Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3246/YLAhfCDx3zS5eqS8FpBLTtu0FgA.roa
File: YLAhfCDx3zS5eqS8FpBLTtu0FgA.roa (raw, json)
Hash identifier: 0JtJlL8rLuaikCQDBILSLQtBbCgUAF7xb4Utx1s6D8s=
Subject key identifier: 60:B0:21:7C:20:F1:DF:34:B9:7A:A4:BC:16:90:4B:4E:DB:B4:16:00
Certificate issuer: /CN=7FFE6EB152FAF96D18BFC69FD3E3BF99862AA9F1
Certificate serial: 09B6
Authority key identifier: 7F:FE:6E:B1:52:FA:F9:6D:18:BF:C6:9F:D3:E3:BF:99:86:2A:A9:F1
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/f_5usVL6-W0Yv8af0-O_mYYqqfE.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3246/YLAhfCDx3zS5eqS8FpBLTtu0FgA.roa
Signing time: Thu 17 Apr 2025 20:07:29 +0000
ROA not before: Thu 17 Apr 2025 20:07:29 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 211392
IP address blocks: 210.87.72.0/24 maxlen: 24
210.87.73.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2486 (0x9b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7FFE6EB152FAF96D18BFC69FD3E3BF99862AA9F1
Validity
Not Before: Apr 17 20:07:29 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=60B0217C20F1DF34B97AA4BC16904B4EDBB41600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:56:1a:4d:08:63:33:cc:03:ee:70:56:88:3e:
54:cb:57:97:2f:92:3c:92:90:4e:42:d6:e5:6f:d7:
fa:56:e6:c4:4e:e9:82:df:ab:90:24:34:ea:25:ee:
16:52:ba:d4:b3:ca:b4:50:77:bb:08:5c:eb:67:9e:
f9:dd:bc:59:33:30:fe:2d:d4:44:3f:68:fa:9d:9c:
fb:88:19:81:27:cc:c6:27:c1:4d:7e:d4:07:7f:1c:
7d:bd:23:0d:ee:f2:17:2d:20:73:3e:87:95:59:13:
08:da:05:e3:ca:b1:74:5e:2e:1b:da:04:6e:bb:2c:
dc:a6:28:7a:db:91:62:70:dc:e6:b0:36:13:5f:cb:
9a:b9:b2:80:4b:fc:6b:84:18:09:1d:ec:d7:69:7a:
80:6f:39:e5:40:a4:98:66:a9:47:8a:96:b2:34:f1:
24:24:99:eb:d0:47:67:42:df:49:82:52:04:1e:5a:
c7:1a:cb:b3:ce:a1:c8:66:b6:e3:82:53:cb:9f:cd:
77:a0:01:ee:f4:6d:33:a6:79:e9:70:4c:fd:f5:8c:
6d:6e:d6:e8:f2:9f:bd:0c:2c:b1:7e:71:a0:3e:ab:
5b:79:dd:eb:14:ff:7a:2f:05:fb:7f:14:83:b8:68:
a4:7e:c8:5a:1c:c5:0a:d5:7e:1f:e6:88:cb:b2:4c:
d2:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:B0:21:7C:20:F1:DF:34:B9:7A:A4:BC:16:90:4B:4E:DB:B4:16:00
X509v3 Authority Key Identifier:
keyid:7F:FE:6E:B1:52:FA:F9:6D:18:BF:C6:9F:D3:E3:BF:99:86:2A:A9:F1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3246/f_5usVL6-W0Yv8af0-O_mYYqqfE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/f_5usVL6-W0Yv8af0-O_mYYqqfE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3246/YLAhfCDx3zS5eqS8FpBLTtu0FgA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.87.72.0/23
Signature Algorithm: sha256WithRSAEncryption
02:eb:4a:1c:41:98:a1:19:f1:84:a8:6f:e4:ed:24:f4:cc:99:
41:76:4e:ea:32:5b:8c:7c:d0:4d:58:6e:6a:f7:f3:6f:76:a5:
49:72:2d:84:fa:08:17:2c:b7:48:2f:53:ac:ca:9c:66:d9:2b:
71:f2:27:41:3e:8c:c3:a0:ef:42:01:d3:d0:b3:d7:5a:82:d4:
72:4e:cf:a9:87:d8:ad:94:38:85:38:56:04:c6:19:4b:84:5d:
f2:7c:5a:fa:c6:33:c3:a8:c5:a3:cf:79:ce:bf:cf:a2:11:79:
b5:75:c1:7c:f9:af:eb:72:3c:2b:19:19:7a:35:ad:3c:0d:ba:
52:b0:c2:bd:67:d8:b2:9e:9b:de:41:c0:d0:99:57:b8:e5:37:
9e:f4:96:2e:b6:8f:7c:9c:a5:7a:68:3e:92:36:01:bd:ab:60:
3f:73:ba:cc:34:64:e5:98:cd:8f:8a:6e:c6:5e:93:1b:99:05:
7e:ad:ca:1e:14:c7:74:e3:6f:23:de:bf:38:d0:41:d5:92:b0:
59:c6:fc:93:a0:94:4b:b1:9b:8a:a1:43:84:e5:e7:e4:d6:5c:
cb:98:0a:51:3c:58:75:bb:69:f7:11:0c:88:89:8b:d9:e2:4b:
19:8c:54:ee:4a:55:18:66:d4:5f:c2:02:ed:fe:e0:41:70:6b:
f2:48:40:c1
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICCbYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0ZG
RTZFQjE1MkZBRjk2RDE4QkZDNjlGRDNFM0JGOTk4NjJBQTlGMTAeFw0yNTA0MTcy
MDA3MjlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDYwQjAyMTdDMjBGMURG
MzRCOTdBQTRCQzE2OTA0QjRFREJCNDE2MDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3VhpNCGMzzAPucFaIPlTLV5cvkjySkE5C1uVv1/pW5sRO6YLf
q5AkNOol7hZSutSzyrRQd7sIXOtnnvndvFkzMP4t1EQ/aPqdnPuIGYEnzMYnwU1+
1Ad/HH29Iw3u8hctIHM+h5VZEwjaBePKsXReLhvaBG67LNymKHrbkWJw3OawNhNf
y5q5soBL/GuEGAkd7NdpeoBvOeVApJhmqUeKlrI08SQkmevQR2dC30mCUgQeWsca
y7POochmtuOCU8ufzXegAe70bTOmeelwTP31jG1u1ujyn70MLLF+caA+q1t53esU
/3ovBft/FIO4aKR+yFocxQrVfh/miMuyTNLnAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUYLAhfCDx3zS5eqS8FpBLTtu0FgAwHwYDVR0jBBgwFoAUf/5usVL6+W0Yv8af
0+O/mYYqqfEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI0
Ni9mXzV1c1ZMNi1XMFl2OGFmMC1PX21ZWXFxZkUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2ZfNXVzVkw2LVcwWXY4YWYwLU9fbVlZcXFmRS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNDYvWUxBaGZDRHgzelM1
ZXFTOEZwQkxUdHUwRmdBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAdJXSDANBgkqhkiG9w0BAQsFAAOCAQEAAutKHEGYoRnxhKhv5O0k9MyZQXZO
6jJbjHzQTVhuavfzb3alSXIthPoIFyy3SC9TrMqcZtkrcfInQT6Mw6DvQgHT0LPX
WoLUck7PqYfYrZQ4hThWBMYZS4Rd8nxa+sYzw6jFo895zr/PohF5tXXBfPmv63I8
KxkZejWtPA26UrDCvWfYsp6b3kHA0JlXuOU3nvSWLraPfJylemg+kjYBvatgP3O6
zDRk5ZjNj4puxl6TG5kFfq3KHhTHdONvI96/ONBB1ZKwWcb8k6CUS7GbiqFDhOXn
5NZcy5gKUTxYdbtp9xEMiImL2eJLGYxU7kpVGGbUX8IC7f7gQXBr8khAwQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:04:36 2025 by rpki-client