Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/XAgVCMgdtgcRB7Bzty5m9fDUdx4.roa
File: XAgVCMgdtgcRB7Bzty5m9fDUdx4.roa (raw, json)
Hash identifier: afCWPOd3dw3JwkdKIcS+DLzUfG5gYLQDoILuu4vHRU8=
Subject key identifier: 5C:08:15:08:C8:1D:B6:07:11:07:B0:73:B7:2E:66:F5:F0:D4:77:1E
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 22AF
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/XAgVCMgdtgcRB7Bzty5m9fDUdx4.roa
Signing time: Sat 07 Jun 2025 09:08:51 +0000
ROA not before: Sat 07 Jun 2025 09:08:51 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8879 (0x22af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 7 09:08:51 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=5C081508C81DB6071107B073B72E66F5F0D4771E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:51:e8:03:c2:cc:aa:2d:16:5f:e3:74:c4:c3:
fb:0e:c3:6a:ae:88:98:f3:c2:2a:5b:5a:08:f4:0c:
f3:e7:82:b2:53:08:f4:83:e4:03:6c:51:77:2f:70:
4f:0e:f7:75:83:6a:6a:db:5b:9d:4f:6f:8f:ff:43:
88:9a:c8:30:e9:ef:b9:6c:a1:07:cc:da:9d:43:67:
be:bb:07:26:23:6a:dd:97:a2:6b:87:ee:b4:83:a9:
af:70:d4:c7:16:1b:ae:57:91:64:7f:c7:f3:b7:03:
f6:d1:dd:f5:0d:84:d1:72:9a:eb:c9:fb:21:d2:11:
28:23:dc:7b:97:e4:6d:59:e5:ef:98:27:14:f9:34:
13:24:3a:95:79:f1:fb:7e:b9:e3:84:79:e6:3e:e5:
43:97:e0:16:90:f6:ad:96:d9:2d:8f:b2:ec:9f:a1:
6a:a7:9b:8b:b8:f8:94:72:f4:85:f0:47:46:0a:95:
d6:28:50:c4:25:b1:96:23:07:00:5a:8a:37:a9:46:
69:86:af:7b:d6:82:12:05:1f:eb:e9:d3:23:57:0d:
a2:0c:e8:9b:bf:03:d6:c4:2b:84:13:f8:46:c2:bc:
e3:7e:61:72:04:c6:bc:90:ba:50:8a:2c:f6:e7:c6:
98:a8:74:7c:f4:61:3a:2e:d5:ce:f8:03:65:7d:d9:
b8:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:08:15:08:C8:1D:B6:07:11:07:B0:73:B7:2E:66:F5:F0:D4:77:1E
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/XAgVCMgdtgcRB7Bzty5m9fDUdx4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
98:7d:45:a6:be:ab:64:34:47:22:4c:f3:1a:00:ea:67:d0:5d:
41:cf:b9:fc:9c:e3:80:ef:52:a8:3c:9c:d8:55:c2:97:91:03:
56:4e:84:8a:06:92:e7:48:b8:af:f6:7b:26:de:cb:31:89:31:
cd:db:5f:c8:f8:be:55:67:cb:d7:e8:b6:10:03:c0:be:28:4f:
9f:f7:6c:1c:c5:c4:5b:4c:c0:f8:4a:f8:39:0f:8a:23:97:63:
b6:a0:e4:63:06:c8:e5:4b:80:c9:8e:bd:d4:44:0a:87:08:3f:
74:97:da:26:e8:66:73:aa:76:ce:93:05:45:6b:02:34:c1:2e:
b0:69:21:5d:c2:c9:61:ee:c7:d2:61:7e:1c:32:fc:32:c6:c4:
a3:63:e4:f9:e4:6e:2f:0d:56:8f:b5:1e:86:1c:07:dd:c5:27:
23:99:d2:af:1c:9b:cc:6d:df:de:82:80:d0:18:f7:8e:7c:fb:
5d:ef:e2:35:65:04:1b:55:08:e7:ec:7d:db:7e:6b:9f:1c:90:
56:84:32:8f:a5:cc:af:5c:89:54:a2:be:52:c2:16:28:7f:61:
de:42:91:b1:fa:01:ff:f0:46:0a:58:1b:77:50:51:cf:f1:a7:
04:73:0b:38:a9:e3:67:e7:10:06:ac:39:21:33:7d:37:5a:a8:
ca:0d:c2:fa
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICIq8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDcw
OTA4NTFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDVDMDgxNTA4QzgxREI2
MDcxMTA3QjA3M0I3MkU2NkY1RjBENDc3MUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTUegDwsyqLRZf43TEw/sOw2quiJjzwipbWgj0DPPngrJTCPSD
5ANsUXcvcE8O93WDamrbW51Pb4//Q4iayDDp77lsoQfM2p1DZ767ByYjat2XomuH
7rSDqa9w1McWG65XkWR/x/O3A/bR3fUNhNFymuvJ+yHSESgj3HuX5G1Z5e+YJxT5
NBMkOpV58ft+ueOEeeY+5UOX4BaQ9q2W2S2PsuyfoWqnm4u4+JRy9IXwR0YKldYo
UMQlsZYjBwBaijepRmmGr3vWghIFH+vp0yNXDaIM6Ju/A9bEK4QT+EbCvON+YXIE
xryQulCKLPbnxpiodHz0YTou1c74A2V92bidAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUXAgVCMgdtgcRB7Bzty5m9fDUdx4wHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvWEFnVkNNZ2R0Z2NS
QjdCenR5NW05ZkRVZHg0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAJh9Raa+q2Q0RyJM8xoA6mfQXUHP
ufyc44DvUqg8nNhVwpeRA1ZOhIoGkudIuK/2eybeyzGJMc3bX8j4vlVny9fothAD
wL4oT5/3bBzFxFtMwPhK+DkPiiOXY7ag5GMGyOVLgMmOvdRECocIP3SX2iboZnOq
ds6TBUVrAjTBLrBpIV3CyWHux9Jhfhwy/DLGxKNj5Pnkbi8NVo+1HoYcB93FJyOZ
0q8cm8xt396CgNAY9458+13v4jVlBBtVCOfsfdt+a58ckFaEMo+lzK9ciVSivlLC
Fih/Yd5CkbH6Af/wRgpYG3dQUc/xpwRzCzip42fnEAasOSEzfTdaqMoNwvo=
-----END CERTIFICATE-----
Generated at Sun Jun 15 10:06:15 2025 by rpki-client