Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/XRqbeX8TX0gzhI1lovJVM0iMPTY.roa
File: XRqbeX8TX0gzhI1lovJVM0iMPTY.roa (raw, json)
Hash identifier: bwJHXdLgzkLwmZoZSKcrAxGrs0Y87BuSLdJKzbLIQGQ=
Subject key identifier: 5D:1A:9B:79:7F:13:5F:48:33:84:8D:65:A2:F2:55:33:48:8C:3D:36
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 23D6
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/XRqbeX8TX0gzhI1lovJVM0iMPTY.roa
Signing time: Mon 09 Jun 2025 10:08:58 +0000
ROA not before: Mon 09 Jun 2025 10:08:58 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9174 (0x23d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 9 10:08:58 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=5D1A9B797F135F4833848D65A2F25533488C3D36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:1c:6c:78:fb:d8:35:32:dc:39:f3:71:7b:48:
9f:33:b2:59:f0:1d:04:1f:9c:83:54:29:77:b6:4b:
56:ac:11:78:7d:8c:95:aa:7c:65:e4:80:9a:9d:39:
9c:a6:b8:3a:3f:86:c6:2d:2f:86:4e:d7:6e:02:32:
ac:91:ff:3e:1e:c8:98:a3:0d:d1:bb:66:42:c0:a4:
d1:b1:e7:3d:88:ff:bb:47:de:a5:ab:bc:5c:ff:ee:
1f:56:54:32:d6:ea:2f:e5:05:1a:5d:c8:70:e5:c9:
ee:c5:45:8d:e7:35:dc:d1:79:a2:59:98:0a:27:10:
f4:6b:eb:5a:3b:19:23:0c:c3:a5:7f:3d:93:bb:ce:
60:1c:e9:f8:5f:5d:93:4f:d6:2e:85:81:fc:67:e4:
2c:45:42:70:ba:9b:1b:58:90:f9:76:e3:ab:2d:3a:
db:00:60:fc:f7:9f:48:eb:0e:f5:2a:1c:ea:76:8b:
ae:5d:b8:46:48:56:f1:55:42:2b:c8:4f:ce:d4:3d:
a6:97:bf:cc:3d:e6:9d:2b:44:01:a1:31:c4:cc:29:
04:f4:19:44:a0:c1:d6:e8:cd:ec:36:ae:14:27:90:
6b:35:38:61:03:20:65:4f:d5:cd:a6:11:d8:4e:f2:
d2:16:9a:05:50:d1:73:28:48:ad:94:f9:9f:93:aa:
73:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:1A:9B:79:7F:13:5F:48:33:84:8D:65:A2:F2:55:33:48:8C:3D:36
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/XRqbeX8TX0gzhI1lovJVM0iMPTY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
5f:64:d7:75:ab:db:4c:2d:f0:ad:8b:30:da:f0:d8:33:20:e7:
5e:56:5b:bc:59:1d:0e:01:10:17:a9:46:a0:20:ce:8f:33:d8:
7a:5d:17:01:23:4d:aa:d4:f2:01:39:05:a8:85:fb:54:7b:5a:
87:5f:3b:f1:57:68:a7:97:40:4d:3a:6d:48:c1:fd:df:15:70:
d8:0a:f9:45:6e:b1:7e:82:77:18:2f:58:32:db:dc:b3:74:ff:
98:81:79:f6:27:1c:a6:6f:42:12:de:8f:0c:75:1b:3e:07:63:
10:d5:54:d5:ac:be:72:e8:3a:20:af:81:99:c5:33:2c:f5:6c:
20:8a:4d:67:7c:7c:e6:0a:33:8f:5b:81:96:b1:e8:1b:36:ce:
60:42:51:48:71:8b:3b:20:bc:64:a6:6f:49:fd:d0:fa:1f:99:
ee:f3:8d:18:0e:81:67:72:6c:f8:ca:a8:b7:88:fa:13:59:26:
d1:2b:8c:50:16:ad:34:d0:56:25:e6:4a:09:da:1a:f2:7b:bf:
3e:dd:b9:44:56:fc:98:d0:4f:dd:cd:d9:9d:03:9d:0e:01:31:
7a:37:c3:9d:25:0d:6f:79:4d:a0:48:c2:91:af:65:aa:48:b6:
af:56:a3:f1:b3:bd:f2:7d:80:61:39:d8:d3:04:6e:c6:74:d1:
22:e5:1a:24
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICI9YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDkx
MDA4NThaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDVEMUE5Qjc5N0YxMzVG
NDgzMzg0OEQ2NUEyRjI1NTMzNDg4QzNEMzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCHGx4+9g1Mtw583F7SJ8zslnwHQQfnINUKXe2S1asEXh9jJWq
fGXkgJqdOZymuDo/hsYtL4ZO124CMqyR/z4eyJijDdG7ZkLApNGx5z2I/7tH3qWr
vFz/7h9WVDLW6i/lBRpdyHDlye7FRY3nNdzReaJZmAonEPRr61o7GSMMw6V/PZO7
zmAc6fhfXZNP1i6Fgfxn5CxFQnC6mxtYkPl246stOtsAYPz3n0jrDvUqHOp2i65d
uEZIVvFVQivIT87UPaaXv8w95p0rRAGhMcTMKQT0GUSgwdbozew2rhQnkGs1OGED
IGVP1c2mEdhO8tIWmgVQ0XMoSK2U+Z+TqnO7AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUXRqbeX8TX0gzhI1lovJVM0iMPTYwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvWFJxYmVYOFRYMGd6
aEkxbG92SlZNMGlNUFRZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAF9k13Wr20wt8K2LMNrw2DMg515W
W7xZHQ4BEBepRqAgzo8z2HpdFwEjTarU8gE5BaiF+1R7WodfO/FXaKeXQE06bUjB
/d8VcNgK+UVusX6CdxgvWDLb3LN0/5iBefYnHKZvQhLejwx1Gz4HYxDVVNWsvnLo
OiCvgZnFMyz1bCCKTWd8fOYKM49bgZax6Bs2zmBCUUhxizsgvGSmb0n90Pofme7z
jRgOgWdybPjKqLeI+hNZJtErjFAWrTTQViXmSgnaGvJ7vz7duURW/JjQT93N2Z0D
nQ4BMXo3w50lDW95TaBIwpGvZapItq9Wo/GzvfJ9gGE52NMEbsZ00SLlGiQ=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:48:29 2025 by rpki-client