Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/65/aL4HWAHr_bKNmQck76hMpkZ7qPo.roa
File: aL4HWAHr_bKNmQck76hMpkZ7qPo.roa (raw, json)
Hash identifier: FGSeA6OfcSbWxLLxBnr4u2gfPQofYtPYJMSWKRn7NoI=
Subject key identifier: 68:BE:07:58:01:EB:FD:B2:8D:99:07:24:EF:A8:4C:A6:46:7B:A8:FA
Certificate issuer: /CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9
Certificate serial: 1284
Authority key identifier: 98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/aL4HWAHr_bKNmQck76hMpkZ7qPo.roa
Signing time: Fri 23 May 2025 11:11:22 +0000
ROA not before: Fri 23 May 2025 11:11:22 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 23853
IP address blocks: 2404:7600::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4740 (0x1284)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9
Validity
Not Before: May 23 11:11:22 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=68BE075801EBFDB28D990724EFA84CA6467BA8FA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ef:ef:a7:87:38:76:c4:ca:c2:99:33:b6:10:
e6:11:fd:08:31:66:9e:31:d6:59:f6:af:b6:13:e2:
28:6c:d2:ea:38:d2:f0:1a:bc:0a:7d:c6:db:fa:6f:
9a:17:d9:b3:84:6a:fa:bf:38:ce:ea:1d:58:2e:29:
82:4e:97:55:ef:7e:68:d0:0a:be:04:24:30:35:f6:
f3:89:c4:0b:7f:7e:f6:58:45:89:8f:64:78:ee:52:
bb:1d:ea:88:52:13:70:30:6d:8d:e3:92:7b:7b:76:
f0:c7:da:7c:05:0e:1e:34:52:0a:37:41:da:21:7c:
99:3d:a0:3a:07:a2:66:2e:2b:47:b5:0a:67:2e:bf:
23:cb:9b:85:61:63:5c:a9:02:46:90:0f:c9:2a:15:
bd:01:9b:01:9e:34:59:3e:5a:4a:13:7b:64:55:86:
a4:80:15:40:41:cb:f6:13:6f:fb:03:72:dc:58:be:
18:dd:6d:e7:0c:73:0a:29:a3:b9:f4:c4:47:64:97:
43:9a:50:f8:05:2a:8a:ac:00:16:e8:9f:a2:2a:60:
da:e3:c1:24:2a:cc:08:7f:bd:a8:80:f9:c2:82:17:
cc:04:f9:69:78:8a:9a:cb:ae:ea:06:36:07:7b:0f:
ba:82:7c:56:10:38:e7:21:9c:e1:4a:7f:0d:e1:61:
0e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:BE:07:58:01:EB:FD:B2:8D:99:07:24:EF:A8:4C:A6:46:7B:A8:FA
X509v3 Authority Key Identifier:
keyid:98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/aL4HWAHr_bKNmQck76hMpkZ7qPo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:7600::/32
Signature Algorithm: sha256WithRSAEncryption
90:b4:1f:4f:54:f5:b9:7e:3e:af:c1:c1:05:fd:b2:30:0f:35:
4d:9a:9e:19:12:c6:7a:24:f8:e9:b3:63:36:22:16:f0:60:e5:
70:a7:5d:58:aa:a4:eb:06:56:c1:d6:f1:64:d2:e1:c9:c4:1d:
ba:f9:70:32:bf:2f:12:5b:94:28:df:0e:a1:79:63:f0:6b:0d:
97:c3:cd:61:cc:c0:65:c0:18:9f:4d:7c:ea:a0:d5:d5:6f:97:
0b:87:09:8b:ed:a2:05:31:ce:50:07:29:7d:89:c7:f2:e4:88:
20:bb:98:64:c4:cb:2c:7f:b2:c9:04:b9:68:66:07:f2:ae:a2:
5b:bf:48:71:ef:56:73:0f:a3:0a:90:2b:df:02:b6:17:5a:f1:
21:9f:aa:24:74:e3:1a:3e:fc:bf:b6:3d:1b:3b:35:81:da:94:
9f:f2:af:51:bd:ec:78:03:00:53:cb:b2:40:70:b2:aa:1f:cb:
fe:de:46:f0:53:87:88:eb:8e:39:cc:a7:49:90:7a:5f:c2:fa:
00:3b:1a:69:1d:6a:a0:3f:55:2b:bf:82:7b:35:56:48:3c:5f:
ba:80:15:64:74:3f:86:9a:30:42:b6:a0:39:a7:b9:51:3b:6f:
9d:cb:41:79:48:7b:64:4d:79:39:cb:ec:1e:18:40:62:2b:e9:
f7:bd:f7:76
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEoQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTgy
NEM1NTUyMjhCMjhCNjk4RERFNzdCQzFBREQwRTI4MDdCODZCOTAeFw0yNTA1MjMx
MTExMjJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDY4QkUwNzU4MDFFQkZE
QjI4RDk5MDcyNEVGQTg0Q0E2NDY3QkE4RkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCp7++nhzh2xMrCmTO2EOYR/QgxZp4x1ln2r7YT4ihs0uo40vAa
vAp9xtv6b5oX2bOEavq/OM7qHVguKYJOl1XvfmjQCr4EJDA19vOJxAt/fvZYRYmP
ZHjuUrsd6ohSE3AwbY3jknt7dvDH2nwFDh40Ugo3QdohfJk9oDoHomYuK0e1Cmcu
vyPLm4VhY1ypAkaQD8kqFb0BmwGeNFk+WkoTe2RVhqSAFUBBy/YTb/sDctxYvhjd
becMcwopo7n0xEdkl0OaUPgFKoqsABbon6IqYNrjwSQqzAh/vaiA+cKCF8wE+Wl4
iprLruoGNgd7D7qCfFYQOOchnOFKfw3hYQ5hAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUaL4HWAHr/bKNmQck76hMpkZ7qPowHwYDVR0jBBgwFoAUmCTFVSKLKLaY3ed7
wa3Q4oB7hrkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjUv
bUNURlZTS0xLTGFZM2VkN3dhM1E0b0I3aHJrLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9tQ1RGVlNLTEtMYVkzZWQ3d2EzUTRvQjdocmsuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82NS9hTDRIV0FIcl9iS05tUWNr
NzZoTXBrWjdxUG8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
JAR2ADANBgkqhkiG9w0BAQsFAAOCAQEAkLQfT1T1uX4+r8HBBf2yMA81TZqeGRLG
eiT46bNjNiIW8GDlcKddWKqk6wZWwdbxZNLhycQduvlwMr8vEluUKN8OoXlj8GsN
l8PNYczAZcAYn0186qDV1W+XC4cJi+2iBTHOUAcpfYnH8uSIILuYZMTLLH+yyQS5
aGYH8q6iW79Ice9Wcw+jCpAr3wK2F1rxIZ+qJHTjGj78v7Y9Gzs1gdqUn/KvUb3s
eAMAU8uyQHCyqh/L/t5G8FOHiOuOOcynSZB6X8L6ADsaaR1qoD9VK7+CezVWSDxf
uoAVZHQ/hpowQragOae5UTtvnctBeUh7ZE15OcvsHhhAYivp9733dg==
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:13:49 2025 by rpki-client