Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/YTJL3tcIbVDFRd0WQylS5e0xUxA.roa
File: YTJL3tcIbVDFRd0WQylS5e0xUxA.roa (raw, json)
Hash identifier: Rp7WIvPBUj5bEOooWMbWHeaglLLU+Bo4W4mxYGngV2Y=
Subject key identifier: 61:32:4B:DE:D7:08:6D:50:C5:45:DD:16:43:29:52:E5:ED:31:53:10
Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Certificate serial: 11DB
Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/YTJL3tcIbVDFRd0WQylS5e0xUxA.roa
Signing time: Fri 14 Mar 2025 09:33:50 +0000
ROA not before: Fri 14 Mar 2025 09:33:50 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 55990
IP address blocks: 113.47.136.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4571 (0x11db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9
Validity
Not Before: Mar 14 09:33:50 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=61324BDED7086D50C545DD16432952E5ED315310
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:26:a9:52:2d:d7:3b:d9:f3:92:c5:da:b7:51:
f4:cd:ee:07:d6:db:df:ef:cc:33:27:35:a4:ba:c4:
ff:cc:6b:ad:a1:ed:19:14:82:dd:08:ef:a1:6c:e6:
a4:4b:d8:5e:a2:e5:80:ca:52:20:ad:33:3b:37:39:
24:01:be:68:58:ce:e9:1b:a9:a7:7a:a8:8a:84:3a:
f5:d5:7b:a2:41:33:41:f0:34:62:44:b1:60:19:42:
df:93:40:e3:3b:73:1d:0a:7e:c4:b6:7a:51:0f:1c:
7d:a7:93:c5:b4:af:9f:cf:67:06:0a:35:5d:62:a9:
8f:39:1d:d0:51:20:2a:ab:9d:a9:03:3a:a0:65:89:
fa:c3:5c:6e:bc:86:2e:f2:e8:37:be:60:d0:18:97:
d6:13:7b:5f:bc:70:92:37:d9:1c:1d:1e:ad:92:e3:
24:81:87:82:93:ee:53:2a:41:44:73:6e:4f:ac:8f:
79:1a:88:91:2b:1b:19:6d:76:2e:6a:b9:27:ba:2c:
13:0e:90:4d:ce:d4:9c:f7:d5:76:53:09:33:75:89:
4a:a2:be:54:e0:01:78:25:e4:c9:7b:76:d8:21:f9:
c5:e4:66:15:ca:2c:59:ab:ad:89:9d:54:81:77:03:
08:ab:35:dd:38:2d:db:b6:68:01:cf:9c:ef:27:e6:
a8:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:32:4B:DE:D7:08:6D:50:C5:45:DD:16:43:29:52:E5:ED:31:53:10
X509v3 Authority Key Identifier:
keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/YTJL3tcIbVDFRd0WQylS5e0xUxA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.47.136.0/21
Signature Algorithm: sha256WithRSAEncryption
84:21:47:be:7b:06:04:6e:12:de:e6:a1:22:d9:f3:36:0a:92:
df:1a:64:ac:83:f7:d0:bf:e4:b1:31:98:60:99:9b:4f:56:d7:
7f:4a:c7:d2:67:ec:26:c7:33:a2:ee:e1:44:d6:2c:24:2d:6e:
40:ce:a6:d3:d9:fd:ce:56:a3:27:6e:e9:62:bd:91:78:5a:4f:
d2:64:61:88:e4:9c:00:b4:d5:c4:76:3a:05:48:f0:96:99:c1:
e8:10:66:30:8f:96:12:25:88:f5:e6:0f:65:6b:2e:f8:96:8c:
76:20:2e:50:fe:64:76:29:1a:d2:7b:74:cb:e8:41:f6:8e:f8:
c4:62:aa:0a:e9:e7:6a:80:1e:35:49:6e:c6:53:cb:25:3e:d1:
5e:c6:b2:50:37:f0:a1:72:4b:9a:a0:44:13:ff:47:2d:51:86:
4c:b9:c7:4d:89:a4:63:ad:50:73:3d:c2:0c:6e:8f:77:01:1d:
d0:0b:75:ff:f2:52:9e:e2:a6:9e:f1:bb:0b:85:5f:f3:57:43:
fa:c9:f4:42:7d:18:8d:94:97:bb:74:dd:29:4c:e4:5e:9f:f0:
bb:cc:0f:7b:88:ad:1e:c3:11:9f:57:e1:fd:d1:09:48:59:2b:
a7:9d:aa:14:31:45:7b:a2:fe:66:f7:a4:e8:5c:8a:84:8f:c6:
78:24:ed:3e
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICEdswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD
RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTAzMTQw
OTMzNTBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDYxMzI0QkRFRDcwODZE
NTBDNTQ1REQxNjQzMjk1MkU1RUQzMTUzMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmJqlSLdc72fOSxdq3UfTN7gfW29/vzDMnNaS6xP/Ma62h7RkU
gt0I76Fs5qRL2F6i5YDKUiCtMzs3OSQBvmhYzukbqad6qIqEOvXVe6JBM0HwNGJE
sWAZQt+TQOM7cx0KfsS2elEPHH2nk8W0r5/PZwYKNV1iqY85HdBRICqrnakDOqBl
ifrDXG68hi7y6De+YNAYl9YTe1+8cJI32RwdHq2S4ySBh4KT7lMqQURzbk+sj3ka
iJErGxltdi5quSe6LBMOkE3O1Jz31XZTCTN1iUqivlTgAXgl5Ml7dtgh+cXkZhXK
LFmrrYmdVIF3AwirNd04Ldu2aAHPnO8n5qj7AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUYTJL3tcIbVDFRd0WQylS5e0xUxAwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb
RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx
NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvWVRKTDN0Y0liVkRG
UmQwV1F5bFM1ZTB4VXhBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEA3EviDANBgkqhkiG9w0BAQsFAAOCAQEAhCFHvnsGBG4S3uahItnzNgqS3xpk
rIP30L/ksTGYYJmbT1bXf0rH0mfsJsczou7hRNYsJC1uQM6m09n9zlajJ27pYr2R
eFpP0mRhiOScALTVxHY6BUjwlpnB6BBmMI+WEiWI9eYPZWsu+JaMdiAuUP5kdika
0nt0y+hB9o74xGKqCunnaoAeNUluxlPLJT7RXsayUDfwoXJLmqBEE/9HLVGGTLnH
TYmkY61Qcz3CDG6PdwEd0At1//JSnuKmnvG7C4Vf81dD+sn0Qn0YjZSXu3TdKUzk
Xp/wu8wPe4itHsMRn1fh/dEJSFkrp52qFDFFe6L+Zvek6FyKhI/GeCTtPg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:38:01 2025 by rpki-client