Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/aPYOc8XX0rJgccBog7akqA7YtIk.roa
File: aPYOc8XX0rJgccBog7akqA7YtIk.roa (raw, json)
Hash identifier: A2TLktB7evYbK+j9yfGOUYw4w1xUOAQbzGF+ny3zLm8=
Subject key identifier: 68:F6:0E:73:C5:D7:D2:B2:60:71:C0:68:83:B6:A4:A8:0E:D8:B4:89
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 26C4
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/aPYOc8XX0rJgccBog7akqA7YtIk.roa
Signing time: Sat 14 Jun 2025 15:09:19 +0000
ROA not before: Sat 14 Jun 2025 15:09:19 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9924 (0x26c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 14 15:09:19 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=68F60E73C5D7D2B26071C06883B6A4A80ED8B489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:02:22:d5:54:56:17:88:8d:c3:6f:a6:f3:49:
c7:7c:96:7c:34:b1:18:c6:8d:5a:7e:16:9a:d5:48:
44:86:7e:81:65:b8:19:7e:20:1a:be:77:9d:37:c7:
a3:a5:37:6c:40:e2:e1:17:7e:6a:2b:8f:83:e1:46:
88:de:17:86:f0:fb:b4:73:0c:f7:53:d2:d8:49:2b:
c4:da:2c:f7:f4:0a:48:f1:c5:34:9f:1d:58:55:0c:
70:62:cf:88:8b:c0:6e:f6:6a:1d:ca:8f:61:e1:c8:
51:e1:15:f4:e6:9e:27:b1:88:3f:44:20:ed:9b:a7:
5c:7f:92:9d:73:49:0d:73:b1:ce:77:e1:47:d3:1d:
49:cf:12:e1:86:eb:e6:ca:42:32:a8:6a:6e:83:a9:
1b:76:f0:ac:26:3f:60:54:25:7d:37:f3:05:36:09:
72:f7:cd:84:25:e3:39:8e:09:79:5b:0c:f9:e8:fa:
47:59:0d:29:9a:d3:c0:5f:f3:a4:1b:91:71:48:53:
17:cc:03:ee:90:10:ab:19:05:79:6c:ad:74:31:e9:
f2:a3:3e:74:34:2e:bc:d2:07:8b:d8:cc:c3:b9:1d:
42:66:44:cf:7d:be:47:ec:95:97:20:b6:81:88:c7:
44:dc:a0:b2:d6:07:ae:33:bd:0a:84:f7:65:6a:e7:
99:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:F6:0E:73:C5:D7:D2:B2:60:71:C0:68:83:B6:A4:A8:0E:D8:B4:89
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/aPYOc8XX0rJgccBog7akqA7YtIk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
49:f2:7d:1f:bb:30:0b:50:14:7d:f5:4a:f0:5b:95:05:e5:c7:
1f:a6:df:2d:89:64:88:3d:e2:d2:85:83:74:63:99:ac:9c:a0:
e3:35:71:14:f7:c9:60:8b:2f:88:3d:02:a5:a4:37:6f:90:c5:
f9:e2:26:66:dd:46:ab:15:25:b1:72:68:7f:42:c3:26:0b:f7:
a9:e8:e1:11:51:e3:2c:ee:87:b7:94:9f:52:27:e1:b7:c6:9e:
d6:a4:27:f1:c5:bf:3d:0f:5c:46:c3:50:3c:e7:3a:c6:af:72:
e1:46:59:90:0e:06:ed:7b:8c:4a:25:4d:ed:cb:07:4e:d0:c0:
0b:dd:d2:3f:a4:26:60:8a:6f:52:40:ad:72:c2:bf:22:79:b2:
5e:8e:3e:5d:62:f1:e3:21:90:0e:51:99:ee:a1:99:57:5e:8c:
e3:c7:0c:c5:76:7b:48:26:0d:19:87:6c:8f:28:af:77:62:28:
3a:ff:8e:5b:19:0f:3a:d0:0c:85:39:54:f0:50:c4:fc:f6:0c:
c9:df:3a:fb:e5:29:9f:75:9a:14:39:ce:ce:0c:9f:38:e2:51:
5d:ab:6c:a6:bc:6f:53:d3:86:14:1d:1c:06:45:6f:70:bf:f3:
b4:a2:e5:be:4e:b0:5c:90:e1:59:70:24:3b:60:12:fd:47:d0:
e0:b1:04:84
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICJsQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MTQx
NTA5MTlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDY4RjYwRTczQzVEN0Qy
QjI2MDcxQzA2ODgzQjZBNEE4MEVEOEI0ODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcAiLVVFYXiI3Db6bzScd8lnw0sRjGjVp+FprVSESGfoFluBl+
IBq+d503x6OlN2xA4uEXfmorj4PhRojeF4bw+7RzDPdT0thJK8TaLPf0CkjxxTSf
HVhVDHBiz4iLwG72ah3Kj2HhyFHhFfTmniexiD9EIO2bp1x/kp1zSQ1zsc534UfT
HUnPEuGG6+bKQjKoam6DqRt28KwmP2BUJX038wU2CXL3zYQl4zmOCXlbDPno+kdZ
DSma08Bf86QbkXFIUxfMA+6QEKsZBXlsrXQx6fKjPnQ0LrzSB4vYzMO5HUJmRM99
vkfslZcgtoGIx0TcoLLWB64zvQqE92Vq55ljAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUaPYOc8XX0rJgccBog7akqA7YtIkwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvYVBZT2M4WFgwckpn
Y2NCb2c3YWtxQTdZdElrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAEnyfR+7MAtQFH31SvBblQXlxx+m
3y2JZIg94tKFg3RjmaycoOM1cRT3yWCLL4g9AqWkN2+QxfniJmbdRqsVJbFyaH9C
wyYL96no4RFR4yzuh7eUn1In4bfGntakJ/HFvz0PXEbDUDznOsavcuFGWZAOBu17
jEolTe3LB07QwAvd0j+kJmCKb1JArXLCvyJ5sl6OPl1i8eMhkA5Rme6hmVdejOPH
DMV2e0gmDRmHbI8or3diKDr/jlsZDzrQDIU5VPBQxPz2DMnfOvvlKZ91mhQ5zs4M
nzjiUV2rbKa8b1PThhQdHAZFb3C/87Si5b5OsFyQ4VlwJDtgEv1H0OCxBIQ=
-----END CERTIFICATE-----
Generated at Sun Jun 15 10:06:58 2025 by rpki-client