Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/sccLAIBviNl-FirqehXDR59xoZE.roa
File: sccLAIBviNl-FirqehXDR59xoZE.roa (raw, json)
Hash identifier: zWqSQau2lY0Beb9yiO9yEf8jjR+jC7q/VDJd/pXkO8A=
Subject key identifier: B1:C7:0B:00:80:6F:88:D9:7E:16:2A:EA:7A:15:C3:47:9F:71:A1:91
Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Certificate serial: 3AAA
Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/sccLAIBviNl-FirqehXDR59xoZE.roa
Signing time: Sun 20 Jul 2025 12:09:15 +0000
ROA not before: Sun 20 Jul 2025 12:09:15 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 4812
IP address blocks: 2407:9b40::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15018 (0x3aaa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353
Validity
Not Before: Jul 20 12:09:15 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=B1C70B00806F88D97E162AEA7A15C3479F71A191
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:99:59:51:cb:ec:e8:e6:02:80:f0:33:96:69:
86:ea:70:ed:e1:e8:52:b4:24:b9:88:8f:ce:2e:c4:
3b:82:34:70:47:07:d3:81:e9:f4:19:97:73:24:ac:
d1:09:81:b1:09:c0:94:a5:6a:f3:8d:75:dc:b2:99:
18:55:b1:ed:40:86:ef:ed:bb:ec:cf:d1:17:b4:af:
b2:45:2f:b3:52:a5:2f:c8:e1:87:76:e3:fc:cc:9d:
c9:4e:12:e6:5a:25:cb:5d:6b:98:9d:6d:0e:04:0f:
fa:a2:0e:15:7c:10:ae:59:83:11:29:dd:f0:16:32:
16:06:0d:ac:d3:8a:f9:d3:34:ac:10:5c:a1:61:8b:
60:a7:d4:ab:c5:22:a9:45:a3:ef:66:50:77:2e:80:
2c:e4:43:20:8b:b9:a0:8c:6b:2f:9d:e4:e7:e7:d3:
35:a2:72:f1:3a:32:67:96:1d:b9:30:12:82:e6:21:
c7:23:91:b4:66:39:2a:5f:a7:96:ce:14:83:27:eb:
2e:4a:26:a5:42:4a:86:46:b0:44:f7:c7:8b:72:30:
f5:61:1b:ec:26:c0:be:4f:3c:8b:55:b7:1c:d4:5e:
be:03:51:5c:b6:60:55:fb:67:de:9e:69:af:67:c7:
ee:59:ca:dc:82:00:12:e3:9b:e3:da:65:68:89:b9:
d2:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:C7:0B:00:80:6F:88:D9:7E:16:2A:EA:7A:15:C3:47:9F:71:A1:91
X509v3 Authority Key Identifier:
keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/sccLAIBviNl-FirqehXDR59xoZE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9b40::/32
Signature Algorithm: sha256WithRSAEncryption
53:e0:3f:de:26:d9:90:a9:28:b5:66:b3:cd:93:85:27:16:52:
b7:b7:e0:f9:49:de:1a:42:7a:c7:0a:18:50:79:4b:17:58:0b:
59:d9:ca:3f:e2:57:78:3a:d8:7f:65:b4:f7:97:e0:b7:d7:ba:
8d:25:53:f0:47:03:dd:d7:20:9d:7b:8a:d8:0c:36:cb:8f:7d:
66:d3:1f:b1:0f:7b:d7:e5:64:2b:7c:4c:33:f3:bb:a2:75:b2:
28:bc:fb:e0:2f:cd:19:3e:00:bc:b0:5e:be:e4:26:65:cc:e2:
58:b3:07:d8:0d:95:bb:cb:94:44:c1:b3:63:33:b8:b5:de:36:
91:03:27:4f:a4:32:70:6b:f9:29:ac:a4:5b:a2:8a:99:05:6a:
1b:43:9d:8d:c5:e1:f0:31:42:0c:15:b4:86:d5:c9:7a:d0:c3:
ca:35:98:72:68:1a:5b:04:83:50:ac:1e:0e:c0:4d:1e:5f:1f:
96:d2:18:d2:1b:c1:b6:6b:e7:b9:b2:d0:95:f3:dd:d2:9e:98:
f8:8b:47:9d:51:26:f3:90:7b:78:c0:d6:a9:23:3d:72:fc:21:
61:92:e2:1f:f6:9f:b9:d5:a7:92:17:c5:a7:44:f5:01:22:64:
d9:b3:72:a8:64:bd:a1:0d:85:92:f4:1a:a0:2c:50:af:de:26:
eb:af:cb:ef
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICOqowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTA3MjAx
MjA5MTVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEIxQzcwQjAwODA2Rjg4
RDk3RTE2MkFFQTdBMTVDMzQ3OUY3MUExOTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfmVlRy+zo5gKA8DOWaYbqcO3h6FK0JLmIj84uxDuCNHBHB9OB
6fQZl3MkrNEJgbEJwJSlavONddyymRhVse1Ahu/tu+zP0Re0r7JFL7NSpS/I4Yd2
4/zMnclOEuZaJctda5idbQ4ED/qiDhV8EK5ZgxEp3fAWMhYGDazTivnTNKwQXKFh
i2Cn1KvFIqlFo+9mUHcugCzkQyCLuaCMay+d5Ofn0zWicvE6MmeWHbkwEoLmIccj
kbRmOSpfp5bOFIMn6y5KJqVCSoZGsET3x4tyMPVhG+wmwL5PPItVtxzUXr4DUVy2
YFX7Z96eaa9nx+5ZytyCABLjm+PaZWiJudL9AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUsccLAIBviNl+FirqehXDR59xoZEwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR
1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5
OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvc2NjTEFJQnZpTmwt
RmlycWVoWERSNTl4b1pFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAFPgP94m2ZCpKLVms82ThScWUre3
4PlJ3hpCescKGFB5SxdYC1nZyj/iV3g62H9ltPeX4LfXuo0lU/BHA93XIJ17itgM
NsuPfWbTH7EPe9flZCt8TDPzu6J1sii8++AvzRk+ALywXr7kJmXM4lizB9gNlbvL
lETBs2MzuLXeNpEDJ0+kMnBr+SmspFuiipkFahtDnY3F4fAxQgwVtIbVyXrQw8o1
mHJoGlsEg1CsHg7ATR5fH5bSGNIbwbZr57my0JXz3dKemPiLR51RJvOQe3jA1qkj
PXL8IWGS4h/2n7nVp5IXxadE9QEiZNmzcqhkvaENhZL0GqAsUK/eJuuvy+8=
-----END CERTIFICATE-----
Generated at Sun Jul 20 19:01:57 2025 by rpki-client