Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2889/KzBVO-cxJaPe6YQwzQpckjejMNg.roa
File: KzBVO-cxJaPe6YQwzQpckjejMNg.roa (raw, json)
Hash identifier: TtdpJpMy4A8vwhocX/lnTsYt5BPi0LearVN8h7aM3to=
Subject key identifier: 2B:30:55:3B:E7:31:25:A3:DE:E9:84:30:CD:0A:5C:92:37:A3:30:D8
Certificate issuer: /CN=A93A86712684A72E5DF41F00AFA04C5F01A97735
Certificate serial: 206D
Authority key identifier: A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/KzBVO-cxJaPe6YQwzQpckjejMNg.roa
Signing time: Sat 13 Sep 2025 03:09:26 +0000
ROA not before: Sat 13 Sep 2025 03:09:26 +0000
ROA not after: Mon 03 Aug 2026 08:44:40 +0000
asID: 139021
IP address blocks: 218.247.88.0/21 maxlen: 21
219.234.16.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8301 (0x206d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A93A86712684A72E5DF41F00AFA04C5F01A97735
Validity
Not Before: Sep 13 03:09:26 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=2B30553BE73125A3DEE98430CD0A5C9237A330D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:15:5b:15:67:d6:ff:54:95:98:d2:5b:96:88:
46:44:e6:bb:13:eb:d1:b9:e8:8d:5a:2f:4a:47:a7:
46:78:c0:24:40:4a:5a:f4:05:f5:97:cf:f8:9f:e1:
75:b1:70:0f:0d:89:d1:01:43:bf:35:ab:25:d6:6d:
ba:23:53:bb:33:9e:08:e2:a6:09:b0:0d:2f:d1:48:
b4:70:8b:75:e0:c6:ce:94:f8:32:bf:cb:78:51:f5:
d1:a1:bc:ce:99:6b:4a:52:e4:60:0e:20:d2:5c:0f:
99:9a:95:4e:10:49:bf:c3:dc:81:45:c4:85:73:66:
3d:b7:d5:a4:1e:b6:00:57:d8:cb:f2:20:c9:3f:39:
77:c3:b1:05:fb:e7:26:31:d7:dd:00:ac:5d:2a:55:
e7:8e:c2:9a:f1:4b:0b:db:42:2b:20:03:43:65:66:
0c:21:75:a3:c2:b1:5e:8c:fb:11:9c:2d:8c:52:56:
e6:c8:ed:17:f3:c7:a9:8d:91:e9:7e:20:ba:c7:b8:
3f:b9:2e:19:ae:de:4a:51:ef:da:fc:33:0b:fb:b1:
7c:53:b4:e4:b6:44:27:80:3d:f9:fd:39:9b:c8:93:
ae:8e:64:e2:31:42:5d:a5:4d:2b:ed:f5:73:31:4a:
8d:f7:2f:25:55:b3:c4:89:64:41:1f:4f:68:4e:67:
c9:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:30:55:3B:E7:31:25:A3:DE:E9:84:30:CD:0A:5C:92:37:A3:30:D8
X509v3 Authority Key Identifier:
keyid:A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/KzBVO-cxJaPe6YQwzQpckjejMNg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.247.88.0/21
219.234.16.0/21
Signature Algorithm: sha256WithRSAEncryption
97:55:f4:34:9a:28:89:1c:0a:b5:b5:e4:3b:d7:fd:21:58:5f:
3e:bd:9e:08:38:b8:4f:57:40:40:a1:f0:fa:e4:0e:8c:7f:07:
f3:60:03:4c:f4:79:9b:e5:ed:87:e1:43:65:3f:26:d6:87:a0:
8f:15:30:38:61:3c:62:9b:29:18:65:ac:51:3a:ca:0c:5e:8b:
bc:6d:c2:cc:86:1f:bf:2b:cd:80:11:16:3d:2a:59:19:32:79:
19:66:26:47:31:67:d6:f6:c0:9b:91:4a:6d:e1:e4:01:ab:fe:
3d:0a:84:51:c2:3d:bd:d0:e6:e6:a5:e0:a4:47:26:ab:d5:3d:
4b:7b:4d:df:a4:ee:d0:21:b3:22:bf:37:1a:a6:24:9b:20:74:
0a:a6:01:21:f5:46:9f:7c:07:68:83:f2:bd:b0:a4:f7:8f:91:
1e:b8:6c:0d:26:4b:f4:70:71:bf:45:04:08:f1:a9:92:cc:40:
b0:d7:7e:a1:b3:cf:8e:a9:13:69:49:46:0f:4e:f5:92:43:82:
16:7b:e8:44:eb:ae:4b:4d:c1:c3:ee:9a:d8:32:4b:35:1f:9a:
75:a4:99:bf:6c:a3:b7:88:93:aa:c3:f6:f8:cf:89:11:21:19:
2c:ca:15:21:f7:17:7f:0d:04:9f:d1:45:dc:9b:bb:a5:5d:41:
bf:18:65:1b
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgICIG0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTkz
QTg2NzEyNjg0QTcyRTVERjQxRjAwQUZBMDRDNUYwMUE5NzczNTAeFw0yNTA5MTMw
MzA5MjZaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDJCMzA1NTNCRTczMTI1
QTNERUU5ODQzMENEMEE1QzkyMzdBMzMwRDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcFVsVZ9b/VJWY0luWiEZE5rsT69G56I1aL0pHp0Z4wCRASlr0
BfWXz/if4XWxcA8NidEBQ781qyXWbbojU7szngjipgmwDS/RSLRwi3Xgxs6U+DK/
y3hR9dGhvM6Za0pS5GAOINJcD5malU4QSb/D3IFFxIVzZj231aQetgBX2MvyIMk/
OXfDsQX75yYx190ArF0qVeeOwprxSwvbQisgA0NlZgwhdaPCsV6M+xGcLYxSVubI
7Rfzx6mNkel+ILrHuD+5Lhmu3kpR79r8Mwv7sXxTtOS2RCeAPfn9OZvIk66OZOIx
Ql2lTSvt9XMxSo33LyVVs8SJZEEfT2hOZ8mXAgMBAAGjggH5MIIB9TAdBgNVHQ4E
FgQUKzBVO+cxJaPe6YQwzQpckjejMNgwHwYDVR0jBBgwFoAUqTqGcSaEpy5d9B8A
r6BMXwGpdzUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg4
OS9xVHFHY1NhRXB5NWQ5QjhBcjZCTVh3R3BkelUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3FUcUdjU2FFcHk1ZDlCOEFyNkJNWHdHcGR6VS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4ODkvS3pCVk8tY3hKYVBl
NllRd3pRcGNramVqTU5nLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw
DAMEA9r3WAMEA9vqEDANBgkqhkiG9w0BAQsFAAOCAQEAl1X0NJooiRwKtbXkO9f9
IVhfPr2eCDi4T1dAQKHw+uQOjH8H82ADTPR5m+Xth+FDZT8m1oegjxUwOGE8Ypsp
GGWsUTrKDF6LvG3CzIYfvyvNgBEWPSpZGTJ5GWYmRzFn1vbAm5FKbeHkAav+PQqE
UcI9vdDm5qXgpEcmq9U9S3tN36Tu0CGzIr83GqYkmyB0CqYBIfVGn3wHaIPyvbCk
94+RHrhsDSZL9HBxv0UECPGpksxAsNd+obPPjqkTaUlGD071kkOCFnvoROuuS03B
w+6a2DJLNR+adaSZv2yjt4iTqsP2+M+JESEZLMoVIfcXfw0En9FF3Ju7pV1Bvxhl
Gw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:52:22 2025 by rpki-client