Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/313/JXsubFE5rE6hJXtY0ei_k2IEO6Q.roa
File: JXsubFE5rE6hJXtY0ei_k2IEO6Q.roa (raw, json)
Hash identifier: F+TjXHDCf8NFe0rDwJxtLPL5kd+h8tLpLMX5LIISFMs=
Subject key identifier: 25:7B:2E:6C:51:39:AC:4E:A1:25:7B:58:D1:E8:BF:93:62:04:3B:A4
Certificate issuer: /CN=F5EB8FCA98FE5332275BA94D85E69397956CBE47
Certificate serial: 1F5B
Authority key identifier: F5:EB:8F:CA:98:FE:53:32:27:5B:A9:4D:85:E6:93:97:95:6C:BE:47
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9euPypj-UzInW6lNheaTl5Vsvkc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/313/JXsubFE5rE6hJXtY0ei_k2IEO6Q.roa
Signing time: Mon 21 Jul 2025 08:08:16 +0000
ROA not before: Mon 21 Jul 2025 08:08:16 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 38365
IP address blocks: 182.61.200.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8027 (0x1f5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F5EB8FCA98FE5332275BA94D85E69397956CBE47
Validity
Not Before: Jul 21 08:08:16 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=257B2E6C5139AC4EA1257B58D1E8BF9362043BA4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:70:b4:dd:4a:a9:71:db:19:3b:74:de:53:c7:
8f:22:15:52:81:a9:97:65:7c:ac:34:26:01:b1:0a:
20:b5:03:eb:bc:8f:a9:32:df:cb:f8:5b:6a:d8:a0:
c3:27:a2:ae:30:7d:fe:05:02:92:1c:d4:19:90:7c:
3f:7a:8d:ba:2c:c2:41:ee:b7:25:d9:1f:63:32:49:
33:86:2e:d4:7c:fc:59:56:63:4a:d3:90:20:a9:52:
45:fb:b8:ca:4c:f0:6c:c2:be:1a:26:85:89:a2:95:
58:20:5d:f2:5d:a3:e5:a5:49:df:33:91:55:65:bd:
ec:88:44:ae:83:87:e5:3b:c8:ce:57:77:ec:2b:31:
d9:41:fe:17:9c:04:5d:5e:d0:82:b2:6b:ef:90:05:
e8:33:91:a2:dc:12:c0:e7:9e:e6:df:43:a0:af:bc:
67:0b:cf:aa:47:c0:07:40:ec:39:13:7a:82:e9:4f:
d0:07:b1:79:e0:0b:5c:56:7f:ee:05:11:cb:ce:2b:
86:01:ee:44:0c:c9:f6:72:44:6e:17:2b:2b:a4:cd:
c1:38:91:a8:66:f1:3c:12:b2:90:a1:40:7c:5b:f3:
9a:00:94:75:79:20:14:50:0a:c3:89:6c:57:5b:a9:
b3:71:62:3c:ee:12:ec:2f:99:c4:cb:b8:ef:5b:6c:
d3:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:7B:2E:6C:51:39:AC:4E:A1:25:7B:58:D1:E8:BF:93:62:04:3B:A4
X509v3 Authority Key Identifier:
keyid:F5:EB:8F:CA:98:FE:53:32:27:5B:A9:4D:85:E6:93:97:95:6C:BE:47
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/313/9euPypj-UzInW6lNheaTl5Vsvkc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9euPypj-UzInW6lNheaTl5Vsvkc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/313/JXsubFE5rE6hJXtY0ei_k2IEO6Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
182.61.200.0/21
Signature Algorithm: sha256WithRSAEncryption
8f:9f:7c:e7:dd:00:8e:3d:98:68:57:9c:e4:3b:3f:8e:ef:37:
8e:1c:c8:40:fb:0c:7a:08:1e:5e:71:fc:0f:fd:a4:4f:d8:a9:
71:0c:e1:fd:44:fa:c0:bb:84:21:26:33:7e:f9:f0:10:af:07:
4d:a4:1f:ed:c1:49:da:a6:1d:df:ea:6c:b6:37:4e:6e:39:91:
ce:27:80:36:cf:12:32:bc:9f:89:22:ea:11:b7:25:d1:2a:bb:
f9:fc:60:be:b4:95:99:4f:b0:ff:5b:1f:c1:65:38:e7:2f:16:
07:cc:75:d7:d5:dd:0f:c8:0d:72:6d:a9:a0:1c:3d:8b:ee:40:
29:59:cf:e1:0d:67:03:a8:f6:7c:05:57:25:69:d9:11:39:be:
46:e5:75:66:43:fc:a9:b0:43:76:6e:06:90:fd:9a:9d:74:80:
54:4d:a9:a9:72:86:54:90:83:31:2a:9c:9b:1d:24:d7:4e:d8:
d1:28:e5:5a:4a:48:e7:53:1a:1a:71:aa:41:0f:e2:7f:f8:15:
8c:10:99:ae:03:d0:8a:b4:41:71:4b:0d:3e:7b:05:c4:bc:10:
75:18:ab:e5:fa:bb:7e:33:c7:10:55:d4:4f:0e:6d:2e:21:36:
a8:26:47:74:a7:aa:04:15:b2:9c:46:55:fd:9b:6e:8a:18:e6:
b9:4d:00:b7
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICH1swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjVF
QjhGQ0E5OEZFNTMzMjI3NUJBOTREODVFNjkzOTc5NTZDQkU0NzAeFw0yNTA3MjEw
ODA4MTZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDI1N0IyRTZDNTEzOUFD
NEVBMTI1N0I1OEQxRThCRjkzNjIwNDNCQTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrcLTdSqlx2xk7dN5Tx48iFVKBqZdlfKw0JgGxCiC1A+u8j6ky
38v4W2rYoMMnoq4wff4FApIc1BmQfD96jboswkHutyXZH2MySTOGLtR8/FlWY0rT
kCCpUkX7uMpM8GzCvhomhYmilVggXfJdo+WlSd8zkVVlveyIRK6Dh+U7yM5Xd+wr
MdlB/hecBF1e0IKya++QBegzkaLcEsDnnubfQ6CvvGcLz6pHwAdA7DkTeoLpT9AH
sXngC1xWf+4FEcvOK4YB7kQMyfZyRG4XKyukzcE4kahm8TwSspChQHxb85oAlHV5
IBRQCsOJbFdbqbNxYjzuEuwvmcTLuO9bbNOFAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUJXsubFE5rE6hJXtY0ei/k2IEO6QwHwYDVR0jBBgwFoAU9euPypj+UzInW6lN
heaTl5VsvkcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz
LzlldVB5cGotVXpJblc2bE5oZWFUbDVWc3ZrYy5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvOWV1UHlwai1VekluVzZsTmhlYVRsNVZzdmtjLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEzL0pYc3ViRkU1ckU2aEpY
dFkwZWlfazJJRU82US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAO2PcgwDQYJKoZIhvcNAQELBQADggEBAI+ffOfdAI49mGhXnOQ7P47vN44cyED7
DHoIHl5x/A/9pE/YqXEM4f1E+sC7hCEmM3758BCvB02kH+3BSdqmHd/qbLY3Tm45
kc4ngDbPEjK8n4ki6hG3JdEqu/n8YL60lZlPsP9bH8FlOOcvFgfMddfV3Q/IDXJt
qaAcPYvuQClZz+ENZwOo9nwFVyVp2RE5vkbldWZD/KmwQ3ZuBpD9mp10gFRNqaly
hlSQgzEqnJsdJNdO2NEo5VpKSOdTGhpxqkEP4n/4FYwQma4D0Iq0QXFLDT57BcS8
EHUYq+X6u34zxxBV1E8ObS4hNqgmR3SnqgQVspxGVf2bbooY5rlNALc=
-----END CERTIFICATE-----
Generated at Wed Nov 5 18:49:51 2025 by rpki-client