Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/K-T57-pYnCB4D1hwyJvqANdipSU.roa
File: K-T57-pYnCB4D1hwyJvqANdipSU.roa (raw, json)
Hash identifier: Iv40CJPTNLA3AG+LxjsRtU72WgSYrK0hB3HmUo1IMK8=
Subject key identifier: 2B:E4:F9:EF:EA:58:9C:20:78:0F:58:70:C8:9B:EA:00:D7:62:A5:25
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 181E
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/K-T57-pYnCB4D1hwyJvqANdipSU.roa
Signing time: Fri 17 Jan 2025 01:24:36 +0000
ROA not before: Fri 17 Jan 2025 01:24:36 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 59083
IP address blocks: 43.254.154.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6174 (0x181e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:24:36 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=2BE4F9EFEA589C20780F5870C89BEA00D762A525
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:cf:78:62:59:5c:42:96:11:df:ee:79:8d:f0:
92:4e:64:3f:13:93:c6:70:54:fc:83:2c:97:69:69:
38:6d:12:75:d1:45:6a:e1:e5:a1:71:ad:50:bb:c9:
5a:24:bd:8c:12:07:44:bd:ab:49:26:74:ec:dd:05:
09:63:31:9e:44:30:7c:93:e9:59:5f:14:fa:4a:0c:
ee:b3:30:d2:90:3f:d4:f7:3a:81:66:59:32:8e:72:
ac:e2:4d:7a:c7:5f:1d:a3:7d:67:12:e8:96:5b:5b:
61:d1:97:28:7e:8a:7b:12:53:25:83:db:c4:5b:6a:
e9:f4:5e:5a:71:57:17:17:06:81:c7:94:85:56:c5:
c7:93:f0:6f:f5:48:9f:c1:f6:3c:bd:2e:9a:29:37:
3a:c5:19:43:1f:c0:c1:1f:86:38:59:b9:d0:25:2b:
f1:ec:b6:b0:b4:52:64:e6:e0:5c:10:14:0a:1a:2c:
14:c4:b3:65:ca:b1:4b:09:ba:d7:2e:c6:20:e0:90:
02:96:60:fc:05:16:0f:f2:f7:ca:09:13:cd:6b:81:
50:16:ad:5e:c5:bf:94:0f:3d:51:f1:90:dc:81:92:
1b:60:ed:61:26:df:a1:42:53:ea:bd:ac:4a:b6:48:
8e:1b:f6:cf:8a:88:4e:36:38:41:ee:78:6a:fc:fc:
bd:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:E4:F9:EF:EA:58:9C:20:78:0F:58:70:C8:9B:EA:00:D7:62:A5:25
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/K-T57-pYnCB4D1hwyJvqANdipSU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.154.0/24
Signature Algorithm: sha256WithRSAEncryption
78:15:fb:ca:a8:92:d7:44:75:78:2b:7a:b9:ab:75:ad:5a:ae:
1b:0a:db:58:84:8c:e2:c3:e7:a3:95:8f:42:29:e5:99:c1:87:
79:83:55:db:1f:53:ad:51:3f:d9:07:a1:a7:94:b9:69:98:24:
2b:05:40:d0:95:bc:c8:19:fa:08:c0:40:25:d0:17:88:f1:3b:
a5:3b:9d:c5:cb:b3:c0:ff:f9:3c:96:c1:6f:a9:4e:6b:9f:ee:
25:43:40:9b:e7:12:7c:5b:c1:80:00:42:2a:58:2c:a8:58:69:
25:f5:11:9b:54:13:fc:b1:d2:39:71:51:b0:44:9f:b6:d2:df:
56:63:77:ba:75:f9:90:02:1e:79:45:c4:72:29:37:c3:35:d5:
28:2d:a2:14:e3:52:d3:fb:ad:44:49:7d:8f:4a:56:b6:e5:ea:
80:44:9c:fb:22:48:8b:32:ac:fc:39:95:8d:92:0f:3b:68:86:
2e:0a:53:5f:2c:5d:d2:2d:ff:4b:7f:c8:3c:40:58:e7:94:15:
d0:8d:c2:a0:b6:24:69:30:d9:f6:9d:3e:09:5e:e4:10:76:8e:
45:6c:c8:49:5c:25:b1:83:78:a2:81:67:ab:5f:16:10:a1:af:
41:30:08:da:12:01:c7:3e:db:fa:f8:a2:d4:66:9e:7a:41:6f:
6f:de:7f:51
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGB4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI0MzZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDJCRTRGOUVGRUE1ODlD
MjA3ODBGNTg3MEM4OUJFQTAwRDc2MkE1MjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCiz3hiWVxClhHf7nmN8JJOZD8Tk8ZwVPyDLJdpaThtEnXRRWrh
5aFxrVC7yVokvYwSB0S9q0kmdOzdBQljMZ5EMHyT6VlfFPpKDO6zMNKQP9T3OoFm
WTKOcqziTXrHXx2jfWcS6JZbW2HRlyh+insSUyWD28Rbaun0XlpxVxcXBoHHlIVW
xceT8G/1SJ/B9jy9LpopNzrFGUMfwMEfhjhZudAlK/HstrC0UmTm4FwQFAoaLBTE
s2XKsUsJutcuxiDgkAKWYPwFFg/y98oJE81rgVAWrV7Fv5QPPVHxkNyBkhtg7WEm
36FCU+q9rEq2SI4b9s+KiE42OEHueGr8/L0ZAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUK+T57+pYnCB4D1hwyJvqANdipSUwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0stVDU3LXBZbkNCNEQx
aHd5SnZxQU5kaXBTVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAr/powDQYJKoZIhvcNAQELBQADggEBAHgV+8qoktdEdXgrermrda1arhsK21iE
jOLD56OVj0Ip5ZnBh3mDVdsfU61RP9kHoaeUuWmYJCsFQNCVvMgZ+gjAQCXQF4jx
O6U7ncXLs8D/+TyWwW+pTmuf7iVDQJvnEnxbwYAAQipYLKhYaSX1EZtUE/yx0jlx
UbBEn7bS31Zjd7p1+ZACHnlFxHIpN8M11SgtohTjUtP7rURJfY9KVrbl6oBEnPsi
SIsyrPw5lY2SDztohi4KU18sXdIt/0t/yDxAWOeUFdCNwqC2JGkw2fadPgle5BB2
jkVsyElcJbGDeKKBZ6tfFhChr0EwCNoSAcc+2/r4otRmnnpBb2/ef1E=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:47 2025 by rpki-client