Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/MedGTnNbSPdIaphd81Np9I4sDVo.roa
File: MedGTnNbSPdIaphd81Np9I4sDVo.roa (raw, json)
Hash identifier: AWfkhOwvAUYrrnSaUyoAE7H8FSax8shaKhe38pq7WKM=
Subject key identifier: 31:E7:46:4E:73:5B:48:F7:48:6A:98:5D:F3:53:69:F4:8E:2C:0D:5A
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 2552
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/MedGTnNbSPdIaphd81Np9I4sDVo.roa
Signing time: Thu 12 Jun 2025 01:39:11 +0000
ROA not before: Thu 12 Jun 2025 01:39:11 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9554 (0x2552)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 12 01:39:11 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=31E7464E735B48F7486A985DF35369F48E2C0D5A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:76:29:15:d5:6a:fc:7a:2c:19:34:ae:5f:9b:
4a:aa:4f:3e:98:3d:bd:54:cf:9a:06:fe:e3:c2:24:
62:51:50:01:85:f8:6a:0b:5c:89:39:8a:60:36:a0:
10:e5:56:e8:bb:b7:04:17:84:0f:9b:fa:4e:bd:f3:
b1:6d:df:9b:a8:e8:d5:56:b2:54:c5:8d:ab:1c:29:
30:14:60:b4:13:21:c2:63:2d:5e:df:64:38:77:5b:
39:d7:98:bd:6e:f7:58:bc:ec:cb:6a:e8:e3:12:00:
43:05:41:0b:2f:81:dc:09:5f:ac:43:9a:86:c1:df:
d0:ba:44:25:12:67:88:56:92:9b:14:b5:07:db:2a:
e7:c6:4b:6f:1d:93:45:a3:3d:6c:f3:bf:7b:22:77:
b5:09:70:2a:3f:dc:19:f4:96:f4:cf:29:4a:25:63:
c7:0b:a0:50:6c:bd:bf:cb:70:9d:74:43:f5:a9:f8:
73:ca:90:cd:95:b0:80:88:2d:53:41:18:02:52:91:
2e:29:45:fa:3c:66:cb:7c:52:25:5f:e5:02:2c:d1:
80:af:a7:d4:27:4c:28:b8:0d:5f:22:c6:f0:d1:b2:
d0:26:2c:c3:c8:b2:3b:b1:f6:d1:c7:3a:6c:e6:43:
c4:79:62:15:0a:06:9c:a3:c0:06:fa:f4:fe:53:44:
3a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:E7:46:4E:73:5B:48:F7:48:6A:98:5D:F3:53:69:F4:8E:2C:0D:5A
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/MedGTnNbSPdIaphd81Np9I4sDVo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
4f:98:14:cb:ba:0b:04:10:6c:27:d8:fc:af:45:c4:af:0e:5c:
96:b4:cf:cd:60:0c:ab:ce:f4:56:ae:85:a7:e0:82:f2:40:28:
c1:80:52:1d:d8:d5:c3:82:1e:69:7c:c8:78:ec:ee:88:33:e8:
db:67:7e:8e:5b:13:e0:af:dd:9c:6a:53:33:ce:19:e8:16:cf:
53:9f:c2:c1:b2:f4:20:ab:88:a0:4c:01:d6:0e:6f:27:0f:49:
8e:d2:37:1a:50:ff:1a:89:19:41:dd:b8:44:6a:0c:63:7c:5a:
d2:a4:bb:a3:f1:8d:ba:fa:0d:b8:e8:80:1a:32:e1:0b:d4:e3:
c4:e1:ed:a3:78:47:fe:81:50:f7:13:e3:18:fa:36:c6:4d:e4:
e9:43:5b:f2:11:a7:d2:1d:80:f3:0d:11:51:2c:14:f0:af:4f:
7d:6d:be:11:d0:01:0b:82:8b:a7:bb:7f:c0:59:3c:b0:72:b1:
00:1e:14:bc:3d:f6:df:cf:e6:0c:cb:a0:e6:06:96:95:be:01:
a3:d1:69:de:0e:bb:cf:5b:ea:d0:91:8c:fe:06:bc:e6:d1:43:
b8:c3:0c:08:aa:eb:04:8f:c5:04:1e:47:af:6c:dc:34:df:24:
d3:ba:d9:9b:be:8b:54:dd:5c:10:e8:b8:0c:94:0a:b9:a2:c7:
68:3c:48:97
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICJVIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MTIw
MTM5MTFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDMxRTc0NjRFNzM1QjQ4
Rjc0ODZBOTg1REYzNTM2OUY0OEUyQzBENUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDndikV1Wr8eiwZNK5fm0qqTz6YPb1Uz5oG/uPCJGJRUAGF+GoL
XIk5imA2oBDlVui7twQXhA+b+k6987Ft35uo6NVWslTFjascKTAUYLQTIcJjLV7f
ZDh3WznXmL1u91i87Mtq6OMSAEMFQQsvgdwJX6xDmobB39C6RCUSZ4hWkpsUtQfb
KufGS28dk0WjPWzzv3sid7UJcCo/3Bn0lvTPKUolY8cLoFBsvb/LcJ10Q/Wp+HPK
kM2VsICILVNBGAJSkS4pRfo8Zst8UiVf5QIs0YCvp9QnTCi4DV8ixvDRstAmLMPI
sjux9tHHOmzmQ8R5YhUKBpyjwAb69P5TRDqJAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUMedGTnNbSPdIaphd81Np9I4sDVowHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvTWVkR1RuTmJTUGRJ
YXBoZDgxTnA5STRzRFZvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAE+YFMu6CwQQbCfY/K9FxK8OXJa0
z81gDKvO9FauhafggvJAKMGAUh3Y1cOCHml8yHjs7ogz6Ntnfo5bE+Cv3ZxqUzPO
GegWz1OfwsGy9CCriKBMAdYObycPSY7SNxpQ/xqJGUHduERqDGN8WtKku6Pxjbr6
DbjogBoy4QvU48Th7aN4R/6BUPcT4xj6NsZN5OlDW/IRp9IdgPMNEVEsFPCvT31t
vhHQAQuCi6e7f8BZPLBysQAeFLw99t/P5gzLoOYGlpW+AaPRad4Ou89b6tCRjP4G
vObRQ7jDDAiq6wSPxQQeR69s3DTfJNO62Zu+i1TdXBDouAyUCrmix2g8SJc=
-----END CERTIFICATE-----
Generated at Sun Jun 22 05:02:06 2025 by rpki-client