Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/jWhGk78hkxEn3i8iW32df0hum7A.roa
File: jWhGk78hkxEn3i8iW32df0hum7A.roa (raw, json)
Hash identifier: qKNau4ZE8PnZScAUoVv8nzVi6ioqE3VliyiknPFhszM=
Subject key identifier: 8D:68:46:93:BF:21:93:11:27:DE:2F:22:5B:7D:9D:7F:48:6E:9B:B0
Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Certificate serial: 14AA
Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/jWhGk78hkxEn3i8iW32df0hum7A.roa
Signing time: Wed 30 Jul 2025 02:47:59 +0000
ROA not before: Wed 30 Jul 2025 02:47:59 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 55990
IP address blocks: 115.32.40.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5290 (0x14aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Validity
Not Before: Jul 30 02:47:59 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=8D684693BF21931127DE2F225B7D9D7F486E9BB0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0e:d6:38:97:d2:e8:9b:8a:46:50:b5:6e:ac:
92:a2:4c:d9:c4:54:9f:c2:ba:8b:17:cd:ec:ce:88:
49:43:fa:d3:a3:e0:f0:f9:a9:68:2d:be:88:73:ee:
51:dd:da:36:ad:8a:2c:40:21:eb:38:e5:f4:1f:e8:
39:19:fc:7d:0b:a2:b2:93:98:31:cd:c7:91:57:10:
34:ea:70:f2:34:56:d1:59:49:bd:20:77:bc:f1:28:
25:4c:43:a0:c7:2a:e1:19:5e:35:8a:ce:76:72:43:
62:d5:fc:a4:a2:6b:d7:ce:39:7e:a4:03:bd:c0:85:
4f:7a:8a:70:89:f8:83:25:03:65:dd:e1:63:6f:bc:
ab:af:9e:27:a4:81:66:80:5a:23:fd:91:c8:2e:27:
74:fd:cd:c2:13:f7:4c:3f:85:18:16:74:4b:11:45:
eb:36:ff:97:48:f6:4d:87:c9:16:b2:b5:ce:e8:97:
76:7d:3e:9f:d2:08:77:bd:4a:c2:ea:37:21:13:10:
7b:82:2a:e6:8e:c6:fc:f6:02:f0:32:b4:06:be:e9:
47:6c:2e:93:2b:81:ea:79:aa:43:58:64:79:cc:67:
b1:52:b5:a6:9b:07:d1:0a:57:35:6c:83:d3:5b:5a:
5c:b1:c1:0c:bf:ff:77:d4:1c:86:8f:1b:2f:bd:b7:
e6:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:68:46:93:BF:21:93:11:27:DE:2F:22:5B:7D:9D:7F:48:6E:9B:B0
X509v3 Authority Key Identifier:
keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/jWhGk78hkxEn3i8iW32df0hum7A.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
115.32.40.0/21
Signature Algorithm: sha256WithRSAEncryption
c0:22:92:bf:17:31:4f:3b:ba:cb:40:7a:ad:d1:a0:17:99:d5:
e2:c8:18:35:29:cc:43:1b:14:b2:59:aa:dc:97:d3:93:7d:d3:
80:19:ab:03:15:f5:65:2b:68:58:74:6e:d3:0e:8f:7e:7f:e4:
09:01:a4:d7:df:9b:f7:52:2c:b7:27:8b:e3:ea:91:8a:ef:ab:
b6:b1:fd:c7:ff:a0:dc:70:21:71:a0:d0:c4:ab:47:40:df:2b:
42:ed:7c:82:6d:74:f1:a6:9f:e7:27:3a:0e:5b:f2:c1:66:d4:
99:e3:d2:03:8d:a0:1a:cc:ab:fe:3e:ce:31:f3:f2:b4:6d:b0:
cf:a0:4a:e5:22:5a:4f:3f:b0:df:23:54:dd:ab:84:b2:e9:18:
78:f2:7e:47:59:36:24:21:4c:8f:b9:f9:1f:0a:5e:a0:df:d3:
0d:76:7d:fc:41:0a:33:f3:67:ea:ad:ef:65:80:73:f3:8f:8f:
67:a9:ec:a3:52:67:4d:5c:70:8f:16:61:ae:ed:6e:b8:fd:02:
fa:0f:5b:2e:ea:f4:13:d2:d6:38:08:82:ec:1f:1e:c3:0d:70:
fd:4f:94:16:d4:75:2c:d0:4a:fb:0e:77:db:2a:e0:ea:5d:35:
0c:aa:6a:5f:c1:d1:13:1e:ca:15:ac:1e:14:5c:46:af:bd:1f:
19:bc:7e:f1
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICFKowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD
RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA3MzAw
MjQ3NTlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDhENjg0NjkzQkYyMTkz
MTEyN0RFMkYyMjVCN0Q5RDdGNDg2RTlCQjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwDtY4l9Lom4pGULVurJKiTNnEVJ/CuosXzezOiElD+tOj4PD5
qWgtvohz7lHd2jatiixAIes45fQf6DkZ/H0LorKTmDHNx5FXEDTqcPI0VtFZSb0g
d7zxKCVMQ6DHKuEZXjWKznZyQ2LV/KSia9fOOX6kA73AhU96inCJ+IMlA2Xd4WNv
vKuvniekgWaAWiP9kcguJ3T9zcIT90w/hRgWdEsRRes2/5dI9k2HyRaytc7ol3Z9
Pp/SCHe9SsLqNyETEHuCKuaOxvz2AvAytAa+6UdsLpMrgep5qkNYZHnMZ7FStaab
B9EKVzVsg9NbWlyxwQy//3fUHIaPGy+9t+bBAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUjWhGk78hkxEn3i8iW32df0hum7AwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb
RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx
NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvaldoR2s3OGhreEVu
M2k4aVczMmRmMGh1bTdBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEA3MgKDANBgkqhkiG9w0BAQsFAAOCAQEAwCKSvxcxTzu6y0B6rdGgF5nV4sgY
NSnMQxsUslmq3JfTk33TgBmrAxX1ZStoWHRu0w6Pfn/kCQGk19+b91IstyeL4+qR
iu+rtrH9x/+g3HAhcaDQxKtHQN8rQu18gm108aaf5yc6DlvywWbUmePSA42gGsyr
/j7OMfPytG2wz6BK5SJaTz+w3yNU3auEsukYePJ+R1k2JCFMj7n5HwpeoN/TDXZ9
/EEKM/Nn6q3vZYBz84+PZ6nso1JnTVxwjxZhru1uuP0C+g9bLur0E9LWOAiC7B8e
ww1w/U+UFtR1LNBK+w532yrg6l01DKpqX8HREx7KFaweFFxGr70fGbx+8Q==
-----END CERTIFICATE-----
Generated at Sun Aug 24 11:04:48 2025 by rpki-client