Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/332/96oM3wiTyK2m5y39iu6GWEVi0p0.roa
File: 96oM3wiTyK2m5y39iu6GWEVi0p0.roa (raw, json)
Hash identifier: +f7rojEuzDTzM0gjJ/GYwIzeDjc9FHVbdOlygO0Pk4k=
Subject key identifier: F7:AA:0C:DF:08:93:C8:AD:A6:E7:2D:FD:8A:EE:86:58:45:62:D2:9D
Certificate issuer: /CN=8646EA74356E704AEDD163ECA94E5A442308DF78
Certificate serial: 212C
Authority key identifier: 86:46:EA:74:35:6E:70:4A:ED:D1:63:EC:A9:4E:5A:44:23:08:DF:78
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hkbqdDVucErt0WPsqU5aRCMI33g.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/96oM3wiTyK2m5y39iu6GWEVi0p0.roa
Signing time: Thu 03 Apr 2025 08:53:33 +0000
ROA not before: Thu 03 Apr 2025 08:53:33 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 24424
IP address blocks: 2401:3800::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8492 (0x212c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8646EA74356E704AEDD163ECA94E5A442308DF78
Validity
Not Before: Apr 3 08:53:33 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=F7AA0CDF0893C8ADA6E72DFD8AEE86584562D29D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:7c:ff:95:b6:de:55:15:fa:8b:3d:aa:e2:70:
27:12:aa:6c:f2:2a:84:b6:ad:4c:39:80:dc:a5:37:
b4:7e:1c:22:88:08:83:35:68:75:e2:ce:ff:f6:f9:
c7:36:9e:7f:d4:b4:b4:d9:35:c3:57:39:ce:75:fb:
d9:75:ae:07:8c:65:da:10:97:c6:c3:47:99:96:fb:
8c:34:1f:d9:3c:be:b5:72:f3:96:fd:d7:54:07:ce:
2c:93:7d:13:eb:2a:cf:41:1c:ba:94:eb:d2:54:40:
7c:23:22:59:bb:83:01:2f:2a:7a:0f:30:91:fc:20:
41:31:63:c8:e7:a4:4d:a1:77:f8:94:ff:1e:67:13:
2b:b4:d2:81:5a:ea:43:89:ee:e3:00:8b:35:35:f2:
1d:1d:72:bb:08:aa:56:3c:4a:94:44:fb:7e:7c:bd:
58:da:1c:eb:67:56:1d:59:9c:21:1a:59:14:2e:7e:
84:c9:81:c2:b7:bd:01:19:c7:49:8d:f1:26:f6:7d:
94:d9:65:b3:73:98:8c:96:ea:3f:1e:f4:8e:47:7d:
ed:45:d0:c5:2d:fc:34:ff:e6:18:2b:17:0b:3c:a2:
52:7d:56:b8:8f:62:d6:e8:0f:29:f0:8d:1b:5d:3c:
fa:2d:fb:70:78:af:b8:87:88:45:c6:a5:4f:d7:20:
45:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:AA:0C:DF:08:93:C8:AD:A6:E7:2D:FD:8A:EE:86:58:45:62:D2:9D
X509v3 Authority Key Identifier:
keyid:86:46:EA:74:35:6E:70:4A:ED:D1:63:EC:A9:4E:5A:44:23:08:DF:78
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/hkbqdDVucErt0WPsqU5aRCMI33g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hkbqdDVucErt0WPsqU5aRCMI33g.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/96oM3wiTyK2m5y39iu6GWEVi0p0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:3800::/32
Signature Algorithm: sha256WithRSAEncryption
90:92:06:95:a5:ad:fe:86:c8:eb:e7:b3:23:de:34:9b:53:a7:
6a:34:5b:7a:50:6e:08:db:55:31:bb:a6:20:19:e1:2b:c9:09:
1d:4a:ab:03:7e:65:42:37:cf:d1:5c:50:04:e0:ac:80:34:50:
4d:61:d8:db:30:7f:0c:a4:50:ea:91:80:98:4b:c0:cf:48:67:
13:25:4f:ca:df:0d:ac:62:eb:d5:cd:f9:a5:72:d1:2b:e2:cf:
c6:0d:96:58:48:b1:89:32:c8:35:db:70:e3:a9:d2:dd:11:2d:
05:84:ab:ad:c3:e9:41:9a:21:7b:28:8e:23:b3:9b:0f:1c:36:
6d:c0:61:ac:46:f6:b3:f9:dd:55:bf:42:ee:e6:f4:c5:b3:62:
14:fe:87:fc:af:fb:df:e3:ca:bb:94:5b:89:bf:5a:52:28:4c:
96:d9:9a:81:7b:9d:fe:cc:e2:29:dd:58:18:f9:06:bc:d3:b5:
9a:85:83:9a:88:93:13:d1:4e:e0:e1:0c:cc:3c:06:17:81:7d:
ee:2e:79:b3:4a:73:8f:a8:25:45:82:d4:00:04:ea:89:2d:69:
3b:0d:6a:61:18:e0:b8:7d:fc:c9:f3:45:05:09:68:fe:8d:84:
63:13:ca:48:40:43:9c:ba:3e:0a:48:f9:8d:1d:bc:56:0e:6d:
03:c7:0d:56
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICISwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODY0
NkVBNzQzNTZFNzA0QUVERDE2M0VDQTk0RTVBNDQyMzA4REY3ODAeFw0yNTA0MDMw
ODUzMzNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEY3QUEwQ0RGMDg5M0M4
QURBNkU3MkRGRDhBRUU4NjU4NDU2MkQyOUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCdfP+Vtt5VFfqLParicCcSqmzyKoS2rUw5gNylN7R+HCKICIM1
aHXizv/2+cc2nn/UtLTZNcNXOc51+9l1rgeMZdoQl8bDR5mW+4w0H9k8vrVy85b9
11QHziyTfRPrKs9BHLqU69JUQHwjIlm7gwEvKnoPMJH8IEExY8jnpE2hd/iU/x5n
Eyu00oFa6kOJ7uMAizU18h0dcrsIqlY8SpRE+358vVjaHOtnVh1ZnCEaWRQufoTJ
gcK3vQEZx0mN8Sb2fZTZZbNzmIyW6j8e9I5Hfe1F0MUt/DT/5hgrFws8olJ9VriP
YtboDynwjRtdPPot+3B4r7iHiEXGpU/XIEUvAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQU96oM3wiTyK2m5y39iu6GWEVi0p0wHwYDVR0jBBgwFoAUhkbqdDVucErt0WPs
qU5aRCMI33gwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMy
L2hrYnFkRFZ1Y0VydDBXUHNxVTVhUkNNSTMzZy5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvaGticWREVnVjRXJ0MFdQc3FVNWFSQ01JMzNnLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMyLzk2b00zd2lUeUsybTV5
MzlpdTZHV0VWaTBwMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcD
BQAkATgAMA0GCSqGSIb3DQEBCwUAA4IBAQCQkgaVpa3+hsjr57Mj3jSbU6dqNFt6
UG4I21Uxu6YgGeEryQkdSqsDfmVCN8/RXFAE4KyANFBNYdjbMH8MpFDqkYCYS8DP
SGcTJU/K3w2sYuvVzfmlctEr4s/GDZZYSLGJMsg123DjqdLdES0FhKutw+lBmiF7
KI4js5sPHDZtwGGsRvaz+d1Vv0Lu5vTFs2IU/of8r/vf48q7lFuJv1pSKEyW2ZqB
e53+zOIp3VgY+Qa807WahYOaiJMT0U7g4QzMPAYXgX3uLnmzSnOPqCVFgtQABOqJ
LWk7DWphGOC4ffzJ80UFCWj+jYRjE8pIQEOcuj4KSPmNHbxWDm0Dxw1W
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:12:46 2025 by rpki-client