Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2672/T5f2EW6yv13nCWRbtJiJGFJ5lok.roa
File: T5f2EW6yv13nCWRbtJiJGFJ5lok.roa (raw, json)
Hash identifier: +OToxwC+FmkQE9wUWXeQWGQHYyWABIUr1D92tkYNYic=
Subject key identifier: 4F:97:F6:11:6E:B2:BF:5D:E7:09:64:5B:B4:98:89:18:52:79:96:89
Certificate issuer: /CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Certificate serial: 2F
Authority key identifier: 94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/T5f2EW6yv13nCWRbtJiJGFJ5lok.roa
Signing time: Tue 27 May 2025 08:19:39 +0000
ROA not before: Tue 27 May 2025 08:19:39 +0000
ROA not after: Wed 27 May 2026 07:38:41 +0000
asID: 56046
IP address blocks: 240a:4020:883a::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47 (0x2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94EFF7392E1EDC1225FC4CFB8FAB6EB617A9D24D
Validity
Not Before: May 27 08:19:39 2025 GMT
Not After : May 27 07:38:41 2026 GMT
Subject: CN=4F97F6116EB2BF5DE709645BB498891852799689
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f3:14:d2:48:91:ef:c2:13:d5:f3:c1:09:55:
b0:80:41:12:e2:27:c2:e1:e1:7d:5d:e5:a8:1d:3b:
93:30:a1:54:73:d6:10:09:b8:04:52:f8:ed:cd:22:
0d:53:b3:39:7c:0c:0f:3b:0c:12:e0:d6:10:81:ae:
fa:83:0c:63:9d:59:2f:22:4f:ed:0d:e2:e8:2e:ae:
6f:e5:b4:1c:6b:e7:d1:eb:1f:a8:64:39:55:4e:bd:
28:3a:70:1a:bd:94:0a:df:87:4e:f1:62:45:77:08:
7c:bf:0b:c6:c7:09:27:de:cc:23:3c:eb:12:d1:16:
8b:73:68:b6:cf:36:b7:52:aa:44:01:56:dc:7b:a0:
7d:9f:94:81:9d:dd:d1:37:bd:38:9c:79:5c:b5:3f:
7a:e1:42:2b:a2:41:58:45:9b:a4:2a:51:53:20:ec:
25:a6:17:b3:d8:fd:6f:b6:a6:2b:2b:ff:a4:6a:23:
01:79:40:ac:d9:51:27:24:e9:84:47:bc:03:c7:fe:
53:6a:de:17:0f:21:d0:55:3a:ba:48:da:4f:aa:6f:
cc:5b:f0:e7:6e:3d:04:e5:10:6b:de:62:fe:60:c8:
1f:3f:2c:cf:ff:fa:72:81:f4:ce:64:d0:f1:61:bf:
f4:97:df:91:60:05:d4:12:57:0a:55:6e:84:a6:7f:
22:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:97:F6:11:6E:B2:BF:5D:E7:09:64:5B:B4:98:89:18:52:79:96:89
X509v3 Authority Key Identifier:
keyid:94:EF:F7:39:2E:1E:DC:12:25:FC:4C:FB:8F:AB:6E:B6:17:A9:D2:4D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/lO_3OS4e3BIl_Ez7j6tuthep0k0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lO_3OS4e3BIl_Ez7j6tuthep0k0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2672/T5f2EW6yv13nCWRbtJiJGFJ5lok.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
240a:4020:883a::/48
Signature Algorithm: sha256WithRSAEncryption
39:29:12:fd:6d:2d:b6:be:33:eb:a6:7d:77:bf:a5:88:d1:09:
4c:f8:4b:62:c1:9d:ef:ec:b6:93:d7:48:45:f4:b9:62:ee:b7:
9c:c1:f1:45:fc:1c:96:70:a2:39:2d:3c:32:65:a4:ee:8e:72:
c9:b6:64:73:33:a6:90:ce:76:8b:4f:6b:a4:95:bb:fc:02:69:
e2:9e:0d:36:75:be:e0:13:f2:56:1b:e3:63:f4:79:8a:9c:2e:
72:11:bc:8d:d8:a3:45:ee:bf:20:eb:b6:5d:d9:02:21:11:4c:
1b:a7:e9:37:1d:20:26:d5:1b:82:4e:ff:06:2e:cc:bd:0e:08:
94:e3:ad:80:ff:60:5d:89:be:d8:f0:6a:ba:7d:bc:c5:37:0e:
84:23:16:9b:eb:6e:5f:5d:5b:50:8d:26:8e:4f:09:cf:0f:fb:
04:1e:7f:f2:39:eb:7d:2e:1e:65:b6:bd:28:05:d8:ef:3a:19:
2f:66:af:ff:77:e0:f9:7a:61:96:35:b9:b2:04:22:e1:67:28:
b3:f3:fb:44:6e:b9:3a:0d:b6:da:de:43:fb:01:9b:33:d9:22:
a0:d9:ba:7d:fd:1c:de:21:c3:b6:5f:cd:d1:20:09:4d:fb:78:
28:ec:51:75:15:2d:cb:b4:45:71:f2:48:77:70:91:53:56:49:
91:0f:f7:b9
-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgIBLzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5NEVG
RjczOTJFMUVEQzEyMjVGQzRDRkI4RkFCNkVCNjE3QTlEMjREMB4XDTI1MDUyNzA4
MTkzOVoXDTI2MDUyNzA3Mzg0MVowMzExMC8GA1UEAxMoNEY5N0Y2MTE2RUIyQkY1
REU3MDk2NDVCQjQ5ODg5MTg1Mjc5OTY4OTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKjzFNJIke/CE9XzwQlVsIBBEuInwuHhfV3lqB07kzChVHPWEAm4
BFL47c0iDVOzOXwMDzsMEuDWEIGu+oMMY51ZLyJP7Q3i6C6ub+W0HGvn0esfqGQ5
VU69KDpwGr2UCt+HTvFiRXcIfL8LxscJJ97MIzzrEtEWi3Nots82t1KqRAFW3Hug
fZ+UgZ3d0Te9OJx5XLU/euFCK6JBWEWbpCpRUyDsJaYXs9j9b7amKyv/pGojAXlA
rNlRJyTphEe8A8f+U2reFw8h0FU6ukjaT6pvzFvw5249BOUQa95i/mDIHz8sz//6
coH0zmTQ8WG/9JffkWAF1BJXClVuhKZ/IicCAwEAAaOCAfYwggHyMB0GA1UdDgQW
BBRPl/YRbrK/XecJZFu0mIkYUnmWiTAfBgNVHSMEGDAWgBSU7/c5Lh7cEiX8TPuP
q262F6nSTTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNjcy
L2xPXzNPUzRlM0JJbF9FejdqNnR1dGhlcDBrMC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvbE9fM09TNGUzQklsX0V6N2o2dHV0aGVwMGswLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3Mi9UNWYyRVc2eXYxM25D
V1JidEppSkdGSjVsb2sucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ
AwcAJApAIIg6MA0GCSqGSIb3DQEBCwUAA4IBAQA5KRL9bS22vjPrpn13v6WI0QlM
+EtiwZ3v7LaT10hF9Lli7recwfFF/ByWcKI5LTwyZaTujnLJtmRzM6aQznaLT2uk
lbv8Amning02db7gE/JWG+Nj9HmKnC5yEbyN2KNF7r8g67Zd2QIhEUwbp+k3HSAm
1RuCTv8GLsy9DgiU462A/2Bdib7Y8Gq6fbzFNw6EIxab625fXVtQjSaOTwnPD/sE
Hn/yOet9Lh5ltr0oBdjvOhkvZq//d+D5emGWNbmyBCLhZyiz8/tEbrk6Dbba3kP7
AZsz2SKg2bp9/RzeIcO2X83RIAlN+3go7FF1FS3LtEVx8kh3cJFTVkmRD/e5
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:04:19 2025 by rpki-client