Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/tEapmnYGm7dYLTiXloIOZD8Gn9c.roa
File: tEapmnYGm7dYLTiXloIOZD8Gn9c.roa (raw, json)
Hash identifier: vaWjVgXXRBtvfwyEWInFTk8qpzvfpQ0LtzbkcfKjtOk=
Subject key identifier: B4:46:A9:9A:76:06:9B:B7:58:2D:38:97:96:82:0E:64:3F:06:9F:D7
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 219B
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/tEapmnYGm7dYLTiXloIOZD8Gn9c.roa
Signing time: Thu 05 Jun 2025 11:08:44 +0000
ROA not before: Thu 05 Jun 2025 11:08:44 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 146845
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8603 (0x219b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jun 5 11:08:44 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=B446A99A76069BB7582D389796820E643F069FD7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:40:ba:49:ff:8e:5f:bc:30:1f:6f:10:a2:30:
4f:1e:1c:5b:27:2a:23:de:31:65:78:b4:ce:68:3d:
db:eb:3e:9d:3f:ea:79:20:c2:c9:14:7a:79:b4:ca:
ea:92:11:9e:6d:37:58:a5:af:26:6d:fe:de:4c:02:
b6:5f:b9:d0:12:d2:c9:24:96:dc:4b:71:c2:48:2e:
88:f1:d5:18:30:0e:0c:e8:79:08:06:d7:66:ea:a2:
a0:02:23:36:80:7e:9f:4f:b6:e1:ed:e3:fb:54:eb:
f4:64:5e:72:41:a7:be:e2:1a:40:47:fb:0b:45:b2:
75:72:e1:31:fd:fb:e9:0b:49:1b:aa:0b:e4:6c:0d:
2a:fd:8c:fd:9a:11:f5:20:9a:3b:54:ea:42:15:de:
7c:37:a4:af:93:66:d7:2e:c7:4b:f0:80:03:7f:b6:
de:ee:67:6c:1b:16:94:b1:7f:82:71:24:2f:d1:0f:
c8:9b:7a:57:86:c5:61:3d:ce:0e:52:6e:4f:e2:f0:
2e:f7:60:18:a2:13:02:c0:b4:ed:cc:d6:a6:4a:68:
4b:de:ab:f9:b5:9f:03:66:40:de:2d:27:84:43:cb:
30:7e:4e:ad:2e:40:ae:66:1d:5b:78:22:b5:47:d3:
28:56:90:1b:68:f5:0d:12:e6:fc:bd:a0:ae:8f:4e:
54:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:46:A9:9A:76:06:9B:B7:58:2D:38:97:96:82:0E:64:3F:06:9F:D7
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/tEapmnYGm7dYLTiXloIOZD8Gn9c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
33:e0:1b:74:ea:91:55:f8:80:43:9f:f5:02:b3:85:c2:e8:03:
ce:7d:87:17:67:e5:43:54:20:b2:5e:e7:cf:db:33:a3:99:61:
0c:07:59:52:1c:8b:85:3b:06:a6:5e:9b:fd:27:26:18:33:9c:
91:d3:aa:52:26:96:28:a0:65:e4:f2:fc:4b:79:91:dc:98:9e:
94:ca:ac:35:54:96:38:39:f4:9f:3d:54:e1:4e:05:20:d5:dd:
d6:87:ca:bb:61:4d:28:05:81:97:f8:64:05:23:70:14:00:50:
5e:b4:f7:77:6c:c8:1a:1a:d1:9b:98:26:2e:83:1e:62:68:75:
1e:a3:84:51:05:53:ed:a5:c6:8a:a6:76:38:20:c9:44:14:d4:
8d:fa:1b:6d:1a:07:06:30:26:da:d0:b5:f2:8c:a5:64:62:23:
99:66:22:42:c1:03:e8:25:85:e4:a5:1e:07:a7:3e:cf:39:f6:
7d:f1:96:f1:f8:65:42:3e:65:da:99:d4:41:a7:51:05:c0:45:
b0:a0:71:a0:6e:52:05:4b:05:88:cc:04:d3:a3:01:f5:cc:67:
e4:3b:7a:5e:02:d6:e1:b0:3c:3a:49:f8:c6:0d:93:8a:c5:d4:
d6:6f:47:d4:cc:9a:27:12:44:bc:34:78:26:c8:c6:98:10:ab:
ad:36:c0:1f
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICIZswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA2MDUx
MTA4NDRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEI0NDZBOTlBNzYwNjlC
Qjc1ODJEMzg5Nzk2ODIwRTY0M0YwNjlGRDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+QLpJ/45fvDAfbxCiME8eHFsnKiPeMWV4tM5oPdvrPp0/6nkg
wskUenm0yuqSEZ5tN1ilryZt/t5MArZfudAS0skkltxLccJILojx1RgwDgzoeQgG
12bqoqACIzaAfp9PtuHt4/tU6/RkXnJBp77iGkBH+wtFsnVy4TH9++kLSRuqC+Rs
DSr9jP2aEfUgmjtU6kIV3nw3pK+TZtcux0vwgAN/tt7uZ2wbFpSxf4JxJC/RD8ib
eleGxWE9zg5Sbk/i8C73YBiiEwLAtO3M1qZKaEveq/m1nwNmQN4tJ4RDyzB+Tq0u
QK5mHVt4IrVH0yhWkBto9Q0S5vy9oK6PTlRLAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUtEapmnYGm7dYLTiXloIOZD8Gn9cwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvdEVhcG1uWUdtN2RZ
TFRpWGxvSU9aRDhHbjljLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBADPgG3TqkVX4gEOf9QKzhcLoA859
hxdn5UNUILJe58/bM6OZYQwHWVIci4U7BqZem/0nJhgznJHTqlImliigZeTy/Et5
kdyYnpTKrDVUljg59J89VOFOBSDV3daHyrthTSgFgZf4ZAUjcBQAUF6093dsyBoa
0ZuYJi6DHmJodR6jhFEFU+2lxoqmdjggyUQU1I36G20aBwYwJtrQtfKMpWRiI5lm
IkLBA+glheSlHgenPs859n3xlvH4ZUI+ZdqZ1EGnUQXARbCgcaBuUgVLBYjMBNOj
AfXMZ+Q7el4C1uGwPDpJ+MYNk4rF1NZvR9TMmicSRLw0eCbIxpgQq602wB8=
-----END CERTIFICATE-----
Generated at Sat Jun 21 05:27:29 2025 by rpki-client