Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/890/NnAMo6nSwDiKDN-K3i6_YlciCYI.roa
File: NnAMo6nSwDiKDN-K3i6_YlciCYI.roa (raw, json)
Hash identifier: zvs30K1d5JF62E3ua0+v6DaspSXB5bEXb+2ZZQhN5Rs=
Subject key identifier: 36:70:0C:A3:A9:D2:C0:38:8A:0C:DF:8A:DE:2E:BF:62:57:22:09:82
Certificate issuer: /CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD
Certificate serial: 0C8C
Authority key identifier: DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/NnAMo6nSwDiKDN-K3i6_YlciCYI.roa
Signing time: Thu 05 Jun 2025 03:51:20 +0000
ROA not before: Thu 05 Jun 2025 03:51:20 +0000
ROA not after: Thu 09 Apr 2026 06:41:00 +0000
asID: 63567
IP address blocks: 43.248.186.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3212 (0xc8c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD
Validity
Not Before: Jun 5 03:51:20 2025 GMT
Not After : Apr 9 06:41:00 2026 GMT
Subject: CN=36700CA3A9D2C0388A0CDF8ADE2EBF6257220982
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f2:2e:d9:56:f6:15:b2:d8:5e:72:ce:65:4f:
a8:d2:33:db:b9:bc:5e:9f:5b:22:47:be:a4:0d:fd:
d4:ab:ac:50:46:9d:fb:fb:38:10:88:47:53:a7:bb:
1d:8b:44:bb:ea:ad:fa:f5:3e:6f:4c:18:91:fa:1c:
f0:52:34:e5:1a:4a:27:c6:53:43:6b:a1:09:89:56:
a7:2d:29:45:7d:f0:25:74:9a:81:86:94:78:aa:65:
2e:2f:63:c1:df:98:25:1f:86:ea:1e:b2:c3:da:0c:
16:8d:0d:49:29:c7:f3:95:6c:bf:f7:be:3f:e6:7d:
7d:fc:af:b9:4f:38:7d:bc:0b:fe:1b:c4:7d:a1:2b:
a8:98:78:6d:5d:3a:f4:12:b8:03:d6:b0:bd:80:49:
b9:5c:57:c9:69:24:06:0d:06:a9:7b:6a:18:65:44:
1e:a1:7f:c2:5b:46:23:50:c7:51:fa:1e:a0:14:a7:
2c:e1:e5:b1:8a:41:df:b8:51:e9:27:40:c9:61:a2:
8e:dd:e8:95:a9:da:a2:b5:70:9f:ab:75:24:ba:fc:
d3:24:d8:24:f2:3d:90:3b:82:f4:15:fc:41:14:af:
5a:7e:39:8d:d6:55:67:a8:1a:a2:4e:9c:9a:d0:9b:
3f:96:3d:f6:7b:21:1f:eb:34:12:d9:29:99:cf:04:
98:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:70:0C:A3:A9:D2:C0:38:8A:0C:DF:8A:DE:2E:BF:62:57:22:09:82
X509v3 Authority Key Identifier:
keyid:DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/NnAMo6nSwDiKDN-K3i6_YlciCYI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.248.186.0/24
Signature Algorithm: sha256WithRSAEncryption
09:03:7d:37:02:2b:1a:60:d9:73:96:4d:bf:c8:d2:41:8e:77:
6f:43:6f:8f:d7:96:90:87:f3:0c:6f:48:0e:1c:42:d3:1d:e7:
41:14:ad:7d:88:ef:82:4a:39:9a:0f:56:2a:2e:46:a9:db:e8:
38:97:9e:26:14:c6:3d:1b:3f:f9:0f:23:6d:ec:7b:9a:33:7a:
e8:86:7c:d3:b8:ed:b1:8b:f3:81:d3:27:97:10:e0:e6:9c:23:
cd:b5:11:0e:37:bb:d0:2b:eb:b3:c7:31:10:e2:a9:03:2a:08:
b7:cb:5c:9e:63:f8:ac:51:a1:d3:07:33:85:01:17:01:25:55:
09:b2:d2:73:c8:51:00:29:79:8b:b6:77:c5:de:28:79:4c:cd:
eb:ab:0e:d9:28:a0:45:41:d0:9e:19:12:5a:67:e6:43:08:00:
c4:13:e4:8e:de:71:25:8a:33:77:1f:c8:67:64:58:86:7d:92:
c8:5d:23:45:04:07:fe:24:e1:cf:b5:b7:a1:01:06:78:50:f2:
b5:9c:a4:3b:d6:01:aa:99:43:c9:9d:b9:aa:9d:56:5f:53:0d:
fa:30:a2:d6:dc:c7:f0:62:aa:93:96:50:6e:07:58:d1:8f:48:
f9:7c:82:8b:86:e9:27:52:85:3b:2d:17:4e:9f:59:02:e1:9a:
5a:23:67:7f
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDIwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREJC
NEM1RkE5NkI4NzQxQkY2OEI0OEJGMDA0REJENkZEOTYzNkZBRDAeFw0yNTA2MDUw
MzUxMjBaFw0yNjA0MDkwNjQxMDBaMDMxMTAvBgNVBAMTKDM2NzAwQ0EzQTlEMkMw
Mzg4QTBDREY4QURFMkVCRjYyNTcyMjA5ODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCt8i7ZVvYVsthecs5lT6jSM9u5vF6fWyJHvqQN/dSrrFBGnfv7
OBCIR1Onux2LRLvqrfr1Pm9MGJH6HPBSNOUaSifGU0NroQmJVqctKUV98CV0moGG
lHiqZS4vY8HfmCUfhuoessPaDBaNDUkpx/OVbL/3vj/mfX38r7lPOH28C/4bxH2h
K6iYeG1dOvQSuAPWsL2ASblcV8lpJAYNBql7ahhlRB6hf8JbRiNQx1H6HqAUpyzh
5bGKQd+4UeknQMlhoo7d6JWp2qK1cJ+rdSS6/NMk2CTyPZA7gvQV/EEUr1p+OY3W
VWeoGqJOnJrQmz+WPfZ7IR/rNBLZKZnPBJiHAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUNnAMo6nSwDiKDN+K3i6/YlciCYIwHwYDVR0jBBgwFoAU27TF+pa4dBv2i0i/
AE29b9ljb60wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkw
LzI3VEYtcGE0ZEJ2MmkwaV9BRTI5YjlsamI2MC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvMjdURi1wYTRkQnYyaTBpX0FFMjliOWxqYjYwLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkwL05uQU1vNm5Td0RpS0RO
LUszaTZfWWxjaUNZSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAr+LowDQYJKoZIhvcNAQELBQADggEBAAkDfTcCKxpg2XOWTb/I0kGOd29Db4/X
lpCH8wxvSA4cQtMd50EUrX2I74JKOZoPViouRqnb6DiXniYUxj0bP/kPI23se5oz
euiGfNO47bGL84HTJ5cQ4OacI821EQ43u9Ar67PHMRDiqQMqCLfLXJ5j+KxRodMH
M4UBFwElVQmy0nPIUQApeYu2d8XeKHlMzeurDtkooEVB0J4ZElpn5kMIAMQT5I7e
cSWKM3cfyGdkWIZ9kshdI0UEB/4k4c+1t6EBBnhQ8rWcpDvWAaqZQ8mduaqdVl9T
Dfowotbcx/BiqpOWUG4HWNGPSPl8gouG6SdShTstF06fWQLhmlojZ38=
-----END CERTIFICATE-----
Generated at Sun Jun 22 05:10:08 2025 by rpki-client