Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/KZe1Xlm7BGxoh9XksiVyzf8TVnk.roa
File: KZe1Xlm7BGxoh9XksiVyzf8TVnk.roa (raw, json)
Hash identifier: pnrMb5Pf528LVX2ZVwwke23ecEXQfqLVqRvQw6tbDw4=
Subject key identifier: 29:97:B5:5E:59:BB:04:6C:68:87:D5:E4:B2:25:72:CD:FF:13:56:79
Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Certificate serial: 4A
Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/KZe1Xlm7BGxoh9XksiVyzf8TVnk.roa
Signing time: Tue 27 May 2025 08:36:29 +0000
ROA not before: Tue 27 May 2025 08:36:29 +0000
ROA not after: Wed 27 May 2026 07:38:41 +0000
asID: 9808
IP address blocks: 240a:42fa::/31 maxlen: 31
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74 (0x4a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Validity
Not Before: May 27 08:36:29 2025 GMT
Not After : May 27 07:38:41 2026 GMT
Subject: CN=2997B55E59BB046C6887D5E4B22572CDFF135679
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:15:50:e7:61:70:12:7d:1a:49:34:4f:89:c8:
79:d2:fc:5b:38:2f:7d:f8:6e:6a:d2:da:2b:54:ef:
d3:85:94:31:2c:72:a7:d2:53:b3:ad:73:62:73:a0:
1e:43:3b:33:c2:3e:7f:89:91:aa:18:34:58:72:62:
5c:9a:cb:83:5c:2f:a8:e0:74:27:4b:01:9c:a4:d0:
5c:ae:39:a2:c8:3e:67:16:a3:b9:f2:11:df:93:06:
e3:c8:fc:bb:91:a2:41:82:a5:47:bb:28:cd:68:5c:
c8:a1:f5:58:1b:c6:9d:ed:ef:4c:99:59:e7:7d:68:
56:83:19:90:bf:c4:7b:30:76:e4:df:cd:c2:30:13:
ea:2d:04:f3:7b:ec:18:b3:e9:80:88:7f:48:1a:16:
92:16:b8:4b:66:1b:18:4e:13:ae:ff:cf:c3:65:aa:
10:92:e0:05:0d:71:12:dc:88:c9:41:5d:e8:49:d2:
ae:8d:c8:85:7f:6f:b4:d5:8f:63:97:eb:00:15:16:
89:73:86:1a:f1:37:da:6e:d6:9c:41:60:14:6b:11:
b8:8e:c1:b5:b8:fc:2f:ea:e4:6a:6f:c4:06:69:60:
8f:6f:e5:75:38:2c:fc:85:06:29:f8:76:e2:e5:1f:
28:e4:90:3c:05:f8:02:a7:1b:64:55:e6:64:c2:92:
c5:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:97:B5:5E:59:BB:04:6C:68:87:D5:E4:B2:25:72:CD:FF:13:56:79
X509v3 Authority Key Identifier:
keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/KZe1Xlm7BGxoh9XksiVyzf8TVnk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
240a:42fa::/31
Signature Algorithm: sha256WithRSAEncryption
69:6b:6f:53:46:64:26:f2:37:06:f3:bd:58:31:a6:c3:ae:f7:
52:2e:1a:1e:6b:b2:b0:47:54:95:00:ba:3b:5b:60:f0:fc:60:
93:49:0b:e8:94:23:69:91:b6:b9:4c:75:a1:98:5a:d0:0a:48:
e3:1b:d1:17:b9:69:2c:46:bf:c7:fb:48:8c:34:cd:c1:2d:e3:
b1:6c:00:2a:3b:5d:95:91:86:01:27:51:6e:e0:01:85:f4:72:
2c:70:f0:16:b5:b3:59:33:90:2e:5b:94:31:7d:73:bd:55:d3:
dd:e4:d9:c5:a4:59:b1:7f:2d:b2:03:78:17:f1:79:35:ec:37:
62:92:4d:90:49:8f:7a:18:0f:d0:35:cf:14:2d:55:27:14:40:
18:2b:02:89:d6:27:db:46:79:b9:82:f5:a7:e6:62:a9:f2:a0:
49:37:1b:1c:6c:2f:e9:5d:96:1f:b1:3c:e9:f1:86:76:31:7c:
dd:c2:6f:f1:d4:40:80:33:8e:65:7c:6c:24:43:a7:26:96:75:
7c:e1:98:22:7f:b5:70:57:99:e7:a6:c4:c7:2c:64:75:bc:2f:
95:bf:d8:d9:f0:fb:84:66:39:d3:eb:79:98:20:17:65:9f:45:
4c:2e:b1:71:e8:11:53:bc:b6:ab:fb:6a:eb:44:fa:cc:42:16:
24:c1:4f:2b
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgIBSjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5NEVG
RjczOTJFMUVEQzEyMjVGQzRDRkI4RkFCNkVCNjE3QTlEMjREMB4XDTI1MDUyNzA4
MzYyOVoXDTI2MDUyNzA3Mzg0MVowMzExMC8GA1UEAxMoMjk5N0I1NUU1OUJCMDQ2
QzY4ODdENUU0QjIyNTcyQ0RGRjEzNTY3OTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAN0VUOdhcBJ9Gkk0T4nIedL8WzgvffhuatLaK1Tv04WUMSxyp9JT
s61zYnOgHkM7M8I+f4mRqhg0WHJiXJrLg1wvqOB0J0sBnKTQXK45osg+ZxajufIR
35MG48j8u5GiQYKlR7sozWhcyKH1WBvGne3vTJlZ531oVoMZkL/EezB25N/NwjAT
6i0E83vsGLPpgIh/SBoWkha4S2YbGE4Trv/Pw2WqEJLgBQ1xEtyIyUFd6EnSro3I
hX9vtNWPY5frABUWiXOGGvE32m7WnEFgFGsRuI7Btbj8L+rkam/EBmlgj2/ldTgs
/IUGKfh24uUfKOSQPAX4AqcbZFXmZMKSxbsCAwEAAaOCAfQwggHwMB0GA1UdDgQW
BBQpl7VeWbsEbGiH1eSyJXLN/xNWeTAfBgNVHSMEGDAWgBSU7/c5Lh7cEiX8TPuP
q262F6nSTTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNjcy
L2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvbE9fM09TNGUzQklsX0V6N2o2dHV0aGVwMGswLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3Mi9LWmUxWGxtN0JHeG9o
OVhrc2lWeXpmOFRWbmsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH
AwUBJApC+jANBgkqhkiG9w0BAQsFAAOCAQEAaWtvU0ZkJvI3BvO9WDGmw673Ui4a
HmuysEdUlQC6O1tg8Pxgk0kL6JQjaZG2uUx1oZha0ApI4xvRF7lpLEa/x/tIjDTN
wS3jsWwAKjtdlZGGASdRbuABhfRyLHDwFrWzWTOQLluUMX1zvVXT3eTZxaRZsX8t
sgN4F/F5New3YpJNkEmPehgP0DXPFC1VJxRAGCsCidYn20Z5uYL1p+ZiqfKgSTcb
HGwv6V2WH7E86fGGdjF83cJv8dRAgDOOZXxsJEOnJpZ1fOGYIn+1cFeZ56bExyxk
dbwvlb/Y2fD7hGY50+t5mCAXZZ9FTC6xcegRU7y2q/tq60T6zEIWJMFPKw==
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:33:20 2025 by rpki-client