Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/aEcbHOMh0cmuHnAT6oKWbsNafLE.roa
File: aEcbHOMh0cmuHnAT6oKWbsNafLE.roa (raw, json)
Hash identifier: nlSOkZZZKoOaXcPopUhzgNhwjwK6MTbwBcWNCv6EuE8=
Subject key identifier: 68:47:1B:1C:E3:21:D1:C9:AE:1E:70:13:EA:82:96:6E:C3:5A:7C:B1
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 2090
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/aEcbHOMh0cmuHnAT6oKWbsNafLE.roa
Signing time: Tue 03 Jun 2025 14:38:39 +0000
ROA not before: Tue 03 Jun 2025 14:38:39 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8336 (0x2090)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 3 14:38:39 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=68471B1CE321D1C9AE1E7013EA82966EC35A7CB1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a2:90:a9:fd:11:d0:a9:96:c6:41:e3:4e:39:
32:21:6d:ce:eb:94:6a:00:97:a0:fd:c0:b3:10:82:
4d:9d:ef:b7:dc:1a:10:a1:fd:a1:f6:4e:23:40:36:
56:33:72:44:bf:a9:7a:c4:96:db:bd:95:a5:cf:73:
c1:31:e9:e8:ae:f0:0a:28:77:db:75:19:3d:44:86:
75:43:18:dc:26:03:33:61:ed:4e:66:19:06:1e:a7:
3c:95:8b:1f:fb:ac:d8:62:aa:3b:26:14:e1:1d:5f:
d3:30:44:8b:ac:a3:cf:27:10:23:56:c7:7e:b8:f2:
f5:e7:96:19:65:b3:f9:82:4b:db:f8:4e:a7:31:10:
80:1b:01:ad:da:4f:b0:16:54:b0:10:f5:c2:bb:b4:
ed:68:4d:c9:6a:68:72:61:75:2e:77:ff:82:c8:b0:
47:c0:cb:be:fd:4a:52:de:44:19:34:9c:e4:f2:96:
94:bd:11:5c:e1:7a:24:ff:32:3f:1b:5e:d2:c2:1c:
13:1a:a7:5a:69:e4:f0:51:46:27:ce:09:53:aa:37:
36:6e:b6:a3:75:27:66:6e:40:e6:25:e5:97:62:41:
25:a2:e1:6f:7e:48:35:b8:49:40:a4:15:c7:22:01:
de:5b:92:d2:df:20:6d:ca:de:5b:1f:35:fc:f7:b7:
76:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:47:1B:1C:E3:21:D1:C9:AE:1E:70:13:EA:82:96:6E:C3:5A:7C:B1
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/aEcbHOMh0cmuHnAT6oKWbsNafLE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
ae:85:79:f1:00:f1:ef:c4:15:14:5f:94:33:aa:45:d9:f0:cc:
4e:9e:41:d1:04:70:27:84:b5:f8:0c:7b:6a:e4:fc:99:d8:7f:
39:a2:f2:e9:6f:09:5b:88:24:d6:15:bd:73:0a:1b:3f:96:b9:
0c:a5:5b:dd:cd:25:67:70:04:58:db:4b:b0:be:5d:4d:2a:2a:
ff:f9:8f:99:70:35:02:dd:d7:c5:d7:5e:c4:f9:c8:16:70:c1:
14:80:2d:94:b3:a4:4c:93:d3:3f:dc:78:23:85:b2:17:84:97:
e5:87:9c:27:3b:3d:4d:13:f8:cc:79:d0:08:45:de:b5:a0:69:
d4:87:9c:5c:a3:67:fa:0e:69:a4:d4:b9:1b:11:d8:ac:69:70:
22:98:80:d2:65:6b:d5:be:e1:9e:af:66:bb:c9:ad:4a:fb:7d:
d5:89:de:ee:53:c4:6d:de:65:e7:b4:b4:2c:05:9c:8d:c7:8b:
9b:90:e0:ec:ac:80:f8:ea:d3:b9:2c:46:92:27:b6:2d:4d:d2:
2e:7f:6c:09:94:9d:ee:5d:9c:17:bc:8c:39:c7:75:ee:60:e4:
01:e0:db:b7:1a:d9:94:24:a4:bc:18:ef:9c:04:23:7c:67:06:
72:36:89:40:82:66:e1:27:82:d1:42:a1:f9:44:80:a4:96:65:
14:87:b5:f3
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICIJAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDMx
NDM4MzlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDY4NDcxQjFDRTMyMUQx
QzlBRTFFNzAxM0VBODI5NjZFQzM1QTdDQjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5opCp/RHQqZbGQeNOOTIhbc7rlGoAl6D9wLMQgk2d77fcGhCh
/aH2TiNANlYzckS/qXrEltu9laXPc8Ex6eiu8Aood9t1GT1EhnVDGNwmAzNh7U5m
GQYepzyVix/7rNhiqjsmFOEdX9MwRIuso88nECNWx3648vXnlhlls/mCS9v4Tqcx
EIAbAa3aT7AWVLAQ9cK7tO1oTclqaHJhdS53/4LIsEfAy779SlLeRBk0nOTylpS9
EVzheiT/Mj8bXtLCHBMap1pp5PBRRifOCVOqNzZutqN1J2ZuQOYl5ZdiQSWi4W9+
SDW4SUCkFcciAd5bktLfIG3K3lsfNfz3t3bdAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUaEcbHOMh0cmuHnAT6oKWbsNafLEwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvYUVjYkhPTWgwY211
SG5BVDZvS1dic05hZkxFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAK6FefEA8e/EFRRflDOqRdnwzE6e
QdEEcCeEtfgMe2rk/JnYfzmi8ulvCVuIJNYVvXMKGz+WuQylW93NJWdwBFjbS7C+
XU0qKv/5j5lwNQLd18XXXsT5yBZwwRSALZSzpEyT0z/ceCOFsheEl+WHnCc7PU0T
+Mx50AhF3rWgadSHnFyjZ/oOaaTUuRsR2KxpcCKYgNJla9W+4Z6vZrvJrUr7fdWJ
3u5TxG3eZee0tCwFnI3Hi5uQ4OysgPjq07ksRpInti1N0i5/bAmUne5dnBe8jDnH
de5g5AHg27ca2ZQkpLwY75wEI3xnBnI2iUCCZuEngtFCoflEgKSWZRSHtfM=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:28:59 2025 by rpki-client