Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/OVDmcOn1eHK9ggxUcO2g0kbiUAY.roa
File: OVDmcOn1eHK9ggxUcO2g0kbiUAY.roa (raw, json)
Hash identifier: T66QUXMYgxzPNJPs50EpGcE/xQGcxcHMrwiHG2s4y/g=
Subject key identifier: 39:50:E6:70:E9:F5:78:72:BD:82:0C:54:70:ED:A0:D2:46:E2:50:06
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 269A
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/OVDmcOn1eHK9ggxUcO2g0kbiUAY.roa
Signing time: Sat 14 Jun 2025 08:18:21 +0000
ROA not before: Sat 14 Jun 2025 08:18:21 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9882 (0x269a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 14 08:18:21 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=3950E670E9F57872BD820C5470EDA0D246E25006
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:e9:b9:0d:b8:02:b0:91:37:ca:a1:f1:a5:4d:
cc:51:fe:59:3c:55:ab:06:c7:49:3a:c5:6f:92:1d:
2d:18:3b:25:84:e9:d9:01:7a:c6:eb:b4:f8:17:1a:
4b:ad:c4:05:b8:d1:74:5e:e3:0c:fe:21:63:96:2e:
2b:d6:c8:c5:5b:7a:e4:28:d5:d5:86:46:92:20:4f:
3d:16:10:d5:9a:7c:20:63:d2:10:32:33:ac:c0:66:
bb:8a:45:8e:54:d8:63:d2:40:45:d5:8e:0e:a3:eb:
bb:23:c0:07:9d:65:85:99:71:16:34:2e:9e:73:b4:
96:87:cb:b0:fa:64:7b:8c:55:9b:ce:59:90:2a:a3:
97:19:0c:92:8f:19:89:3d:1e:53:e8:b7:5c:0d:66:
3f:ba:3f:16:d1:5a:6b:f1:17:a0:bd:39:31:8d:b9:
75:59:90:0c:8d:5b:7b:3d:3e:ce:54:6e:d0:0c:fe:
c2:ff:5d:27:a4:16:fb:06:8e:2e:37:66:74:29:46:
62:0e:5f:68:f2:9d:f5:3b:6d:47:a9:ca:92:5a:b9:
97:31:73:d5:cc:8f:5d:9a:1a:98:79:6d:08:81:d9:
4e:e0:4a:1d:26:c1:f8:52:bf:27:dd:dd:54:8e:36:
e2:37:bb:5c:8b:db:03:50:c9:2e:58:3d:3e:8e:73:
dd:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:50:E6:70:E9:F5:78:72:BD:82:0C:54:70:ED:A0:D2:46:E2:50:06
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/OVDmcOn1eHK9ggxUcO2g0kbiUAY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
12:a1:ce:9a:bb:19:14:c4:bf:a2:6e:6d:dc:bd:8e:fd:a2:67:
73:b8:8a:49:05:4a:09:6d:06:86:8f:0e:be:2c:ae:fc:d6:d1:
59:89:dd:45:46:54:60:7e:11:53:59:38:f8:f2:03:b7:d8:08:
31:c3:15:97:b0:5c:ac:3a:e6:2c:c4:ab:2e:bd:dd:25:3b:bd:
c6:77:60:5d:ae:49:10:c4:89:63:1d:c3:a4:6f:0e:bf:42:3c:
e4:f2:2e:6f:94:10:2b:a8:0b:06:92:d4:53:5d:03:13:e4:53:
5c:4c:6a:64:94:6d:12:8b:ff:fb:61:75:9c:e9:4d:d8:25:ff:
d2:69:85:36:5b:db:a6:32:f7:cb:e8:1c:f0:81:29:a5:40:8e:
22:e7:f8:15:2b:98:fc:79:7a:52:90:98:0c:59:da:81:6a:ff:
a3:ab:5a:ca:82:32:3e:f3:e3:2e:3c:07:7c:c2:6a:c2:e0:62:
b2:80:e8:e9:48:85:e3:29:fa:ce:42:15:d8:a2:6a:ec:96:1e:
7d:de:b0:3b:57:a4:23:ea:ae:b4:82:9c:86:7d:e1:f5:c2:3c:
46:c8:1a:7b:a6:10:56:4e:c6:8d:5e:23:cb:ca:56:ff:af:5e:
6b:f1:d7:dc:0a:dc:e0:c8:69:23:8a:b2:73:81:92:44:75:86:
05:09:25:99
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICJpowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MTQw
ODE4MjFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDM5NTBFNjcwRTlGNTc4
NzJCRDgyMEM1NDcwRURBMEQyNDZFMjUwMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDr6bkNuAKwkTfKofGlTcxR/lk8VasGx0k6xW+SHS0YOyWE6dkB
esbrtPgXGkutxAW40XRe4wz+IWOWLivWyMVbeuQo1dWGRpIgTz0WENWafCBj0hAy
M6zAZruKRY5U2GPSQEXVjg6j67sjwAedZYWZcRY0Lp5ztJaHy7D6ZHuMVZvOWZAq
o5cZDJKPGYk9HlPot1wNZj+6PxbRWmvxF6C9OTGNuXVZkAyNW3s9Ps5UbtAM/sL/
XSekFvsGji43ZnQpRmIOX2jynfU7bUepypJauZcxc9XMj12aGph5bQiB2U7gSh0m
wfhSvyfd3VSONuI3u1yL2wNQyS5YPT6Oc929AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUOVDmcOn1eHK9ggxUcO2g0kbiUAYwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvT1ZEbWNPbjFlSEs5
Z2d4VWNPMmcwa2JpVUFZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBABKhzpq7GRTEv6Jubdy9jv2iZ3O4
ikkFSgltBoaPDr4srvzW0VmJ3UVGVGB+EVNZOPjyA7fYCDHDFZewXKw65izEqy69
3SU7vcZ3YF2uSRDEiWMdw6RvDr9CPOTyLm+UECuoCwaS1FNdAxPkU1xMamSUbRKL
//thdZzpTdgl/9JphTZb26Yy98voHPCBKaVAjiLn+BUrmPx5elKQmAxZ2oFq/6Or
WsqCMj7z4y48B3zCasLgYrKA6OlIheMp+s5CFdiiauyWHn3esDtXpCPqrrSCnIZ9
4fXCPEbIGnumEFZOxo1eI8vKVv+vXmvx19wK3ODIaSOKsnOBkkR1hgUJJZk=
-----END CERTIFICATE-----
Generated at Sun Jun 22 05:10:27 2025 by rpki-client