c8:28:26:d1:73:7e:78:
1b:07:bb:0f:89:fb:6d:da:ad:a5:9f:74:2f:c1:3c:
8e:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:B5:12:33:94:73:C6:F6:2F:2A:2B:4D:3E:15:D5:01:FE:BE:9C:E0
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/GLUSM5RzxvYvKitNPhXVAf6-nOA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
3c:d0:25:83:4e:95:7c:91:ed:00:76:fa:3d:78:ad:a3:62:a8:
8f:20:aa:4f:f4:ae:9c:76:c1:88:78:92:70:03:af:43:e5:5c:
da:c1:94:c8:73:fa:f2:b2:5c:cd:35:37:b3:67:a7:db:de:a0:
ea:f4:7a:86:a7:bd:61:67:58:47:24:85:00:70:e4:fa:11:f6:
b9:a0:5f:a2:c1:da:e0:91:93:60:08:20:1b:18:e8:5b:82:65:
0a:05:ed:cd:3a:4a:a0:9a:24:8b:de:db:e6:f2:14:70:ca:f8:
5d:65:ae:6f:05:a3:54:f1:70:a4:8a:07:f2:fc:b2:9d:8d:63:
68:6c:34:9a:9e:b6:48:7a:57:24:e0:18:7c:7a:89:92:8a:20:
f9:7c:09:b5:42:e9:56:ab:bd:09:f7:1b:aa:b1:bf:85:1b:0a:
e8:f5:4d:c7:59:a3:6a:03:ba:d6:e3:af:ac:c7:af:7a:d3:f9:
38:18:cd:81:f5:d9:db:f6:4a:a2:8e:eb:34:3e:62:f4:b6:42:
21:3a:58:76:5e:e9:62:26:60:1a:e1:6c:27:5c:fa:8b:e2:90:
de:87:04:57:ba:cf:f6:a5:2a:89:5b:0e:52:01:7a:77:cf:50:
c0:65:7e:6e:cd:c5:51:71:b0:98:90:23:4a:cf:5d:76:c1:f3:
3c:93:3b:01
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICJf0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MTMw
NjA5MTNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDE4QjUxMjMzOTQ3M0M2
RjYyRjJBMkI0RDNFMTVENTAxRkVCRTlDRTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwF40npvmdoEdGA4u4o5E3T2/GydbpD6m17m43vLzyRHunzTEz
XT4IKptchIoYxYK5ai5Ejw6MfG0GovI1l7OvC4s8Mva6XDHTAS0IvgAER4kXUXvW
nHmNbOOP6R59hScu8LRq7Pd3vC1+hBmRB6bw/pt2+SPdYWBvPFrPS5LGSwXAF9ys
kt8H0VYg0gwLaqfA0Pyx+VVoN8Pa5rAJ++4DrVnvMI6MvN5Yv6oSRft2NoREWwsh
laZWa3oamMVKiB8j6zQYA1iTveqjiZw9yP/t+tHhj7Qnw7cCELXfbIaQUecIYokv
MrgdyCgm0XN+eBsHuw+J+23araWfdC/BPI4JAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUGLUSM5RzxvYvKitNPhXVAf6+nOAwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvR0xVU001Unp4dll2
S2l0TlBoWFZBZjYtbk9BLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBADzQJYNOlXyR7QB2+j14raNiqI8g
qk/0rpx2wYh4knADr0PlXNrBlMhz+vKyXM01N7Nnp9veoOr0eoanvWFnWEckhQBw
5PoR9rmgX6LB2uCRk2AIIBsY6FuCZQoF7c06SqCaJIve2+byFHDK+F1lrm8Fo1Tx
cKSKB/L8sp2NY2hsNJqetkh6VyTgGHx6iZKKIPl8CbVC6VarvQn3G6qxv4UbCuj1
TcdZo2oDutbjr6zHr3rT+TgYzYH12dv2SqKO6zQ+YvS2QiE6WHZe6WImYBrhbCdc
+ovikN6HBFe6z/alKolbDlIBenfPUMBlfm7NxVFxsJiQI0rPXXbB8zyTOwE=
-----END CERTIFICATE-----
Generated at Fri Jun 20 19:44:58 2025 by rpki-client