Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/z3LAT7xJaslNAZeH6up-v0sRaZ4.roa
File: z3LAT7xJaslNAZeH6up-v0sRaZ4.roa (raw, json)
Hash identifier: OE+9fH51grcsCwmWLZ1jbu8Y+yADsJtau8K1BTeSyVE=
Subject key identifier: CF:72:C0:4F:BC:49:6A:C9:4D:01:97:87:EA:EA:7E:BF:4B:11:69:9E
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 1EFF
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/z3LAT7xJaslNAZeH6up-v0sRaZ4.roa
Signing time: Sat 31 May 2025 19:38:36 +0000
ROA not before: Sat 31 May 2025 19:38:36 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7935 (0x1eff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: May 31 19:38:36 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=CF72C04FBC496AC94D019787EAEA7EBF4B11699E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:da:37:c3:8e:b7:59:70:67:09:11:c3:2f:51:
97:38:5c:71:13:ba:2e:bc:9e:ac:d8:c9:45:a2:d9:
c7:4f:72:02:25:57:e7:29:20:4d:f4:59:2d:68:98:
c8:d5:3d:49:07:47:31:88:6b:e9:73:98:89:a3:10:
11:e3:2a:26:c5:56:07:0a:16:4f:91:78:e9:86:3b:
6f:c6:0a:22:76:38:cd:ec:9d:be:0d:46:c0:86:8b:
68:0d:87:37:bf:97:3f:89:40:fe:bc:20:2e:1d:4b:
bc:79:13:fd:b2:7f:f5:ba:5d:3b:77:31:a7:c4:75:
81:f5:2e:eb:bd:be:a1:96:4c:c3:a4:0a:21:0e:52:
84:e3:34:e4:4f:8c:33:d0:bc:2d:7f:65:e5:39:fd:
8a:7a:63:2f:8e:80:99:84:97:7b:b6:b0:31:29:7f:
fb:ae:92:8d:82:9f:b2:b0:ad:63:28:95:20:fd:85:
d2:3c:1b:bc:c1:58:b2:29:30:a1:17:89:7c:1e:0f:
d1:28:ae:ed:38:8e:38:5c:93:f1:80:df:ec:63:48:
6b:ee:86:c7:dd:d3:bc:2a:0b:06:45:40:a2:3d:0a:
f2:a2:7f:b5:f5:1b:10:53:00:9f:f5:65:50:57:fc:
b0:c1:51:ac:81:a6:97:ac:21:c9:b1:49:bb:29:ca:
9c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:72:C0:4F:BC:49:6A:C9:4D:01:97:87:EA:EA:7E:BF:4B:11:69:9E
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/z3LAT7xJaslNAZeH6up-v0sRaZ4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
5a:68:5c:21:59:3f:d3:16:c9:6f:19:1c:7b:b3:05:aa:a9:bc:
c9:51:a2:9a:70:2c:aa:38:a3:7d:c7:2c:6b:a4:e5:bc:95:6a:
3f:bb:04:4e:4f:66:aa:0b:bb:d5:31:f1:a9:ef:38:63:68:1d:
b1:60:02:b5:2e:55:64:28:aa:77:42:14:f7:75:11:01:34:1e:
0c:97:da:72:b5:28:0b:be:5e:80:e1:30:e4:dd:90:08:35:2e:
f8:ab:d6:ce:05:0e:60:f8:d4:6a:18:79:cf:7d:98:44:12:9b:
39:d5:30:7f:3b:18:9b:2c:fc:cf:5d:45:37:10:80:75:24:2b:
07:9b:30:01:f1:e8:03:42:87:9c:31:3c:ee:fe:00:37:25:22:
61:2a:e1:b4:43:be:4a:0f:ae:1e:1f:dc:7d:6b:f5:74:d8:17:
ce:ee:59:c1:ce:33:48:bc:dc:dd:75:fa:bc:cf:74:d1:5c:da:
83:cc:d1:40:23:a0:6f:92:6b:42:5d:b1:cc:46:fe:52:43:9b:
8e:5b:c3:11:7b:04:70:95:66:e6:be:ba:c2:5c:2a:b4:cc:ce:
23:c7:e7:2c:c8:de:41:31:85:6a:6a:73:fd:ff:4e:35:42:0f:
21:eb:3d:ff:c0:2c:65:3a:95:82:0e:69:65:f2:be:5d:84:eb:
92:d8:bf:f6
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICHv8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA1MzEx
OTM4MzZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKENGNzJDMDRGQkM0OTZB
Qzk0RDAxOTc4N0VBRUE3RUJGNEIxMTY5OUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDE2jfDjrdZcGcJEcMvUZc4XHETui68nqzYyUWi2cdPcgIlV+cp
IE30WS1omMjVPUkHRzGIa+lzmImjEBHjKibFVgcKFk+ReOmGO2/GCiJ2OM3snb4N
RsCGi2gNhze/lz+JQP68IC4dS7x5E/2yf/W6XTt3MafEdYH1Luu9vqGWTMOkCiEO
UoTjNORPjDPQvC1/ZeU5/Yp6Yy+OgJmEl3u2sDEpf/uuko2Cn7KwrWMolSD9hdI8
G7zBWLIpMKEXiXweD9Eoru04jjhck/GA3+xjSGvuhsfd07wqCwZFQKI9CvKif7X1
GxBTAJ/1ZVBX/LDBUayBppesIcmxSbspypz7AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUz3LAT7xJaslNAZeH6up+v0sRaZ4wHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvejNMQVQ3eEphc2xO
QVplSDZ1cC12MHNSYVo0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAFpoXCFZP9MWyW8ZHHuzBaqpvMlR
oppwLKo4o33HLGuk5byVaj+7BE5PZqoLu9Ux8anvOGNoHbFgArUuVWQoqndCFPd1
EQE0HgyX2nK1KAu+XoDhMOTdkAg1Lvir1s4FDmD41GoYec99mEQSmznVMH87GJss
/M9dRTcQgHUkKwebMAHx6ANCh5wxPO7+ADclImEq4bRDvkoPrh4f3H1r9XTYF87u
WcHOM0i83N11+rzPdNFc2oPM0UAjoG+Sa0JdscxG/lJDm45bwxF7BHCVZua+usJc
KrTMziPH5yzI3kExhWpqc/3/TjVCDyHrPf/ALGU6lYIOaWXyvl2E65LYv/Y=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:27:55 2025 by rpki-client