Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/361/YAKlFb8WHzILwfEf2d-vY0XO2tc.roa
File: YAKlFb8WHzILwfEf2d-vY0XO2tc.roa (raw, json)
Hash identifier: ucFbqWELYtFSKLzhoZxsZihUE3mTffRhAPcL5Ho7sU0=
Subject key identifier: 60:02:A5:15:BF:16:1F:32:0B:C1:F1:1F:D9:DF:AF:63:45:CE:DA:D7
Certificate issuer: /CN=585206C87420BE42C7B9042DE3E5FD51595FF14B
Certificate serial: 1DA5
Authority key identifier: 58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/YAKlFb8WHzILwfEf2d-vY0XO2tc.roa
Signing time: Thu 24 Apr 2025 09:10:07 +0000
ROA not before: Thu 24 Apr 2025 09:10:07 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 45110
IP address blocks: 43.254.228.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7589 (0x1da5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=585206C87420BE42C7B9042DE3E5FD51595FF14B
Validity
Not Before: Apr 24 09:10:07 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=6002A515BF161F320BC1F11FD9DFAF6345CEDAD7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:ce:63:df:54:3c:d4:46:4f:bc:fd:79:59:a4:
3b:bc:8c:95:18:cb:14:a3:68:f3:e9:e4:d6:0e:51:
20:60:de:54:4b:29:b5:2a:00:eb:b3:4b:ca:38:fe:
2b:6c:25:47:da:6a:60:33:dc:af:a9:00:5a:f2:c7:
fd:d4:12:1b:31:b0:91:7a:bf:d6:79:d1:b8:e4:96:
2c:e3:7d:b2:c5:1a:a5:7e:80:b6:9f:a8:af:37:20:
28:9c:54:dc:72:6c:64:6d:77:33:0c:56:1d:34:d7:
ba:6c:9f:60:51:16:6d:9c:27:21:77:d2:6d:f1:64:
56:39:6f:26:85:95:5d:f1:7a:0d:ed:b5:03:3f:ef:
3d:b9:20:5f:e4:23:3a:ab:47:f3:66:9a:3a:7b:1c:
c4:01:35:bc:76:b4:d0:0f:36:64:d3:74:d8:23:e3:
ba:52:b1:f8:41:ca:ad:89:bc:f7:99:62:8e:36:af:
b8:24:e6:13:a3:b9:10:7e:cf:09:3c:7f:e7:ea:2e:
86:23:a8:8a:a1:79:c7:97:6e:a3:c5:c4:e9:aa:fc:
5e:63:5f:78:45:b7:2e:10:b7:ce:8c:a9:01:19:ba:
75:26:b3:cb:10:c2:4d:cc:16:c8:ac:0d:b2:69:4e:
31:14:e4:f7:18:59:06:8c:a0:94:66:e2:d0:fb:23:
05:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:02:A5:15:BF:16:1F:32:0B:C1:F1:1F:D9:DF:AF:63:45:CE:DA:D7
X509v3 Authority Key Identifier:
keyid:58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/YAKlFb8WHzILwfEf2d-vY0XO2tc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.228.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:77:f6:bd:56:d3:44:48:e2:68:e7:97:72:e2:92:db:12:4f:
13:ed:48:8c:85:64:eb:52:c8:80:7a:c0:8f:c0:6c:4a:5b:35:
46:a5:27:49:6c:28:7d:df:73:5f:13:46:f8:af:6c:d5:24:d1:
53:94:03:7e:33:d9:37:68:10:ef:99:31:1a:ed:59:61:e5:96:
eb:ba:c8:70:9f:4a:fb:12:f7:0c:ef:5b:3f:66:7a:72:95:ce:
6a:0e:70:a6:d5:a2:75:bf:cd:de:3b:2f:99:62:6f:ef:1f:0f:
cb:c1:71:5a:3d:2b:47:26:a0:65:6b:c6:ba:c6:2d:ce:a0:8b:
66:47:fe:4a:fc:74:73:41:13:cb:da:cc:36:32:84:f1:fa:38:
89:e1:84:a8:7b:e1:94:22:fa:81:15:23:5b:6b:e0:b5:86:a5:
49:ea:dc:f1:a2:ea:68:2d:ea:29:04:43:b4:53:b9:79:df:df:
51:c1:dc:a5:69:2c:71:7b:df:82:e6:19:69:92:8e:b5:df:23:
02:8c:e1:7f:fe:40:b1:2b:ed:12:f4:cd:af:7e:e7:cc:59:9c:
7b:6a:06:fa:83:3b:62:49:63:50:40:79:17:ce:f8:50:80:e4:
46:ee:57:a5:93:6d:d9:31:1f:8c:1f:2d:89:85:70:b2:e0:9e:
69:c6:3f:e7
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICHaUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTg1
MjA2Qzg3NDIwQkU0MkM3QjkwNDJERTNFNUZENTE1OTVGRjE0QjAeFw0yNTA0MjQw
OTEwMDdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDYwMDJBNTE1QkYxNjFG
MzIwQkMxRjExRkQ5REZBRjYzNDVDRURBRDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDrzmPfVDzURk+8/XlZpDu8jJUYyxSjaPPp5NYOUSBg3lRLKbUq
AOuzS8o4/itsJUfaamAz3K+pAFryx/3UEhsxsJF6v9Z50bjklizjfbLFGqV+gLaf
qK83ICicVNxybGRtdzMMVh0017psn2BRFm2cJyF30m3xZFY5byaFlV3xeg3ttQM/
7z25IF/kIzqrR/Nmmjp7HMQBNbx2tNAPNmTTdNgj47pSsfhByq2JvPeZYo42r7gk
5hOjuRB+zwk8f+fqLoYjqIqheceXbqPFxOmq/F5jX3hFty4Qt86MqQEZunUms8sQ
wk3MFsisDbJpTjEU5PcYWQaMoJRm4tD7IwWFAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUYAKlFb8WHzILwfEf2d+vY0XO2tcwHwYDVR0jBBgwFoAUWFIGyHQgvkLHuQQt
4+X9UVlf8UswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYx
L1dGSUd5SFFndmtMSHVRUXQ0LVg5VVZsZjhVcy5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvV0ZJR3lIUWd2a0xIdVFRdDQtWDlVVmxmOFVzLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYxL1lBS2xGYjhXSHpJTHdm
RWYyZC12WTBYTzJ0Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAr/uQwDQYJKoZIhvcNAQELBQADggEBAKB39r1W00RI4mjnl3LiktsSTxPtSIyF
ZOtSyIB6wI/AbEpbNUalJ0lsKH3fc18TRvivbNUk0VOUA34z2TdoEO+ZMRrtWWHl
luu6yHCfSvsS9wzvWz9menKVzmoOcKbVonW/zd47L5lib+8fD8vBcVo9K0cmoGVr
xrrGLc6gi2ZH/kr8dHNBE8vazDYyhPH6OInhhKh74ZQi+oEVI1tr4LWGpUnq3PGi
6mgt6ikEQ7RTuXnf31HB3KVpLHF734LmGWmSjrXfIwKM4X/+QLEr7RL0za9+58xZ
nHtqBvqDO2JJY1BAeRfO+FCA5EbuV6WTbdkxH4wfLYmFcLLgnmnGP+c=
-----END CERTIFICATE-----
Generated at Mon Apr 28 23:08:47 2025 by rpki-client on console.sobornost.net