Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/aMNQCiQqyZgfAKDVtoIY936kPro.roa
File: aMNQCiQqyZgfAKDVtoIY936kPro.roa (raw, json)
Hash identifier: DFy9OH9fpg0pFpEdrNm+jHjS5c9wdW86247SMpdsSpU=
Subject key identifier: 68:C3:50:0A:24:2A:C9:98:1F:00:A0:D5:B6:82:18:F7:7E:A4:3E:BA
Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925
Certificate serial: 0714
Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/aMNQCiQqyZgfAKDVtoIY936kPro.roa
Signing time: Fri 13 Mar 2026 14:15:03 +0000
ROA not before: Fri 13 Mar 2026 14:15:03 +0000
ROA not after: Sat 09 Jan 2027 08:23:18 +0000
asID: 18207
IP address blocks: 103.118.216.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1812 (0x714)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925
Validity
Not Before: Mar 13 14:15:03 2026 GMT
Not After : Jan 9 08:23:18 2027 GMT
Subject: CN=68C3500A242AC9981F00A0D5B68218F77EA43EBA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:68:f1:82:9c:4a:ee:44:f9:ef:fc:1a:36:41:
63:67:82:f0:62:69:f1:de:41:36:4a:eb:74:13:1d:
5e:2f:d9:2a:08:ca:fb:af:bc:d6:07:51:80:16:85:
26:5a:68:36:d1:3b:b3:53:6f:ef:dd:2a:be:b8:f5:
30:ce:e3:f1:cc:73:bc:72:e2:3a:ca:2f:ba:37:17:
3b:63:d1:7d:20:13:80:c4:df:67:07:5e:05:f3:54:
0c:df:db:ea:5d:17:6b:da:a9:22:22:28:3c:b1:40:
95:dc:3b:d2:1a:4f:b7:37:0b:21:21:2b:85:fe:7c:
c8:e6:64:60:d2:61:9b:3c:cc:e4:13:ec:f9:1f:a8:
95:b2:8e:45:a8:b8:11:31:c3:81:90:81:94:fb:c6:
b7:65:f5:88:07:78:f4:c6:f0:b4:0c:ea:0c:1c:95:
db:65:0c:24:0d:94:77:a4:1d:97:91:d0:a8:c4:f3:
af:e6:fc:14:0f:3b:13:78:08:3e:e2:33:a4:44:7a:
0d:d8:5d:cf:8d:31:19:16:12:18:16:e1:ff:c1:79:
bf:f5:ce:98:97:00:04:1c:d3:d1:b1:e6:f0:58:a9:
e5:db:f3:0f:93:ae:a8:64:11:dd:1e:e1:c3:1b:66:
6b:14:26:d7:d5:b8:1e:f4:59:f8:f4:80:ad:cc:24:
96:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:C3:50:0A:24:2A:C9:98:1F:00:A0:D5:B6:82:18:F7:7E:A4:3E:BA
X509v3 Authority Key Identifier:
keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/aMNQCiQqyZgfAKDVtoIY936kPro.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.118.216.0/22
Signature Algorithm: sha256WithRSAEncryption
53:ea:71:ec:4f:16:93:e1:11:d4:42:ba:1d:1b:47:c3:fd:53:
7e:fd:f1:f1:34:7f:91:c4:25:c8:8e:61:e0:4c:0e:dd:5f:d2:
07:cb:0f:0a:02:02:b3:01:86:31:5a:51:9d:bc:89:f2:34:4c:
c2:c5:3c:9b:a6:3d:89:48:8c:c7:80:10:36:86:eb:31:79:d1:
e8:db:c9:46:00:cd:6f:91:fa:59:07:b6:2e:95:5b:1f:d9:9b:
c3:a5:36:a1:8b:e0:16:74:58:fa:bc:6a:1e:48:7d:f9:8c:30:
66:9a:eb:78:0c:6a:2e:66:ba:37:97:15:9a:6b:6f:fc:f2:bc:
fe:da:08:70:77:6f:1a:33:62:9b:ac:3b:a4:6f:d2:63:33:28:
78:66:15:a2:00:da:ca:81:fc:51:2a:98:c6:6b:bb:e2:d7:94:
34:6e:16:db:45:41:03:da:af:d7:ed:8b:b2:26:19:3a:bb:c6:
76:1e:d6:46:84:81:18:d7:13:22:9b:a7:6b:25:b1:4c:90:8a:
f1:3c:d4:26:32:2d:e9:7e:29:03:b2:a4:74:b8:84:64:e2:91:
9f:65:aa:e0:50:22:55:72:2d:53:aa:ef:69:5b:9d:e5:d6:1c:
f7:e1:fe:06:50:7b:73:be:a7:df:2a:2f:eb:43:d3:2c:b8:cb:
c0:85:09:87
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICBxQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzlF
RTg1MkZFMTM4Q0RFREM1QjQyRDExQTM0Mjk1RDEwOUFENDkyNTAeFw0yNjAzMTMx
NDE1MDNaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDY4QzM1MDBBMjQyQUM5
OTgxRjAwQTBENUI2ODIxOEY3N0VBNDNFQkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsaPGCnEruRPnv/Bo2QWNngvBiafHeQTZK63QTHV4v2SoIyvuv
vNYHUYAWhSZaaDbRO7NTb+/dKr649TDO4/HMc7xy4jrKL7o3Fztj0X0gE4DE32cH
XgXzVAzf2+pdF2vaqSIiKDyxQJXcO9IaT7c3CyEhK4X+fMjmZGDSYZs8zOQT7Pkf
qJWyjkWouBExw4GQgZT7xrdl9YgHePTG8LQM6gwcldtlDCQNlHekHZeR0KjE86/m
/BQPOxN4CD7iM6REeg3YXc+NMRkWEhgW4f/Beb/1zpiXAAQc09Gx5vBYqeXb8w+T
rqhkEd0e4cMbZmsUJtfVuB70Wfj0gK3MJJZRAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUaMNQCiQqyZgfAKDVtoIY936kProwHwYDVR0jBBgwFoAUOe6FL+E4ze3FtC0R
o0KV0QmtSSUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcx
Ni9PZTZGTC1FNHplM0Z0QzBSbzBLVjBRbXRTU1UuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3MTYvYU1OUUNpUXF5Wmdm
QUtEVnRvSVk5MzZrUHJvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmd22DANBgkqhkiG9w0BAQsFAAOCAQEAU+px7E8Wk+ER1EK6HRtHw/1Tfv3x
8TR/kcQlyI5h4EwO3V/SB8sPCgICswGGMVpRnbyJ8jRMwsU8m6Y9iUiMx4AQNobr
MXnR6NvJRgDNb5H6WQe2LpVbH9mbw6U2oYvgFnRY+rxqHkh9+YwwZprreAxqLma6
N5cVmmtv/PK8/toIcHdvGjNim6w7pG/SYzMoeGYVogDayoH8USqYxmu74teUNG4W
20VBA9qv1+2LsiYZOrvGdh7WRoSBGNcTIpunayWxTJCK8TzUJjIt6X4pA7KkdLiE
ZOKRn2Wq4FAiVXItU6rvaVud5dYc9+H+BlB7c76n3yov60PTLLjLwIUJhw==
-----END CERTIFICATE-----
Generated at Mon Jun 22 07:41:15 2026 by rpki-client