Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/lMHs3nXpw6xIHOv-kt5I02risxI.roa
File: lMHs3nXpw6xIHOv-kt5I02risxI.roa (raw, json)
Hash identifier: NtxCSXeRsmM3XvmYxIBdWTlNO1muQnLh2viii+Xw5xE=
Subject key identifier: 94:C1:EC:DE:75:E9:C3:AC:48:1C:EB:FE:92:DE:48:D3:6A:E2:B3:12
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 26A2
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/lMHs3nXpw6xIHOv-kt5I02risxI.roa
Signing time: Sat 14 Jun 2025 09:39:19 +0000
ROA not before: Sat 14 Jun 2025 09:39:19 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9890 (0x26a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 14 09:39:19 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=94C1ECDE75E9C3AC481CEBFE92DE48D36AE2B312
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:15:ac:05:27:e5:80:cb:74:4d:2d:c7:5e:d5:
81:24:8d:f7:bc:34:bc:13:e1:2a:4f:b7:d2:88:2a:
82:0a:6f:ca:ec:70:d7:05:d7:06:ce:a9:e2:93:76:
75:82:29:d7:6c:45:a9:c1:07:c9:be:12:d5:b0:83:
9d:7c:85:32:58:6a:c9:b7:7f:37:67:a8:08:c0:9c:
8b:e9:81:30:cf:f3:d7:9f:d9:c0:b1:62:81:24:d1:
da:d7:7c:7c:31:6e:ad:3f:06:5a:17:45:b1:60:05:
bd:87:3f:0b:40:d4:81:24:dd:e9:8e:be:2d:5c:17:
26:27:96:a6:bf:94:b6:13:e7:4c:6d:c1:a1:58:39:
de:3d:c8:c8:49:fe:85:9d:d9:5b:28:fd:6f:9a:00:
ba:2c:ae:2e:c6:37:34:98:40:e1:df:e7:ab:ef:75:
84:20:ea:e7:25:37:01:b5:b5:bf:7b:46:36:e8:b7:
9b:f2:5a:22:11:90:48:c5:95:64:21:de:ba:56:5e:
f6:5c:19:0c:a7:a2:8b:00:0b:9a:dc:2e:76:5a:cf:
1a:3a:af:c0:74:f0:3d:ba:d7:47:04:1f:d9:94:a4:
1f:94:78:07:15:3d:16:54:c4:3a:09:e1:17:e5:a7:
e9:6b:f4:c1:13:e9:c7:ac:84:d6:c0:f2:33:03:90:
d6:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:C1:EC:DE:75:E9:C3:AC:48:1C:EB:FE:92:DE:48:D3:6A:E2:B3:12
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/lMHs3nXpw6xIHOv-kt5I02risxI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
73:8f:ca:5f:9b:bf:4c:a3:12:24:4e:8f:b1:02:5d:b8:73:ea:
63:73:2f:aa:72:d2:24:23:cc:38:c9:77:d8:4f:4e:a8:39:33:
af:ac:02:f5:7e:2c:02:df:38:91:87:1f:0e:ee:5a:c6:13:37:
67:d1:84:14:66:22:b5:0f:c8:6a:6e:81:29:c1:de:80:95:3f:
b7:1b:2b:5c:85:36:bc:ed:8b:a0:a4:dd:7c:80:c3:fa:1a:1a:
6e:ff:63:63:7c:81:ca:b2:de:ba:54:6d:da:47:91:ad:48:8c:
0f:86:8d:80:5c:57:a9:4f:f3:3c:78:d8:36:d1:d3:26:d0:62:
3c:ae:72:68:b6:13:a4:54:cf:2f:6d:27:25:ce:de:6b:9e:c8:
ec:17:48:b2:ef:e3:85:2e:05:b9:d7:7a:14:b2:50:0b:11:7a:
0c:0a:55:17:c9:60:cb:f9:64:02:37:ce:0d:59:32:13:c6:ce:
b7:5b:c2:24:78:89:e1:5a:6d:d2:0f:a6:92:73:3a:8a:fc:49:
f4:0c:5b:29:33:31:f6:bb:b0:2a:53:0c:a4:b1:40:a1:90:bd:
d4:19:58:08:d2:55:43:6d:30:06:b7:b9:58:47:5c:42:3e:42:
35:e7:b0:b3:f9:44:ce:15:dc:58:d0:dc:95:11:18:b2:10:7f:
c3:13:9d:eb
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICJqIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MTQw
OTM5MTlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDk0QzFFQ0RFNzVFOUMz
QUM0ODFDRUJGRTkyREU0OEQzNkFFMkIzMTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClFawFJ+WAy3RNLcde1YEkjfe8NLwT4SpPt9KIKoIKb8rscNcF
1wbOqeKTdnWCKddsRanBB8m+EtWwg518hTJYasm3fzdnqAjAnIvpgTDP89ef2cCx
YoEk0drXfHwxbq0/BloXRbFgBb2HPwtA1IEk3emOvi1cFyYnlqa/lLYT50xtwaFY
Od49yMhJ/oWd2Vso/W+aALosri7GNzSYQOHf56vvdYQg6uclNwG1tb97Rjbot5vy
WiIRkEjFlWQh3rpWXvZcGQynoosAC5rcLnZazxo6r8B08D2610cEH9mUpB+UeAcV
PRZUxDoJ4Rflp+lr9MET6ceshNbA8jMDkNbNAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUlMHs3nXpw6xIHOv+kt5I02risxIwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvbE1IczNuWHB3NnhJ
SE92LWt0NUkwMnJpc3hJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAHOPyl+bv0yjEiROj7ECXbhz6mNz
L6py0iQjzDjJd9hPTqg5M6+sAvV+LALfOJGHHw7uWsYTN2fRhBRmIrUPyGpugSnB
3oCVP7cbK1yFNrzti6Ck3XyAw/oaGm7/Y2N8gcqy3rpUbdpHka1IjA+GjYBcV6lP
8zx42DbR0ybQYjyucmi2E6RUzy9tJyXO3mueyOwXSLLv44UuBbnXehSyUAsRegwK
VRfJYMv5ZAI3zg1ZMhPGzrdbwiR4ieFabdIPppJzOor8SfQMWykzMfa7sCpTDKSx
QKGQvdQZWAjSVUNtMAa3uVhHXEI+QjXnsLP5RM4V3FjQ3JURGLIQf8MTnes=
-----END CERTIFICATE-----
Generated at Fri Jun 20 15:08:04 2025 by rpki-client