Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/Xa627cp4C2jz2kyJq97QlaVrLLs.roa
File: Xa627cp4C2jz2kyJq97QlaVrLLs.roa (raw, json)
Hash identifier: sgvQiN/jsODxj1EBPtGWhumneNAR6SarEwmUDQLQu+U=
Subject key identifier: 5D:AE:B6:ED:CA:78:0B:68:F3:DA:4C:89:AB:DE:D0:95:A5:6B:2C:BB
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 1FDC
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/Xa627cp4C2jz2kyJq97QlaVrLLs.roa
Signing time: Mon 02 Jun 2025 08:38:36 +0000
ROA not before: Mon 02 Jun 2025 08:38:36 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8156 (0x1fdc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 2 08:38:36 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=5DAEB6EDCA780B68F3DA4C89ABDED095A56B2CBB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:b7:01:5d:dc:02:25:ad:9c:06:32:c2:44:a1:
94:c5:d6:fb:d3:f7:d5:93:da:3b:50:0e:92:7a:56:
67:b1:f7:e2:7a:e3:79:d8:30:88:e7:36:5e:dc:01:
53:c2:8a:f8:da:93:b8:d4:51:ac:b2:75:41:86:61:
31:b5:17:f9:99:c1:51:fe:80:9c:df:92:70:6f:15:
eb:cf:ac:36:71:82:f6:ce:63:58:d7:37:cf:a4:93:
19:87:31:0d:4e:6d:74:e8:d8:cd:a4:a2:73:d3:3a:
b9:1d:72:eb:75:28:c6:7c:cc:84:3b:ec:93:84:3d:
39:12:83:ef:71:f9:fd:5f:80:29:5b:fc:db:39:7d:
7a:67:91:da:91:6d:2e:c8:50:df:4d:88:82:a8:5a:
2e:9c:07:d0:fa:52:3b:af:df:1d:19:89:8b:8e:62:
7d:25:72:a8:fe:f2:c3:74:3a:f6:8e:94:2c:33:37:
c5:2a:cc:39:88:06:56:6c:79:3e:7c:04:0c:0c:f8:
f0:7e:56:1f:70:cf:15:78:b7:59:55:7a:a8:d1:2a:
d1:6f:15:7f:7a:1e:fd:9c:98:19:7e:38:a0:58:49:
64:c6:8a:8a:ad:65:56:37:64:bd:00:ec:25:4a:d8:
ec:a4:96:94:ba:6d:bb:f6:1a:eb:08:f6:0f:41:fc:
01:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:AE:B6:ED:CA:78:0B:68:F3:DA:4C:89:AB:DE:D0:95:A5:6B:2C:BB
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/Xa627cp4C2jz2kyJq97QlaVrLLs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
8e:63:9a:f4:7c:c7:c0:40:2c:38:d9:71:25:1c:f6:43:ca:0e:
95:5c:91:23:89:a2:9c:18:1f:0a:5b:1e:37:45:cb:8c:dc:8b:
82:54:f0:de:21:42:ed:d9:01:34:97:9a:6c:8e:92:90:0b:5b:
98:6d:40:e1:a5:8a:18:4e:6b:f1:de:29:48:11:0d:b0:de:a0:
cf:9f:2e:14:3d:25:15:1b:f8:11:8c:13:09:d5:44:1e:eb:49:
18:1d:d5:e3:48:d5:09:fe:dc:9e:02:56:66:44:cc:bb:a2:d1:
94:e4:fa:54:8a:5e:4c:64:e5:cf:1d:2d:5b:3f:e4:3d:a4:f6:
ba:2e:18:fd:5c:be:7d:30:79:19:8e:6b:eb:f7:a7:a9:dd:91:
fe:7f:5d:3b:d9:b9:be:cd:ea:c7:41:8e:3e:81:bc:ac:2e:54:
9f:8b:c6:ec:36:2c:d5:e9:dd:d5:c6:f0:f6:a3:dc:3b:23:e2:
e9:3d:b8:a1:4e:40:b0:90:be:6d:22:70:37:04:2d:82:fc:c9:
39:4e:80:47:7f:ec:5d:07:0d:6d:dc:07:5c:0d:31:9a:cd:f4:
6e:94:08:e3:30:5d:02:bf:f4:43:ef:e2:d4:36:29:65:8b:f0:
d0:64:16:e6:2e:54:9e:99:fb:f5:2a:1a:d1:8f:8a:27:1a:95:
b2:79:09:6a
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICH9wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDIw
ODM4MzZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDVEQUVCNkVEQ0E3ODBC
NjhGM0RBNEM4OUFCREVEMDk1QTU2QjJDQkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDotwFd3AIlrZwGMsJEoZTF1vvT99WT2jtQDpJ6Vmex9+J643nY
MIjnNl7cAVPCivjak7jUUayydUGGYTG1F/mZwVH+gJzfknBvFevPrDZxgvbOY1jX
N8+kkxmHMQ1ObXTo2M2konPTOrkdcut1KMZ8zIQ77JOEPTkSg+9x+f1fgClb/Ns5
fXpnkdqRbS7IUN9NiIKoWi6cB9D6Ujuv3x0ZiYuOYn0lcqj+8sN0OvaOlCwzN8Uq
zDmIBlZseT58BAwM+PB+Vh9wzxV4t1lVeqjRKtFvFX96Hv2cmBl+OKBYSWTGioqt
ZVY3ZL0A7CVK2OyklpS6bbv2GusI9g9B/AH9AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUXa627cp4C2jz2kyJq97QlaVrLLswHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvWGE2MjdjcDRDMmp6
Mmt5SnE5N1FsYVZyTExzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAI5jmvR8x8BALDjZcSUc9kPKDpVc
kSOJopwYHwpbHjdFy4zci4JU8N4hQu3ZATSXmmyOkpALW5htQOGlihhOa/HeKUgR
DbDeoM+fLhQ9JRUb+BGMEwnVRB7rSRgd1eNI1Qn+3J4CVmZEzLui0ZTk+lSKXkxk
5c8dLVs/5D2k9rouGP1cvn0weRmOa+v3p6ndkf5/XTvZub7N6sdBjj6BvKwuVJ+L
xuw2LNXp3dXG8Paj3Dsj4uk9uKFOQLCQvm0icDcELYL8yTlOgEd/7F0HDW3cB1wN
MZrN9G6UCOMwXQK/9EPv4tQ2KWWL8NBkFuYuVJ6Z+/UqGtGPiicalbJ5CWo=
-----END CERTIFICATE-----
Generated at Sat Jun 21 05:36:14 2025 by rpki-client