Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/_ybyFj2GBUA5QQIki1pah689iiU.roa
File: _ybyFj2GBUA5QQIki1pah689iiU.roa (raw, json)
Hash identifier: SJWF95ONPInd6GDJYBwscHkRr2G8jOfSdsA1WNGXF/s=
Subject key identifier: FF:26:F2:16:3D:86:05:40:39:41:02:24:8B:5A:5A:87:AF:3D:8A:25
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1898
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/_ybyFj2GBUA5QQIki1pah689iiU.roa
Signing time: Fri 17 Jan 2025 01:25:17 +0000
ROA not before: Fri 17 Jan 2025 01:25:17 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 59083
IP address blocks: 202.136.250.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6296 (0x1898)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:17 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=FF26F2163D860540394102248B5A5A87AF3D8A25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:93:dc:9d:2d:d0:ad:a3:c6:2d:3e:03:01:e9:
d7:c7:97:d2:1b:fd:a7:16:62:71:25:3f:42:c6:f7:
b5:e6:c4:fc:71:2e:69:c5:e1:28:86:dd:49:68:e2:
3e:fc:1b:e6:1c:9a:60:fb:52:f4:2a:51:8c:54:50:
ad:6e:68:15:32:40:d0:84:df:02:7c:4c:62:f4:a4:
44:f9:1d:dc:c8:73:dd:c0:da:80:b5:f8:3e:b1:19:
2a:52:2b:78:b6:e3:43:7e:41:85:a1:3a:54:b3:47:
3c:0f:de:ee:12:8a:3d:8e:7a:18:26:a8:8e:57:9f:
e6:ba:99:6a:12:fa:0a:b8:4f:29:b8:73:98:f1:64:
f7:83:d8:79:a3:35:55:fa:1f:1c:72:8d:83:3e:51:
2d:03:94:bb:62:28:3d:43:8b:b2:59:1c:d7:e0:25:
db:39:95:64:5b:82:61:33:db:c2:8f:56:e3:90:a2:
27:39:76:e4:ce:51:3a:65:fe:7c:9b:3a:68:99:fa:
ad:dc:29:c2:cc:e2:ae:80:78:1f:d0:6f:5a:8b:1a:
71:6e:74:6a:ec:17:94:d2:7a:7e:e5:e3:91:ad:7b:
b8:84:ee:9c:f3:fe:b2:18:f2:df:d9:94:e5:7f:d1:
dc:21:ef:0b:70:db:b8:46:a6:dd:62:8b:3e:c7:2d:
25:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:26:F2:16:3D:86:05:40:39:41:02:24:8B:5A:5A:87:AF:3D:8A:25
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/_ybyFj2GBUA5QQIki1pah689iiU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.136.250.0/23
Signature Algorithm: sha256WithRSAEncryption
9f:5b:5b:04:c8:8c:4d:03:9e:2a:5d:eb:92:45:13:86:70:8e:
0a:c0:20:8b:cc:3a:f1:a0:81:6b:8f:fe:de:4a:e2:23:4d:a7:
c6:ba:3b:38:34:96:64:81:66:b7:6b:48:0c:56:e8:ed:ac:cd:
ad:8c:5e:dd:f4:ab:53:4e:36:fc:b3:9f:fe:e8:a7:43:77:14:
78:f2:05:b9:b5:64:44:41:5d:f3:c2:77:bc:c3:d3:97:39:74:
70:e8:84:dc:54:17:64:51:58:4a:6c:9d:d3:2e:51:46:ee:e8:
45:cd:fc:85:3c:ea:14:44:86:8d:b6:4a:5a:66:89:af:da:ee:
d3:63:ae:14:37:e4:49:78:ab:66:10:60:e9:4b:6d:6b:29:da:
69:fd:b6:8d:24:aa:e1:66:7c:bc:a0:00:8c:a0:00:c4:60:2a:
51:35:d8:d5:d8:ff:74:82:db:5a:64:78:19:0e:af:1b:17:99:
20:32:62:e8:55:18:60:8e:19:bb:02:6f:a8:dc:15:e4:d2:b7:
d8:4b:75:6a:d2:ff:65:50:9e:31:3b:54:25:5f:d4:44:85:b0:
61:ae:f7:2d:da:d2:0a:bd:60:cd:3c:51:eb:93:e5:79:5d:17:
ae:fd:42:cb:48:2e:d0:ef:c9:aa:f3:0b:71:64:6c:44:da:45:
c3:c9:0e:a4
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGJgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1MTdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEZGMjZGMjE2M0Q4NjA1
NDAzOTQxMDIyNDhCNUE1QTg3QUYzRDhBMjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYk9ydLdCto8YtPgMB6dfHl9Ib/acWYnElP0LG97XmxPxxLmnF
4SiG3Ulo4j78G+YcmmD7UvQqUYxUUK1uaBUyQNCE3wJ8TGL0pET5HdzIc93A2oC1
+D6xGSpSK3i240N+QYWhOlSzRzwP3u4Sij2OehgmqI5Xn+a6mWoS+gq4Tym4c5jx
ZPeD2HmjNVX6HxxyjYM+US0DlLtiKD1Di7JZHNfgJds5lWRbgmEz28KPVuOQoic5
duTOUTpl/nybOmiZ+q3cKcLM4q6AeB/Qb1qLGnFudGrsF5TSen7l45Gte7iE7pzz
/rIY8t/ZlOV/0dwh7wtw27hGpt1iiz7HLSVXAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU/ybyFj2GBUA5QQIki1pah689iiUwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L195YnlGajJHQlVBNVFR
SWtpMXBhaDY4OWlpVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAHKiPowDQYJKoZIhvcNAQELBQADggEBAJ9bWwTIjE0Dnipd65JFE4ZwjgrAIIvM
OvGggWuP/t5K4iNNp8a6Ozg0lmSBZrdrSAxW6O2sza2MXt30q1NONvyzn/7op0N3
FHjyBbm1ZERBXfPCd7zD05c5dHDohNxUF2RRWEpsndMuUUbu6EXN/IU86hREho22
Slpmia/a7tNjrhQ35El4q2YQYOlLbWsp2mn9to0kquFmfLygAIygAMRgKlE12NXY
/3SC21pkeBkOrxsXmSAyYuhVGGCOGbsCb6jcFeTSt9hLdWrS/2VQnjE7VCVf1ESF
sGGu9y3a0gq9YM08UeuT5XldF679QstILtDvyarzC3FkbETaRcPJDqQ=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:47:31 2025 by rpki-client