Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/BNOq-c1ZFWDElGn0cisB8gcop38.roa
File: BNOq-c1ZFWDElGn0cisB8gcop38.roa (raw, json)
Hash identifier: EHyBMAScBy0U4cRTOg0hMd3JzHlLR8hBzuj0TVSr348=
Subject key identifier: 04:D3:AA:F9:CD:59:15:60:C4:94:69:F4:72:2B:01:F2:07:28:A7:7F
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 212D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/BNOq-c1ZFWDElGn0cisB8gcop38.roa
Signing time: Fri 20 Jun 2025 19:11:40 +0000
ROA not before: Fri 20 Jun 2025 19:11:40 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8493 (0x212d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 20 19:11:40 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=04D3AAF9CD591560C49469F4722B01F20728A77F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:24:7c:8b:66:54:40:6e:b7:65:88:6a:44:0c:
3b:de:a5:08:0e:e5:4b:46:90:3e:c6:aa:31:c3:a2:
7c:c4:47:9f:6c:35:4b:16:00:27:03:97:43:c3:65:
be:46:16:66:ee:05:45:88:b5:ad:f3:b5:8b:c4:9a:
57:ac:c1:b9:85:74:a8:e4:a4:0a:53:a8:f3:35:61:
ba:d8:3e:07:c1:b9:a3:ca:9e:de:3b:39:78:17:69:
e2:71:66:50:98:f3:49:9a:be:3b:cc:10:b8:3f:9f:
0b:2a:2b:a3:87:8e:cd:7b:41:96:5a:a7:4a:13:ee:
74:a9:8f:5b:d4:78:87:6a:82:b5:c2:2a:c4:64:2f:
42:02:3b:5c:39:48:eb:f4:3a:3a:c8:cb:ae:dd:b5:
47:9c:fc:d4:8b:87:0d:c7:96:77:f3:26:b5:4b:28:
14:18:06:c9:f5:80:fe:ec:71:a8:5e:b3:e6:43:09:
0f:00:5d:50:04:25:ad:3c:10:93:0e:36:66:50:59:
79:73:6f:d6:0e:75:cb:0a:30:4a:66:ef:ba:18:41:
00:a2:b2:bd:13:63:07:97:bd:de:b2:5d:fa:fb:a2:
34:db:53:38:db:eb:72:d4:47:7a:bd:8f:c3:6f:7a:
87:f9:b8:23:02:48:e3:d9:fc:ea:f9:73:96:3b:cc:
68:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:D3:AA:F9:CD:59:15:60:C4:94:69:F4:72:2B:01:F2:07:28:A7:7F
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/BNOq-c1ZFWDElGn0cisB8gcop38.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
51:e0:0c:77:72:92:cb:c1:d3:a9:27:77:b4:44:1e:57:68:cd:
52:6a:58:15:73:11:82:bf:31:2e:24:28:70:5b:1e:e2:85:04:
0d:5f:23:97:48:a2:d9:a7:82:30:b2:cc:4d:36:9e:8a:64:e1:
96:4b:26:9a:f9:d0:18:91:c8:b1:06:1a:79:61:47:84:b0:88:
08:da:ab:c9:8a:f8:b7:52:83:0b:76:09:1e:d7:8e:c4:81:2a:
7a:8f:3e:f1:c1:10:b1:1e:f4:69:43:0d:e9:1e:9d:2d:18:a4:
dd:6c:30:18:bf:e2:15:f9:a1:72:ab:b8:b5:9b:db:86:a6:5d:
5d:e4:2b:44:8a:bd:69:5c:8d:c8:d6:3f:00:6a:31:e9:f6:67:
ee:97:f2:82:75:5e:d8:56:cf:6d:bb:6d:0d:bf:35:6b:f1:89:
e0:84:ca:02:21:8d:f1:89:19:bb:e1:74:a4:70:fd:c3:64:08:
e4:ac:a7:9b:e8:4d:71:da:f0:a8:b8:d2:2b:34:e8:30:21:92:
c8:1e:80:18:69:54:58:6d:03:36:ad:c2:b9:15:56:d6:18:6d:
e2:15:2e:ce:11:f7:d5:01:4d:16:28:9c:1b:cd:da:ba:76:83:
1a:cc:b3:aa:fe:5b:09:84:94:f5:87:04:c9:b6:7f:67:12:c2:
26:49:d0:ec
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIS0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjAx
OTExNDBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDA0RDNBQUY5Q0Q1OTE1
NjBDNDk0NjlGNDcyMkIwMUYyMDcyOEE3N0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPJHyLZlRAbrdliGpEDDvepQgO5UtGkD7GqjHDonzER59sNUsW
ACcDl0PDZb5GFmbuBUWIta3ztYvEmleswbmFdKjkpApTqPM1YbrYPgfBuaPKnt47
OXgXaeJxZlCY80mavjvMELg/nwsqK6OHjs17QZZap0oT7nSpj1vUeIdqgrXCKsRk
L0ICO1w5SOv0OjrIy67dtUec/NSLhw3HlnfzJrVLKBQYBsn1gP7scahes+ZDCQ8A
XVAEJa08EJMONmZQWXlzb9YOdcsKMEpm77oYQQCisr0TYweXvd6yXfr7ojTbUzjb
63LUR3q9j8Nveof5uCMCSOPZ/Or5c5Y7zGgbAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUBNOq+c1ZFWDElGn0cisB8gcop38wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9CTk9xLWMxWkZXREVsR24w
Y2lzQjhnY29wMzgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAFHgDHdyksvB06knd7REHldozVJqWBVzEYK/
MS4kKHBbHuKFBA1fI5dIotmngjCyzE02nopk4ZZLJpr50BiRyLEGGnlhR4SwiAja
q8mK+LdSgwt2CR7XjsSBKnqPPvHBELEe9GlDDekenS0YpN1sMBi/4hX5oXKruLWb
24amXV3kK0SKvWlcjcjWPwBqMen2Z+6X8oJ1XthWz227bQ2/NWvxieCEygIhjfGJ
GbvhdKRw/cNkCOSsp5voTXHa8Ki40is06DAhksgegBhpVFhtAzatwrkVVtYYbeIV
Ls4R99UBTRYonBvN2rp2gxrMs6r+WwmElPWHBMm2f2cSwiZJ0Ow=
-----END CERTIFICATE-----
Generated at Sun Jul 20 18:59:23 2025 by rpki-client