Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/OxYS5oG454Wc6DgIc8ddlgM2olE.roa
File: OxYS5oG454Wc6DgIc8ddlgM2olE.roa (raw, json)
Hash identifier: W5dB7/2I/swWUvCkIx1ovEXXtofA8/mDDA0Svea4ksk=
Subject key identifier: 3B:16:12:E6:81:B8:E7:85:9C:E8:38:08:73:C7:5D:96:03:36:A2:51
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 23D5
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/OxYS5oG454Wc6DgIc8ddlgM2olE.roa
Signing time: Mon 09 Jun 2025 10:08:58 +0000
ROA not before: Mon 09 Jun 2025 10:08:58 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9173 (0x23d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 9 10:08:58 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=3B1612E681B8E7859CE8380873C75D960336A251
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:0c:b5:4c:7f:92:ce:11:f1:2d:d6:bf:46:8b:
0a:34:d2:63:92:b7:ee:93:30:26:0c:09:08:54:3e:
7c:11:4b:a0:ab:7b:c7:1a:4b:31:1c:95:9a:6f:74:
af:48:b9:a9:5d:4b:02:cc:e3:06:bb:14:13:b3:27:
69:dc:55:c8:10:16:72:2a:0c:78:f8:f3:24:97:6f:
c2:a8:60:d8:0c:c2:e4:9c:c1:c7:04:cd:29:0e:a4:
fa:b5:77:9f:34:9c:31:bd:1f:4b:15:05:aa:85:45:
1a:74:9d:c7:ae:f1:ad:14:65:27:14:d9:b0:0d:f6:
94:2c:be:2e:2d:90:dc:a3:2f:76:0e:40:87:d4:28:
0f:83:76:b9:8f:0b:ec:0b:50:90:a7:35:be:5f:a1:
28:06:b3:a9:77:7f:8e:53:9b:22:67:f6:8b:2f:12:
c6:e9:85:a0:81:d2:a7:12:7f:dd:e8:2a:f7:19:1c:
64:60:08:eb:c3:6b:aa:9c:55:79:93:b8:79:66:3a:
d6:d2:54:2b:52:61:bb:42:31:cd:4a:8a:b7:1d:eb:
6d:ae:fc:b9:52:31:ff:6f:0c:d6:5a:d7:0d:34:45:
78:b0:eb:22:f3:7d:b9:54:b3:09:bf:ce:c5:22:0f:
34:65:18:dc:72:fe:be:67:85:f8:49:3d:b7:7e:a1:
2c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:16:12:E6:81:B8:E7:85:9C:E8:38:08:73:C7:5D:96:03:36:A2:51
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/OxYS5oG454Wc6DgIc8ddlgM2olE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
12:70:04:9b:a7:a9:3c:b0:51:f3:f5:54:6f:c6:88:53:ce:d7:
00:3a:ca:68:f1:27:32:5c:3f:67:e6:db:51:63:64:f9:a6:37:
1f:cc:8d:c6:59:15:9d:1a:76:dd:1b:30:d5:c3:96:06:25:d2:
82:7f:c3:6b:6a:ce:3b:13:0e:84:ce:5e:00:8c:1d:ba:80:36:
6a:ce:32:85:d3:4f:ce:39:5f:e0:c8:2d:1a:bb:78:18:e7:26:
ea:53:31:24:74:bd:05:23:5b:fa:08:0a:19:76:92:29:40:46:
13:e0:2a:a9:46:24:a3:49:e4:8b:62:24:82:0a:01:6d:ca:55:
14:52:e3:45:84:19:ae:f8:ba:36:44:c4:7a:92:59:47:37:46:
95:5e:25:1f:3e:62:c0:31:5a:5b:e9:c7:db:20:d9:9a:b4:e4:
98:2c:2e:ff:09:82:36:b1:05:94:dc:a2:f3:93:13:0e:31:1a:
25:d6:bf:34:b8:22:75:04:ac:9a:30:e0:db:e4:44:dd:fb:b7:
40:ac:eb:d3:aa:ea:9a:e3:4d:dd:0b:f5:aa:47:14:62:48:72:
52:47:ec:b5:4e:1a:28:8d:7e:63:1e:58:d4:53:b3:22:07:68:
f9:1e:37:cd:d5:66:47:24:3f:81:93:85:c8:30:77:bf:62:0e:
c1:d5:48:c3
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICI9UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDkx
MDA4NThaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDNCMTYxMkU2ODFCOEU3
ODU5Q0U4MzgwODczQzc1RDk2MDMzNkEyNTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxDLVMf5LOEfEt1r9Giwo00mOSt+6TMCYMCQhUPnwRS6Cre8ca
SzEclZpvdK9IualdSwLM4wa7FBOzJ2ncVcgQFnIqDHj48ySXb8KoYNgMwuScwccE
zSkOpPq1d580nDG9H0sVBaqFRRp0nceu8a0UZScU2bAN9pQsvi4tkNyjL3YOQIfU
KA+DdrmPC+wLUJCnNb5foSgGs6l3f45TmyJn9osvEsbphaCB0qcSf93oKvcZHGRg
COvDa6qcVXmTuHlmOtbSVCtSYbtCMc1Kircd622u/LlSMf9vDNZa1w00RXiw6yLz
fblUswm/zsUiDzRlGNxy/r5nhfhJPbd+oSyHAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUOxYS5oG454Wc6DgIc8ddlgM2olEwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvT3hZUzVvRzQ1NFdj
NkRnSWM4ZGRsZ00yb2xFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBABJwBJunqTywUfP1VG/GiFPO1wA6
ymjxJzJcP2fm21FjZPmmNx/MjcZZFZ0adt0bMNXDlgYl0oJ/w2tqzjsTDoTOXgCM
HbqANmrOMoXTT845X+DILRq7eBjnJupTMSR0vQUjW/oIChl2kilARhPgKqlGJKNJ
5ItiJIIKAW3KVRRS40WEGa74ujZExHqSWUc3RpVeJR8+YsAxWlvpx9sg2Zq05Jgs
Lv8JgjaxBZTcovOTEw4xGiXWvzS4InUErJow4NvkRN37t0Cs69Oq6prjTd0L9apH
FGJIclJH7LVOGiiNfmMeWNRTsyIHaPkeN83VZkckP4GThcgwd79iDsHVSMM=
-----END CERTIFICATE-----
Generated at Sat Jun 21 05:35:31 2025 by rpki-client