Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/RA_Xx3yb3yy7h6guoXzeFAEg4e4.roa
File: RA_Xx3yb3yy7h6guoXzeFAEg4e4.roa (raw, json)
Hash identifier: RdPjtoGQEZCuq+Vw2N3HTt1NFsU/4rRCCZLogpXtLVs=
Subject key identifier: 44:0F:D7:C7:7C:9B:DF:2C:BB:87:A8:2E:A1:7C:DE:14:01:20:E1:EE
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 1C86
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/RA_Xx3yb3yy7h6guoXzeFAEg4e4.roa
Signing time: Tue 27 May 2025 10:08:09 +0000
ROA not before: Tue 27 May 2025 10:08:09 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7302 (0x1c86)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: May 27 10:08:09 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=440FD7C77C9BDF2CBB87A82EA17CDE140120E1EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:1b:a0:45:62:dc:61:25:71:e0:41:7b:94:a8:
1a:79:0d:00:43:97:7c:35:d0:df:7a:1f:fb:e8:55:
ed:fa:59:10:69:ea:85:6a:d2:71:05:b6:2b:40:e0:
3f:aa:7e:51:59:cb:7a:8e:e7:6f:80:29:49:1d:c4:
24:ec:17:63:47:87:1f:b7:2d:9e:1e:eb:8a:64:89:
c8:75:6d:d3:d8:b6:2e:08:11:33:6f:4d:e4:26:f5:
1e:ab:fc:8a:cf:80:39:5f:40:5d:e1:60:33:e7:9c:
0b:13:87:9a:00:88:c5:71:4f:e5:41:f9:c1:4f:8e:
ad:84:80:03:71:7d:12:f4:ae:fe:6f:7e:43:3b:2b:
fa:09:16:8c:49:96:2e:f2:81:9e:48:63:1a:2f:11:
d0:09:fe:54:32:73:e6:eb:a6:32:20:a6:cd:ac:78:
7b:3e:a7:57:a4:78:fa:e6:4a:39:f2:27:6b:bd:be:
89:df:ea:67:06:c3:5c:db:85:fb:df:58:e3:84:7b:
10:19:19:2c:ec:d1:17:d9:b4:4b:5b:2a:c0:f1:00:
38:4f:d5:d7:77:6d:2f:d2:3d:a1:bd:da:6a:ba:ef:
60:74:9e:ff:b4:35:90:2e:17:d9:ee:cf:b9:c0:5d:
1e:57:bc:f8:cb:25:05:5d:72:66:53:57:19:2c:aa:
d3:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:0F:D7:C7:7C:9B:DF:2C:BB:87:A8:2E:A1:7C:DE:14:01:20:E1:EE
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/RA_Xx3yb3yy7h6guoXzeFAEg4e4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
5e:55:73:7e:0c:fd:a3:1b:80:2f:d1:0b:6f:28:b4:f8:fc:a3:
45:a1:e9:61:6a:ea:33:86:27:86:3a:3b:1d:3d:1c:8d:73:39:
41:0b:74:62:b8:78:c1:b1:3e:e0:71:a5:e5:05:92:ae:b7:a0:
2b:f1:56:4e:59:bc:41:37:56:b1:53:50:b6:f8:5f:37:f6:20:
37:45:9d:81:d7:bb:65:a6:91:a2:e7:9f:07:09:64:e8:1b:04:
59:68:73:d7:f8:bd:ee:f3:99:11:f7:e5:3d:34:32:fb:b6:cd:
cd:0b:bb:d3:b6:c9:b4:7a:2b:86:a1:7b:b7:92:6f:a5:ce:2f:
9f:d5:a5:30:ad:95:cb:1d:71:2e:78:04:7a:42:08:7d:cb:20:
8a:99:49:92:16:b3:da:04:d1:93:2c:77:f0:4a:6b:c9:3e:b8:
1c:c1:00:32:c9:74:3e:8c:b9:2f:8b:6d:5d:42:61:2b:b1:36:
59:d1:13:2f:d1:a0:61:b4:d6:34:d4:7c:b4:7d:35:53:76:3c:
80:3c:38:5c:cc:fb:1a:25:a6:e4:c5:be:87:6a:5d:18:d2:24:
f4:fb:dc:05:7f:22:f6:61:b5:4a:1b:68:1d:f6:8d:6b:e1:99:
ef:d5:e6:7c:96:28:4c:f6:28:9d:6a:40:ef:2c:b9:67:28:a5:
b1:cc:77:71
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICHIYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA1Mjcx
MDA4MDlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDQ0MEZEN0M3N0M5QkRG
MkNCQjg3QTgyRUExN0NERTE0MDEyMEUxRUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsG6BFYtxhJXHgQXuUqBp5DQBDl3w10N96H/voVe36WRBp6oVq
0nEFtitA4D+qflFZy3qO52+AKUkdxCTsF2NHhx+3LZ4e64pkich1bdPYti4IETNv
TeQm9R6r/IrPgDlfQF3hYDPnnAsTh5oAiMVxT+VB+cFPjq2EgANxfRL0rv5vfkM7
K/oJFoxJli7ygZ5IYxovEdAJ/lQyc+brpjIgps2seHs+p1ekePrmSjnyJ2u9vonf
6mcGw1zbhfvfWOOEexAZGSzs0RfZtEtbKsDxADhP1dd3bS/SPaG92mq672B0nv+0
NZAuF9nuz7nAXR5XvPjLJQVdcmZTVxksqtMxAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQURA/Xx3yb3yy7h6guoXzeFAEg4e4wHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvUkFfWHgzeWIzeXk3
aDZndW9YemVGQUVnNGU0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAF5Vc34M/aMbgC/RC28otPj8o0Wh
6WFq6jOGJ4Y6Ox09HI1zOUELdGK4eMGxPuBxpeUFkq63oCvxVk5ZvEE3VrFTULb4
Xzf2IDdFnYHXu2WmkaLnnwcJZOgbBFloc9f4ve7zmRH35T00Mvu2zc0Lu9O2ybR6
K4ahe7eSb6XOL5/VpTCtlcsdcS54BHpCCH3LIIqZSZIWs9oE0ZMsd/BKa8k+uBzB
ADLJdD6MuS+LbV1CYSuxNlnREy/RoGG01jTUfLR9NVN2PIA8OFzM+xolpuTFvodq
XRjSJPT73AV/IvZhtUobaB32jWvhme/V5nyWKEz2KJ1qQO8suWcopbHMd3E=
-----END CERTIFICATE-----
Generated at Sun Jun 22 05:05:06 2025 by rpki-client