Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/YKsRSgLbFwLZSnsr4uLD0qS5NZE.roa
File: YKsRSgLbFwLZSnsr4uLD0qS5NZE.roa (raw, json)
Hash identifier: VDTZFMncLOKZ35Qee6AbvJABxLJcsqI+SqXr/GkFUR0=
Subject key identifier: 60:AB:11:4A:02:DB:17:02:D9:4A:7B:2B:E2:E2:C3:D2:A4:B9:35:91
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1886
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/YKsRSgLbFwLZSnsr4uLD0qS5NZE.roa
Signing time: Fri 17 Jan 2025 01:25:11 +0000
ROA not before: Fri 17 Jan 2025 01:25:11 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 13444
IP address blocks: 103.221.42.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6278 (0x1886)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:11 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=60AB114A02DB1702D94A7B2BE2E2C3D2A4B93591
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:6d:c8:85:9c:ac:19:df:41:be:94:ba:d8:a1:
56:13:75:ee:82:79:91:42:78:98:20:95:76:bc:fa:
2e:70:9e:90:b3:c4:3c:16:64:c0:72:12:09:65:e9:
f4:7d:98:79:cf:58:6b:03:d3:cd:ab:be:a7:87:49:
76:e8:69:b5:6f:76:6e:d1:70:c9:79:b5:44:eb:9e:
06:70:4d:ab:f1:ba:57:f4:d6:01:82:d7:ab:72:9a:
f3:7a:2b:58:f4:43:ba:23:b3:22:03:9f:50:12:6a:
0e:f4:04:93:2a:64:a8:cb:bc:45:1b:82:4b:f4:eb:
36:12:30:49:df:67:0b:c9:ee:1b:82:62:93:36:26:
41:14:2e:db:54:55:eb:2e:a0:66:78:72:ea:5e:3d:
be:0a:c5:34:6d:2e:00:ce:30:c2:a5:d0:56:0f:12:
db:b9:71:77:80:7e:e7:af:05:26:80:ab:d4:20:c9:
e0:e2:5b:a7:fa:b5:a4:d1:75:ff:43:71:5a:8b:a4:
d3:9c:8b:c1:2c:eb:ac:fc:bf:e3:5d:fc:b8:72:b9:
bf:cd:87:7c:36:06:14:b7:6e:4d:fb:9f:18:2d:89:
04:cc:3f:1e:88:02:77:b9:38:d2:86:22:94:b8:05:
f5:02:5a:43:29:3a:7d:74:57:f3:04:0f:1e:3f:c1:
8f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:AB:11:4A:02:DB:17:02:D9:4A:7B:2B:E2:E2:C3:D2:A4:B9:35:91
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/YKsRSgLbFwLZSnsr4uLD0qS5NZE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.221.42.0/24
Signature Algorithm: sha256WithRSAEncryption
67:a2:6b:97:7f:8d:f3:4c:a3:b2:c1:8d:45:27:7e:85:76:20:
45:40:45:15:f6:3e:21:6f:a4:75:df:36:b2:76:1c:40:99:f3:
bb:40:15:ee:14:fb:37:13:a6:8b:c1:c4:6a:09:2e:0d:fc:95:
af:35:bd:2d:0f:9e:39:c9:09:7d:39:9a:7b:5e:b2:bd:4c:f5:
e7:e6:8c:1a:38:18:99:49:e7:59:43:ac:08:b2:a9:d7:9f:b3:
97:81:d4:ca:38:fb:2c:50:50:75:93:51:bd:36:84:99:14:e9:
0e:3c:aa:10:b9:ef:30:0c:f2:14:67:57:bf:50:e2:92:e4:76:
5a:f4:9c:75:62:d8:bb:08:c3:c1:2f:8f:20:55:c2:25:7d:36:
da:f2:7e:46:4e:25:27:eb:f6:68:35:e6:cc:44:1c:22:38:42:
e4:8b:f8:b3:98:09:6e:76:77:05:97:17:47:73:6a:8c:38:be:
26:66:ef:4f:69:dc:08:70:60:1c:20:da:66:3d:cc:e1:91:d3:
bc:eb:a8:c8:98:87:a8:fb:98:b4:0f:4a:de:c0:01:ce:af:7a:
e8:12:d7:a7:03:88:3f:20:97:7c:93:ec:b8:95:76:0e:d2:10:
02:ec:0b:3c:61:bc:f7:58:92:ff:31:f5:29:37:45:2a:3a:64:
1b:a0:b4:02
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGIYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1MTFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDYwQUIxMTRBMDJEQjE3
MDJEOTRBN0IyQkUyRTJDM0QyQTRCOTM1OTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLbciFnKwZ30G+lLrYoVYTde6CeZFCeJgglXa8+i5wnpCzxDwW
ZMByEgll6fR9mHnPWGsD082rvqeHSXboabVvdm7RcMl5tUTrngZwTavxulf01gGC
16tymvN6K1j0Q7ojsyIDn1ASag70BJMqZKjLvEUbgkv06zYSMEnfZwvJ7huCYpM2
JkEULttUVesuoGZ4cupePb4KxTRtLgDOMMKl0FYPEtu5cXeAfuevBSaAq9QgyeDi
W6f6taTRdf9DcVqLpNOci8Es66z8v+Nd/Lhyub/Nh3w2BhS3bk37nxgtiQTMPx6I
Ane5ONKGIpS4BfUCWkMpOn10V/MEDx4/wY9vAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUYKsRSgLbFwLZSnsr4uLD0qS5NZEwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1lLc1JTZ0xiRndMWlNu
c3I0dUxEMHFTNU5aRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABn3SowDQYJKoZIhvcNAQELBQADggEBAGeia5d/jfNMo7LBjUUnfoV2IEVARRX2
PiFvpHXfNrJ2HECZ87tAFe4U+zcTpovBxGoJLg38la81vS0PnjnJCX05mntesr1M
9efmjBo4GJlJ51lDrAiyqdefs5eB1Mo4+yxQUHWTUb02hJkU6Q48qhC57zAM8hRn
V79Q4pLkdlr0nHVi2LsIw8EvjyBVwiV9NtryfkZOJSfr9mg15sxEHCI4QuSL+LOY
CW52dwWXF0dzaow4viZm709p3AhwYBwg2mY9zOGR07zrqMiYh6j7mLQPSt7AAc6v
eugS16cDiD8gl3yT7LiVdg7SEALsCzxhvPdYkv8x9Sk3RSo6ZBugtAI=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:14:31 2025 by rpki-client