Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/h9evGWFbW_pJosjhTYnGIvFphzI.roa
File: h9evGWFbW_pJosjhTYnGIvFphzI.roa (raw, json)
Hash identifier: rUs0B0On32gaJKcL2kZ1JCHrCUn5ypWqq+wedoTzyJc=
Subject key identifier: 87:D7:AF:19:61:5B:5B:FA:49:A2:C8:E1:4D:89:C6:22:F1:69:87:32
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 24B7
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/h9evGWFbW_pJosjhTYnGIvFphzI.roa
Signing time: Tue 10 Jun 2025 23:39:11 +0000
ROA not before: Tue 10 Jun 2025 23:39:11 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9399 (0x24b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 10 23:39:11 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=87D7AF19615B5BFA49A2C8E14D89C622F1698732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:57:35:47:d6:01:18:6f:98:d3:c9:a3:2d:64:
97:9e:38:8a:4d:e4:c1:dd:1f:3a:cf:fd:a3:71:09:
4f:0f:23:09:e3:3a:07:42:3e:84:e5:ca:1c:34:70:
69:32:0e:09:42:28:46:9b:3e:5e:16:a1:12:7c:56:
11:2d:8e:a1:1a:e0:50:6d:8a:c8:4f:5b:4c:f9:71:
de:c6:1b:7c:84:b1:64:70:67:8e:94:e3:27:83:5d:
5c:a8:bf:91:5a:5d:f2:23:a7:8b:d6:31:42:e4:2f:
ac:ab:38:81:52:32:7e:32:80:30:cb:10:b0:a7:eb:
4c:d2:3c:9b:63:c4:e8:fe:4c:88:fa:ab:47:9b:9c:
c9:c6:a1:95:83:20:2e:d9:37:bf:a1:f8:af:00:34:
81:2c:27:04:11:74:f4:9b:3b:31:ff:4b:18:07:06:
a5:2c:7f:39:fb:42:36:fc:f7:65:1d:e7:5d:36:80:
60:65:b0:25:78:c8:51:00:ad:2a:bf:c8:af:53:8b:
fa:3e:98:13:67:ce:1e:a2:6e:92:c9:17:82:50:ed:
35:e3:02:f0:a7:97:1f:e5:d4:5a:75:a7:a2:b7:98:
eb:a9:9e:b9:e3:43:9c:0a:cb:79:c3:2b:08:ad:8e:
00:3b:85:28:e0:57:36:ca:15:1c:06:68:98:8d:be:
75:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:D7:AF:19:61:5B:5B:FA:49:A2:C8:E1:4D:89:C6:22:F1:69:87:32
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/h9evGWFbW_pJosjhTYnGIvFphzI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
5b:48:c0:70:62:e9:c3:91:fe:d1:57:6a:7f:2c:1d:7f:2b:e5:
6f:fb:d8:f0:cb:93:90:02:51:3c:b6:28:2f:0d:f8:24:27:cd:
44:90:6d:92:f8:32:0e:ec:ec:e6:82:78:c2:41:19:1d:f4:53:
45:26:99:13:6f:6d:5a:2b:ec:13:25:9f:d1:b2:91:8c:c2:05:
97:b6:9e:97:5c:6d:5c:5e:66:1d:70:63:c8:f2:22:3a:6b:65:
cb:78:cd:34:ed:81:55:d0:9b:ad:db:54:8f:d5:58:f1:8d:9a:
7d:02:ed:9f:df:e7:65:80:a0:86:97:93:be:ff:36:3c:37:12:
93:47:32:bf:77:62:3b:86:8a:f1:bd:d2:26:35:f8:eb:fa:52:
3f:b6:7c:dd:c8:c7:51:87:5e:d1:bc:44:27:ee:65:0d:3b:c7:
5a:12:dc:9e:bb:bf:87:93:23:62:2f:a9:a8:f0:4a:9d:e4:de:
46:92:33:3a:a2:12:c6:5e:ae:26:58:a2:bc:9c:0c:d7:0a:6d:
0b:84:98:4f:7f:b4:67:da:a3:a1:de:f8:98:5b:47:8c:aa:58:
5a:66:95:5a:2b:3f:b7:ae:e6:d4:24:23:92:e5:51:d4:47:8c:
a3:ad:3f:b4:30:bb:1b:1c:95:b8:f5:c2:ef:14:2c:5c:13:37:
c2:a9:a7:78
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICJLcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MTAy
MzM5MTFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDg3RDdBRjE5NjE1QjVC
RkE0OUEyQzhFMTREODlDNjIyRjE2OTg3MzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUVzVH1gEYb5jTyaMtZJeeOIpN5MHdHzrP/aNxCU8PIwnjOgdC
PoTlyhw0cGkyDglCKEabPl4WoRJ8VhEtjqEa4FBtishPW0z5cd7GG3yEsWRwZ46U
4yeDXVyov5FaXfIjp4vWMULkL6yrOIFSMn4ygDDLELCn60zSPJtjxOj+TIj6q0eb
nMnGoZWDIC7ZN7+h+K8ANIEsJwQRdPSbOzH/SxgHBqUsfzn7Qjb892Ud5102gGBl
sCV4yFEArSq/yK9Ti/o+mBNnzh6ibpLJF4JQ7TXjAvCnlx/l1Fp1p6K3mOupnrnj
Q5wKy3nDKwitjgA7hSjgVzbKFRwGaJiNvnVxAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUh9evGWFbW/pJosjhTYnGIvFphzIwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvaDlldkdXRmJXX3BK
b3NqaFRZbkdJdkZwaHpJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAFtIwHBi6cOR/tFXan8sHX8r5W/7
2PDLk5ACUTy2KC8N+CQnzUSQbZL4Mg7s7OaCeMJBGR30U0UmmRNvbVor7BMln9Gy
kYzCBZe2npdcbVxeZh1wY8jyIjprZct4zTTtgVXQm63bVI/VWPGNmn0C7Z/f52WA
oIaXk77/Njw3EpNHMr93YjuGivG90iY1+Ov6Uj+2fN3Ix1GHXtG8RCfuZQ07x1oS
3J67v4eTI2IvqajwSp3k3kaSMzqiEsZeriZYorycDNcKbQuEmE9/tGfao6He+Jhb
R4yqWFpmlVorP7eu5tQkI5LlUdRHjKOtP7Qwuxsclbj1wu8ULFwTN8Kpp3g=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:46:28 2025 by rpki-client