PKI view , AIA and CDP locatiion for the RootCA has red crossover " unable to download"

I am trying to create a PKI infrastructure on winserver2008R2 enterprise as follows

offline ROOT CA---Standalone

Online Intermediate CA -- enterprise

PROBLEM: on the intermediate CA: using enterprise PKI view , AIA and CDP locatiion for the RootCA has red crossover " unable to download"but enterprise pki view "manage AD container" indicated the AIA and CDP container had OK for the root CA CDP and AIA.

Any help will be appreciated

INSTALLATION STEPS :

i performed the ffg on offline RootCA

• create the CA policy policy file and store in windows folder
• install ADCS
• run post installation script

The Certificate Service was successful and saw a green icon in the console

I performed the ffg on  online enterprise CA

• create the CA policy policy file and store in windows folder
• install ADCS
• i successfully  published the root CA cert and CRL in the local store and AD. i saw the ffg message upon completion

CertUtil: -addstore command completed successfully.

CertUtil: -dsPublish command completed successfully.

• install ADCS

below is the output for getreg ( CRL and AIA)

C:\Users\Administrator.GORYEAL>certutil -getreg CA\CRLPublicationURLs

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\GINTC

A\CRLPublicationURLs:

  CRLPublicationURLs REG_MULTI_SZ =

    0: 65:C:\Windows\system32\CertSrv\CertEnroll\%3%8%9.crl

    CSURL_SERVERPUBLISH -- 1

    CSURL_SERVERPUBLISHDELTA -- 40 (64)

    1: 79:ldap:///CN=%7%8,CN=%2,CN=CDP,CN=Public Key Services,CN=Services,%6%10

    CSURL_SERVERPUBLISH -- 1

    CSURL_ADDTOCERTCDP -- 2

    CSURL_ADDTOFRESHESTCRL -- 4

    CSURL_ADDTOCRLCDP -- 8

    CSURL_SERVERPUBLISHDELTA -- 40 (64)

    2: 0:http://%1/CertEnroll/%3%8%9.crl

    3: 0:file://%1/CertEnroll/%3%8%9.crl

    4: 65:file://\\www\Certdata\%3%8%9.crl

    CSURL_SERVERPUBLISH -- 1

    CSURL_SERVERPUBLISHDELTA -- 40 (64)

CertUtil: -getreg command completed successfully.

C:\Users\Administrator.GORYEAL>certutil -getreg CA\CACertPublicationURLs

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\GINTC

A\CACertPublicationURLs:

  CACertPublicationURLs REG_MULTI_SZ =

    0: 1:C:\Windows\system32\CertSrv\CertEnroll\%1_%3%4.crt

    CSURL_SERVERPUBLISH -- 1

    1: 3:ldap:///CN=%7,CN=AIA,CN=Public Key Services,CN=Services,%6%11

    CSURL_SERVERPUBLISH -- 1

    CSURL_ADDTOCERTCDP -- 2

    2: 0:http://%1/CertEnroll/%1_%3%4.crt

    3: 0:file://%1/CertEnroll/%1_%3%4.crt

CertUtil: -getreg command completed successfully.