Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/tASVWjbgnEr-tPHmRpJwVy1c7bk.roa
File: tASVWjbgnEr-tPHmRpJwVy1c7bk.roa (raw, json)
Hash identifier: tmoAdB3jlMRkdAropS68duL0lLIm9l+lMYfgSHy1Tlg=
Subject key identifier: B4:04:95:5A:36:E0:9C:4A:FE:B4:F1:E6:46:92:70:57:2D:5C:ED:B9
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 2208
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/tASVWjbgnEr-tPHmRpJwVy1c7bk.roa
Signing time: Fri 06 Jun 2025 05:08:47 +0000
ROA not before: Fri 06 Jun 2025 05:08:47 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8712 (0x2208)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 6 05:08:47 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=B404955A36E09C4AFEB4F1E6469270572D5CEDB9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0c:c6:c8:c3:74:90:f1:e6:fd:95:f0:3a:d5:
9f:f6:df:d7:18:bd:e7:8a:3a:68:ed:c5:81:0a:56:
25:e5:ca:c7:e0:fb:c8:9d:e7:05:af:5d:7e:ec:49:
3f:2d:39:03:10:eb:98:80:d5:d6:bd:56:06:65:05:
17:0c:bd:75:9f:b1:98:71:53:7e:dd:9e:f9:de:3c:
a6:1b:f8:f6:84:c7:7c:60:88:5e:cf:69:36:e8:22:
96:6e:e0:10:f0:16:93:1d:1f:fb:37:11:bf:bb:ad:
34:02:71:67:53:e8:98:87:4c:9b:51:2d:fb:7a:47:
60:9d:ba:d2:5c:de:38:d7:9d:f8:29:1e:b6:09:8f:
79:73:39:e8:0b:70:95:89:30:71:60:c4:c9:8e:c3:
ba:af:8b:82:a8:73:cf:0a:d8:3d:78:85:bb:77:31:
54:bc:0b:ac:07:3a:93:02:72:d7:e5:70:e9:da:3d:
61:47:22:5a:94:4f:5b:cb:5d:a6:c1:cb:87:0a:8e:
b3:52:55:aa:14:c8:69:9d:4c:ee:78:9a:4d:13:6d:
68:38:1f:6b:a1:f0:24:0a:07:57:5b:99:da:26:89:
06:42:3e:02:d4:bc:8e:f0:25:be:ff:a2:13:f1:5e:
65:bc:02:a4:9e:b8:22:59:0e:b6:02:bf:41:b6:c2:
ea:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:04:95:5A:36:E0:9C:4A:FE:B4:F1:E6:46:92:70:57:2D:5C:ED:B9
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/tASVWjbgnEr-tPHmRpJwVy1c7bk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
3a:d3:89:37:8a:ca:ce:c7:5a:bd:40:28:a5:a2:0f:b6:19:2b:
85:84:53:1e:be:02:7b:b1:f2:69:27:41:b5:26:25:70:72:8b:
b6:9e:60:9e:76:0b:9f:65:d1:2d:16:35:1c:6b:5b:c2:07:f3:
67:b3:af:ea:4f:32:1c:35:ae:56:81:7c:39:82:d5:f0:3a:35:
32:ac:68:72:52:1f:1e:af:4b:c0:ee:e0:e8:3a:c5:bb:80:4f:
d6:d8:b2:0c:3b:5a:f2:da:b5:7f:e7:a5:1e:4b:b7:98:5c:3c:
e9:fa:63:53:7a:f2:44:86:b9:e6:8f:b1:36:9c:8e:e1:12:e2:
51:bd:c5:c4:cd:84:8f:5b:af:11:c5:17:cc:b7:8e:bb:b7:3d:
f0:e8:68:1d:fc:31:cb:46:9e:de:7b:2a:e1:e5:b6:e2:ca:6b:
16:36:f2:56:f4:24:54:70:67:bc:16:c2:27:eb:ed:33:69:f0:
42:7f:af:b4:22:a9:31:8a:58:e9:86:ac:3a:24:7c:34:0d:12:
1a:f0:ea:33:1c:f5:71:cc:90:c1:6c:e7:43:d0:69:83:e4:c9:
0f:a6:53:f1:20:fb:69:43:e3:0d:4e:1e:19:a2:71:67:87:52:
a9:60:22:c5:d8:cd:19:dd:a1:00:e4:ff:81:01:ed:6e:b7:e6:
d0:9a:43:e9
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICIggwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDYw
NTA4NDdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEI0MDQ5NTVBMzZFMDlD
NEFGRUI0RjFFNjQ2OTI3MDU3MkQ1Q0VEQjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3DMbIw3SQ8eb9lfA61Z/239cYveeKOmjtxYEKViXlysfg+8id
5wWvXX7sST8tOQMQ65iA1da9VgZlBRcMvXWfsZhxU37dnvnePKYb+PaEx3xgiF7P
aTboIpZu4BDwFpMdH/s3Eb+7rTQCcWdT6JiHTJtRLft6R2CdutJc3jjXnfgpHrYJ
j3lzOegLcJWJMHFgxMmOw7qvi4Koc88K2D14hbt3MVS8C6wHOpMCctflcOnaPWFH
IlqUT1vLXabBy4cKjrNSVaoUyGmdTO54mk0TbWg4H2uh8CQKB1dbmdomiQZCPgLU
vI7wJb7/ohPxXmW8AqSeuCJZDrYCv0G2wuoBAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUtASVWjbgnEr+tPHmRpJwVy1c7bkwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvdEFTVldqYmduRXIt
dFBIbVJwSndWeTFjN2JrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBADrTiTeKys7HWr1AKKWiD7YZK4WE
Ux6+Anux8mknQbUmJXByi7aeYJ52C59l0S0WNRxrW8IH82ezr+pPMhw1rlaBfDmC
1fA6NTKsaHJSHx6vS8Du4Og6xbuAT9bYsgw7WvLatX/npR5Lt5hcPOn6Y1N68kSG
ueaPsTacjuES4lG9xcTNhI9brxHFF8y3jru3PfDoaB38MctGnt57KuHltuLKaxY2
8lb0JFRwZ7wWwifr7TNp8EJ/r7QiqTGKWOmGrDokfDQNEhrw6jMc9XHMkMFs50PQ
aYPkyQ+mU/Eg+2lD4w1OHhmicWeHUqlgIsXYzRndoQDk/4EB7W635tCaQ+k=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:27:00 2025 by rpki-client