Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Hfx9SQtp8G3dpZ48cm3RNhkMHoE.roa
File: Hfx9SQtp8G3dpZ48cm3RNhkMHoE.roa (raw, json)
Hash identifier: PNM5pxfE9TEVS3V5BYyO1bXp9QleETYGX+Yom4iGhjo=
Subject key identifier: 1D:FC:7D:49:0B:69:F0:6D:DD:A5:9E:3C:72:6D:D1:36:19:0C:1E:81
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 02D4
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Hfx9SQtp8G3dpZ48cm3RNhkMHoE.roa
Signing time: Sat 10 May 2025 20:37:50 +0000
ROA not before: Sat 10 May 2025 20:37:50 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 724 (0x2d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 10 20:37:50 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=1DFC7D490B69F06DDDA59E3C726DD136190C1E81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:55:5f:72:a9:84:fe:a1:dd:8e:92:e1:c3:8e:
21:fc:19:fe:b6:36:25:cb:27:75:2a:5c:a1:3e:0a:
06:77:5d:0c:cb:61:fc:32:6f:55:68:85:74:0d:25:
5b:dd:1b:15:64:49:14:b6:2a:82:8a:16:18:4d:33:
63:ef:c7:42:d8:fb:6d:1f:eb:20:89:3a:c6:ae:54:
8c:f2:ac:89:e8:fb:b7:6f:fc:79:4d:aa:b1:60:fe:
66:d1:81:ba:fa:70:67:da:6b:d1:90:7c:35:74:97:
e7:b9:e5:54:a9:66:b8:4a:c0:32:6a:0e:6e:5f:96:
0e:c9:49:c2:ec:77:e6:93:a9:bf:67:45:48:e2:6e:
5f:41:57:81:60:fc:f6:5c:8c:3e:6f:6a:52:71:1e:
ef:fc:bf:5b:a6:06:8e:be:51:a9:45:ba:88:6c:3a:
c2:bb:02:df:fb:10:6e:32:0b:df:90:a6:14:54:b4:
dc:00:14:9b:f6:b2:ec:74:b8:75:19:87:c7:96:f9:
56:b5:ee:65:f8:64:bc:75:e5:75:d8:67:ad:af:cb:
15:24:d9:2b:4c:25:a3:d1:f8:6c:5c:e0:63:b5:d6:
39:f3:bb:8d:57:1e:b3:d4:9c:e0:74:e6:ad:c1:c4:
48:80:12:2d:d8:2f:69:07:5a:a0:d1:c8:99:53:6e:
07:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:FC:7D:49:0B:69:F0:6D:DD:A5:9E:3C:72:6D:D1:36:19:0C:1E:81
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Hfx9SQtp8G3dpZ48cm3RNhkMHoE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2f:b2:37:a9:5f:7c:cc:72:1c:5b:76:f0:28:2b:b5:e4:e0:cc:
49:03:4f:3e:39:4f:37:dc:51:57:bf:b1:44:01:58:2f:3c:9d:
8a:d1:8c:6e:a4:b1:97:4c:01:93:e6:bb:7f:7c:67:54:75:0f:
d7:36:3a:65:d2:e7:5c:8c:61:89:c7:16:78:f6:30:84:70:0c:
0b:03:42:64:d2:3a:2b:0f:9f:e3:b9:d2:2e:d6:9a:3d:94:da:
6b:96:02:8f:5c:21:5d:59:6c:90:fd:67:33:2c:1b:e0:d7:a2:
3f:d0:2f:24:74:cf:9d:b3:d2:ae:8c:ce:a1:22:da:2b:78:0a:
d9:1e:b5:b5:11:a9:35:bb:75:37:2e:05:d2:10:92:f7:66:23:
0b:a8:43:9b:2b:7f:c9:91:f6:f8:01:b8:4d:9b:f4:04:17:99:
40:9b:98:48:9a:cf:0e:f0:ca:05:ae:b5:f5:16:9c:65:34:17:
e1:91:bb:16:01:d4:c3:06:2e:2d:70:1b:77:50:78:c6:c2:60:
e2:47:48:df:4c:d7:b1:85:b4:5f:36:31:44:3a:d3:31:07:9a:
5c:d6:17:a6:2f:9d:ee:f0:df:3e:44:d1:f8:13:1e:6f:85:c3:
6d:ae:43:84:40:9d:76:42:b4:44:d4:87:70:20:7f:f5:85:cf:
1e:63:9b:c5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAtQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTAy
MDM3NTBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDFERkM3RDQ5MEI2OUYw
NkREREE1OUUzQzcyNkREMTM2MTkwQzFFODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDwVV9yqYT+od2OkuHDjiH8Gf62NiXLJ3UqXKE+CgZ3XQzLYfwy
b1VohXQNJVvdGxVkSRS2KoKKFhhNM2Pvx0LY+20f6yCJOsauVIzyrIno+7dv/HlN
qrFg/mbRgbr6cGfaa9GQfDV0l+e55VSpZrhKwDJqDm5flg7JScLsd+aTqb9nRUji
bl9BV4Fg/PZcjD5valJxHu/8v1umBo6+UalFuohsOsK7At/7EG4yC9+QphRUtNwA
FJv2sux0uHUZh8eW+Va17mX4ZLx15XXYZ62vyxUk2StMJaPR+Gxc4GO11jnzu41X
HrPUnOB05q3BxEiAEi3YL2kHWqDRyJlTbgedAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUHfx9SQtp8G3dpZ48cm3RNhkMHoEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9IZng5U1F0cDhHM2RwWjQ4
Y20zUk5oa01Ib0Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAC+yN6lffMxyHFt28CgrteTgzEkDTz45Tzfc
UVe/sUQBWC88nYrRjG6ksZdMAZPmu398Z1R1D9c2OmXS51yMYYnHFnj2MIRwDAsD
QmTSOisPn+O50i7Wmj2U2muWAo9cIV1ZbJD9ZzMsG+DXoj/QLyR0z52z0q6MzqEi
2it4CtketbURqTW7dTcuBdIQkvdmIwuoQ5srf8mR9vgBuE2b9AQXmUCbmEiazw7w
ygWutfUWnGU0F+GRuxYB1MMGLi1wG3dQeMbCYOJHSN9M17GFtF82MUQ60zEHmlzW
F6Yvne7w3z5E0fgTHm+Fw22uQ4RAnXZCtETUh3Agf/WFzx5jm8U=
-----END CERTIFICATE-----
Generated at Sun Jun 22 05:03:08 2025 by rpki-client