Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/65/Yd08QO7W-AxZurlCKIepKzXGzvM.roa
File: Yd08QO7W-AxZurlCKIepKzXGzvM.roa (raw, json)
Hash identifier: 4nTlGE6xoILJr1VUFcY+6+u1iJj1s/aTdUG4JMjUHWw=
Subject key identifier: 61:DD:3C:40:EE:D6:F8:0C:59:BA:B9:42:28:87:A9:2B:35:C6:CE:F3
Certificate issuer: /CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9
Certificate serial: 1280
Authority key identifier: 98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/Yd08QO7W-AxZurlCKIepKzXGzvM.roa
Signing time: Fri 23 May 2025 11:04:45 +0000
ROA not before: Fri 23 May 2025 11:04:45 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 23853
IP address blocks: 211.144.208.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4736 (0x1280)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9
Validity
Not Before: May 23 11:04:45 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=61DD3C40EED6F80C59BAB9422887A92B35C6CEF3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a7:7b:ed:58:69:55:4b:88:d5:25:ae:45:7b:
de:a7:f4:fa:c8:b2:df:01:1e:8b:ef:a5:59:de:12:
26:80:3c:b2:69:96:dd:fd:04:f4:89:c1:e4:a4:bc:
0a:b6:77:cd:53:fa:1e:94:7d:3a:c9:c5:81:9c:18:
0e:98:7b:77:6d:3f:f5:87:85:7c:fb:5a:e5:e2:ac:
2a:6f:f5:db:5f:6f:78:03:8c:c4:6b:57:a3:08:6a:
fc:90:37:d3:26:20:c2:4b:95:1d:8c:d9:24:79:c3:
b3:0b:23:17:1e:26:f5:3c:90:1d:a6:f1:f4:a5:a2:
de:49:28:09:d7:ef:63:02:60:22:67:5b:00:3e:af:
a3:a8:99:d9:77:bc:d4:9f:f2:83:ff:92:6c:77:d5:
8c:5d:bf:8c:5e:bf:88:01:67:82:16:d2:34:72:b6:
2c:d2:64:f7:dc:eb:98:6a:b2:db:8c:5b:dd:8d:80:
b5:9f:ab:ee:a5:a4:8f:05:b7:93:c3:bd:72:1b:6b:
79:76:ab:5f:9d:b3:f0:e5:a0:7f:9d:6d:69:9b:7b:
e2:01:b5:b1:46:33:de:08:fd:d8:82:8c:09:ca:f8:
06:e1:ca:66:43:ca:8d:a9:0e:84:17:51:f2:6f:fd:
84:e9:7d:4f:95:01:e8:ff:a1:9a:0e:ef:d7:b9:39:
ca:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:DD:3C:40:EE:D6:F8:0C:59:BA:B9:42:28:87:A9:2B:35:C6:CE:F3
X509v3 Authority Key Identifier:
keyid:98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/Yd08QO7W-AxZurlCKIepKzXGzvM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.144.208.0/20
Signature Algorithm: sha256WithRSAEncryption
c8:a8:b3:6a:3c:35:8c:95:d1:fd:62:9b:4e:fa:02:ac:37:31:
fc:e0:9f:cb:2a:26:f1:f8:27:e6:a9:58:dd:42:f3:83:24:3b:
6b:6d:33:5e:28:26:42:fd:1b:46:fe:52:a3:c2:3e:76:42:27:
d2:31:99:6a:7b:52:dc:fa:1a:96:73:e3:a0:e0:32:fe:4d:8b:
06:f4:10:f7:ed:8d:da:6f:37:ad:d5:98:e4:8a:7d:bc:e9:61:
81:5a:e6:5c:38:2a:54:d5:d8:98:76:a9:93:78:c7:97:2b:a6:
2e:40:f6:09:c6:5e:fb:cb:b9:00:c6:97:ef:a9:28:bc:0b:d8:
6a:1b:39:62:d0:fe:2c:e9:b4:39:00:a7:6b:5b:25:c4:79:ae:
4c:ba:70:cc:c9:b2:1b:5f:bc:d8:c5:bc:db:5a:26:7f:e7:37:
11:99:dc:f3:45:d6:50:59:10:7a:f9:4c:d5:8d:2a:a4:90:7c:
36:86:f2:bd:bd:22:a8:4c:92:34:b0:30:89:03:e1:0e:31:0c:
2c:7b:95:07:58:fd:54:1a:c3:9e:3b:3b:2e:39:03:44:07:6c:
76:74:31:a5:8a:23:d4:b5:5c:50:ea:94:5c:99:73:cd:e5:7c:
c7:fa:5e:80:87:77:d0:d4:be:39:ab:44:3c:72:43:bb:99:05:
97:04:7f:9b
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICEoAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTgy
NEM1NTUyMjhCMjhCNjk4RERFNzdCQzFBREQwRTI4MDdCODZCOTAeFw0yNTA1MjMx
MTA0NDVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDYxREQzQzQwRUVENkY4
MEM1OUJBQjk0MjI4ODdBOTJCMzVDNkNFRjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCbp3vtWGlVS4jVJa5Fe96n9PrIst8BHovvpVneEiaAPLJplt39
BPSJweSkvAq2d81T+h6UfTrJxYGcGA6Ye3dtP/WHhXz7WuXirCpv9dtfb3gDjMRr
V6MIavyQN9MmIMJLlR2M2SR5w7MLIxceJvU8kB2m8fSlot5JKAnX72MCYCJnWwA+
r6Oomdl3vNSf8oP/kmx31Yxdv4xev4gBZ4IW0jRytizSZPfc65hqstuMW92NgLWf
q+6lpI8Ft5PDvXIba3l2q1+ds/DloH+dbWmbe+IBtbFGM94I/diCjAnK+AbhymZD
yo2pDoQXUfJv/YTpfU+VAej/oZoO79e5OcrxAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUYd08QO7W+AxZurlCKIepKzXGzvMwHwYDVR0jBBgwFoAUmCTFVSKLKLaY3ed7
wa3Q4oB7hrkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjUv
bUNURlZTS0xLTGFZM2VkN3dhM1E0b0I3aHJrLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9tQ1RGVlNLTEtMYVkzZWQ3d2EzUTRvQjdocmsuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82NS9ZZDA4UU83Vy1BeFp1cmxD
S0llcEt6WEd6dk0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE
05DQMA0GCSqGSIb3DQEBCwUAA4IBAQDIqLNqPDWMldH9YptO+gKsNzH84J/LKibx
+CfmqVjdQvODJDtrbTNeKCZC/RtG/lKjwj52QifSMZlqe1Lc+hqWc+Og4DL+TYsG
9BD37Y3abzet1Zjkin286WGBWuZcOCpU1diYdqmTeMeXK6YuQPYJxl77y7kAxpfv
qSi8C9hqGzli0P4s6bQ5AKdrWyXEea5MunDMybIbX7zYxbzbWiZ/5zcRmdzzRdZQ
WRB6+UzVjSqkkHw2hvK9vSKoTJI0sDCJA+EOMQwse5UHWP1UGsOeOzsuOQNEB2x2
dDGliiPUtVxQ6pRcmXPN5XzH+l6Ah3fQ1L45q0Q8ckO7mQWXBH+b
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:10:13 2025 by rpki-client