Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/IfAAo1IqRxvyKuzWFsaJ_qZFLXc.roa
File: IfAAo1IqRxvyKuzWFsaJ_qZFLXc.roa (raw, json)
Hash identifier: 9WXq+8KD/9/3xmoyJhpU4LeP0wZCn84TiwWNLjXlIt0=
Subject key identifier: 21:F0:00:A3:52:2A:47:1B:F2:2A:EC:D6:16:C6:89:FE:A6:45:2D:77
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 2394
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/IfAAo1IqRxvyKuzWFsaJ_qZFLXc.roa
Signing time: Sun 08 Jun 2025 23:08:57 +0000
ROA not before: Sun 08 Jun 2025 23:08:57 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9108 (0x2394)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 8 23:08:57 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=21F000A3522A471BF22AECD616C689FEA6452D77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:10:65:be:eb:e4:62:90:7d:8c:ed:a3:a9:76:
83:f5:43:db:2d:4b:69:e6:5b:9f:84:42:98:2c:6d:
bf:a8:46:de:ee:fe:42:4d:af:4c:d6:94:4c:55:9b:
e5:45:88:42:56:0e:81:dc:d8:91:31:43:48:67:3e:
6f:5b:4c:f3:f2:61:08:e3:76:76:07:17:9d:af:c9:
17:55:db:10:0a:71:b8:10:c6:05:f8:0a:f5:c4:de:
b1:52:de:b2:db:3e:30:a7:86:fb:f0:7f:a7:d2:46:
60:db:6a:2f:be:e4:7a:30:ba:5e:36:5e:ea:40:4f:
5c:a4:c7:0d:fe:e9:75:db:34:3e:aa:a5:60:90:50:
ab:5b:a4:f4:82:9f:2c:86:c8:d8:fe:b0:d6:6d:d4:
c0:ef:8c:5d:f5:89:04:04:96:cb:8e:07:c1:ac:37:
d0:62:7f:e2:bf:1f:fd:64:c1:d4:0f:ac:29:1d:20:
e1:07:44:37:4a:91:42:d0:cc:b0:8f:6d:df:f0:24:
60:39:48:7f:a9:ad:bc:e7:2b:d6:8b:e2:27:42:79:
7b:f1:e2:fc:4b:5f:53:54:38:cf:60:9c:9f:67:6c:
9c:8d:f2:f9:c8:a3:5e:ae:11:98:2c:23:05:81:e6:
ad:1d:8a:64:26:72:31:7c:10:ce:fd:2b:c7:f3:d6:
ff:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:F0:00:A3:52:2A:47:1B:F2:2A:EC:D6:16:C6:89:FE:A6:45:2D:77
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/IfAAo1IqRxvyKuzWFsaJ_qZFLXc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
3d:ca:81:4d:43:4a:4a:d4:43:00:57:ca:35:6f:e1:63:ad:57:
30:7d:c4:83:7f:92:a0:48:84:1a:b4:5a:32:9c:38:0d:14:95:
a5:e6:d8:e9:95:77:db:47:2b:33:98:81:b3:73:ba:b8:57:3f:
d5:a8:88:9d:a0:ec:cf:c3:72:7c:d4:32:24:92:34:63:93:96:
9e:49:ed:9f:a7:80:ec:2e:a4:42:b9:1b:3b:5c:fe:ae:6a:b1:
a3:a1:5b:22:db:3d:61:b2:9e:7e:15:9b:46:99:b4:f4:3f:ee:
2b:fb:17:ed:d5:b2:9a:93:71:44:c1:d2:a8:29:50:ca:43:6d:
be:7a:f5:de:50:81:d4:f2:fc:e3:59:b6:ca:7b:17:fd:d3:cc:
46:6b:b5:d9:d7:eb:60:c5:42:27:13:fd:62:d6:2c:96:a0:79:
63:f3:2f:40:3d:c2:e8:bc:96:e8:bf:d1:9d:1e:58:37:cf:e8:
93:62:dc:fc:e6:ae:c9:8a:d5:09:35:c5:76:d9:b7:d5:45:3c:
a2:7e:12:3e:17:cb:ba:49:39:3f:7d:6f:03:92:eb:fd:29:82:
a0:96:03:24:80:35:a2:f2:3d:74:f1:e6:1f:b5:a5:f0:c6:90:
d8:68:99:21:32:d3:c8:66:0c:dd:0c:6b:ba:ae:39:f8:bf:62:
5b:6f:29:6f
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICI5QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDgy
MzA4NTdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDIxRjAwMEEzNTIyQTQ3
MUJGMjJBRUNENjE2QzY4OUZFQTY0NTJENzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsEGW+6+RikH2M7aOpdoP1Q9stS2nmW5+EQpgsbb+oRt7u/kJN
r0zWlExVm+VFiEJWDoHc2JExQ0hnPm9bTPPyYQjjdnYHF52vyRdV2xAKcbgQxgX4
CvXE3rFS3rLbPjCnhvvwf6fSRmDbai++5Howul42XupAT1ykxw3+6XXbND6qpWCQ
UKtbpPSCnyyGyNj+sNZt1MDvjF31iQQElsuOB8GsN9Bif+K/H/1kwdQPrCkdIOEH
RDdKkULQzLCPbd/wJGA5SH+prbznK9aL4idCeXvx4vxLX1NUOM9gnJ9nbJyN8vnI
o16uEZgsIwWB5q0dimQmcjF8EM79K8fz1v9hAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUIfAAo1IqRxvyKuzWFsaJ/qZFLXcwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvSWZBQW8xSXFSeHZ5
S3V6V0ZzYUpfcVpGTFhjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAD3KgU1DSkrUQwBXyjVv4WOtVzB9
xIN/kqBIhBq0WjKcOA0UlaXm2OmVd9tHKzOYgbNzurhXP9WoiJ2g7M/DcnzUMiSS
NGOTlp5J7Z+ngOwupEK5Gztc/q5qsaOhWyLbPWGynn4Vm0aZtPQ/7iv7F+3VspqT
cUTB0qgpUMpDbb569d5QgdTy/ONZtsp7F/3TzEZrtdnX62DFQicT/WLWLJageWPz
L0A9wui8lui/0Z0eWDfP6JNi3PzmrsmK1Qk1xXbZt9VFPKJ+Ej4Xy7pJOT99bwOS
6/0pgqCWAySANaLyPXTx5h+1pfDGkNhomSEy08hmDN0Ma7quOfi/YltvKW8=
-----END CERTIFICATE-----
Generated at Sun Jun 15 10:10:02 2025 by rpki-client