Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/NExLjux8NhFVx-DG08b-KFWzJVs.roa
File: NExLjux8NhFVx-DG08b-KFWzJVs.roa (raw, json)
Hash identifier: XVof/9y/RHiDiUDCUJ9kBmltrjes2JXDEqYMEdB8Zik=
Subject key identifier: 34:4C:4B:8E:EC:7C:36:11:55:C7:E0:C6:D3:C6:FE:28:55:B3:25:5B
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 1C5E
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/NExLjux8NhFVx-DG08b-KFWzJVs.roa
Signing time: Tue 27 May 2025 03:38:08 +0000
ROA not before: Tue 27 May 2025 03:38:08 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7262 (0x1c5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: May 27 03:38:08 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=344C4B8EEC7C361155C7E0C6D3C6FE2855B3255B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:de:41:d1:d9:0f:20:18:2a:b6:96:12:1c:1b:
3a:0e:1e:c9:37:b8:f7:ab:01:7d:c8:cd:6e:ec:00:
0a:81:a4:2f:bc:37:6c:dc:e6:89:b3:07:65:4e:1f:
19:7c:b8:30:e2:e8:17:6b:0d:04:a6:93:6e:ee:3c:
08:7c:0e:7b:7f:68:d6:8b:83:ab:2a:72:b4:bc:f6:
2b:30:d6:81:2f:46:70:79:e9:24:58:6e:4e:54:51:
2b:c2:e9:85:9a:d4:ef:5a:1c:51:92:9a:c6:0c:03:
a4:c4:b0:f7:c8:51:f3:ab:10:a6:b5:2a:0d:33:0c:
67:99:f8:99:df:ed:9d:da:8d:85:31:2c:00:63:84:
56:3f:ea:61:da:b5:0f:b9:e0:6a:ba:48:e9:41:43:
0b:d7:67:47:56:cf:48:01:03:a7:8c:aa:87:a4:26:
07:98:71:d5:eb:78:12:9b:93:d6:f3:6a:69:e2:13:
fd:7c:69:94:ba:4f:6a:86:74:d7:02:30:15:10:f5:
dc:3f:54:be:2e:c0:d7:f4:ef:2e:bc:8a:ee:dd:d9:
93:2d:85:a0:7e:a9:a1:48:0f:31:21:53:f6:d3:c9:
c9:90:0c:3c:04:c9:c8:16:e6:79:1f:00:4c:73:61:
49:5c:dd:de:f6:55:26:f6:ac:3a:22:f4:98:3d:e5:
83:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:4C:4B:8E:EC:7C:36:11:55:C7:E0:C6:D3:C6:FE:28:55:B3:25:5B
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/NExLjux8NhFVx-DG08b-KFWzJVs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
37:01:fb:c5:e6:e8:65:db:bc:b9:51:38:e6:9c:16:1b:62:cf:
9f:0e:fd:fd:d7:3c:3b:05:20:40:aa:83:de:50:d2:15:c6:ce:
c6:36:1f:2b:07:82:34:e7:6d:9c:46:25:9b:c1:2e:ad:2c:b7:
b3:40:46:88:79:b2:5a:66:bf:4c:6a:6d:09:84:37:1e:cc:ff:
27:a7:86:6e:50:23:cb:99:35:cb:8a:00:dd:8d:56:5a:91:d9:
b2:44:0d:4f:92:02:7d:65:e8:48:22:fe:5f:2f:21:dc:5d:78:
fa:9b:6d:cd:f9:ff:8a:b7:6e:9c:9e:8b:aa:02:66:61:c6:e7:
86:a0:fb:bb:7d:f4:be:ff:6d:dd:01:30:ab:38:a7:83:49:d3:
06:f7:d4:26:e9:0b:f7:d6:c5:7c:2a:50:77:ca:5b:c4:5b:dd:
80:d8:68:5a:72:ab:b5:42:93:7b:36:50:5e:67:39:9b:9e:17:
27:9d:fd:89:5f:75:60:30:ee:50:89:fd:de:1a:58:a4:1e:51:
46:57:f4:29:72:96:ff:de:34:39:82:5a:30:8a:97:21:01:3b:
bf:e7:97:e9:3c:06:a4:3a:ce:23:ac:16:53:e4:14:f3:67:ee:
ff:26:9c:2e:5d:ec:64:f1:1f:13:ec:39:e5:e2:75:12:4e:03:
75:f3:73:a9
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICHF4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA1Mjcw
MzM4MDhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDM0NEM0QjhFRUM3QzM2
MTE1NUM3RTBDNkQzQzZGRTI4NTVCMzI1NUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDE3kHR2Q8gGCq2lhIcGzoOHsk3uPerAX3IzW7sAAqBpC+8N2zc
5omzB2VOHxl8uDDi6BdrDQSmk27uPAh8Dnt/aNaLg6sqcrS89isw1oEvRnB56SRY
bk5UUSvC6YWa1O9aHFGSmsYMA6TEsPfIUfOrEKa1Kg0zDGeZ+Jnf7Z3ajYUxLABj
hFY/6mHatQ+54Gq6SOlBQwvXZ0dWz0gBA6eMqoekJgeYcdXreBKbk9bzamniE/18
aZS6T2qGdNcCMBUQ9dw/VL4uwNf07y68iu7d2ZMthaB+qaFIDzEhU/bTycmQDDwE
ycgW5nkfAExzYUlc3d72VSb2rDoi9Jg95YPXAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUNExLjux8NhFVx+DG08b+KFWzJVswHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvTkV4TGp1eDhOaEZW
eC1ERzA4Yi1LRld6SlZzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBADcB+8Xm6GXbvLlROOacFhtiz58O
/f3XPDsFIECqg95Q0hXGzsY2HysHgjTnbZxGJZvBLq0st7NARoh5slpmv0xqbQmE
Nx7M/yenhm5QI8uZNcuKAN2NVlqR2bJEDU+SAn1l6Egi/l8vIdxdePqbbc35/4q3
bpyei6oCZmHG54ag+7t99L7/bd0BMKs4p4NJ0wb31CbpC/fWxXwqUHfKW8Rb3YDY
aFpyq7VCk3s2UF5nOZueFyed/YlfdWAw7lCJ/d4aWKQeUUZX9Clylv/eNDmCWjCK
lyEBO7/nl+k8BqQ6ziOsFlPkFPNn7v8mnC5d7GTxHxPsOeXidRJOA3Xzc6k=
-----END CERTIFICATE-----
Generated at Sat Jun 21 10:25:00 2025 by rpki-client