Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/361/YHoC-Ib7VAPfOYMbo8u5Of10E5c.roa
File: YHoC-Ib7VAPfOYMbo8u5Of10E5c.roa (raw, json)
Hash identifier: 2QPtUsTGSjLGKyk0f7KmLP5/Lp4ZoaIrEQvVm6IKzOI=
Subject key identifier: 60:7A:02:F8:86:FB:54:03:DF:39:83:1B:A3:CB:B9:39:FD:74:13:97
Certificate issuer: /CN=585206C87420BE42C7B9042DE3E5FD51595FF14B
Certificate serial: 1E86
Authority key identifier: 58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/YHoC-Ib7VAPfOYMbo8u5Of10E5c.roa
Signing time: Thu 05 Jun 2025 08:53:13 +0000
ROA not before: Thu 05 Jun 2025 08:53:13 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 131314
IP address blocks: 202.57.201.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7814 (0x1e86)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=585206C87420BE42C7B9042DE3E5FD51595FF14B
Validity
Not Before: Jun 5 08:53:13 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=607A02F886FB5403DF39831BA3CBB939FD741397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f6:d7:0e:ca:7e:04:c4:0e:66:65:77:0c:fc:
4c:32:a1:78:12:85:50:d4:7f:dd:40:3a:68:e6:00:
ff:70:96:ba:99:b5:f4:ea:ac:8d:6c:50:a4:ec:6f:
40:67:00:8c:47:1b:e6:63:3f:85:a5:f2:9a:6b:8e:
b1:33:f0:e2:23:9b:b9:ef:6d:79:d6:ab:27:75:06:
8e:1a:c5:e6:51:91:2f:9e:11:32:6b:e2:aa:00:0e:
76:d0:ac:57:28:53:66:7f:12:01:88:9d:a6:6b:8b:
16:0c:e3:df:b5:ae:cc:6d:cb:98:4f:48:7b:a3:0b:
ae:ed:4f:24:cb:5f:c8:66:01:51:98:83:14:6f:13:
5d:fa:c9:a5:19:62:22:03:a4:14:d2:9c:1c:ca:47:
33:c1:13:18:92:7d:5c:f3:d1:6c:3b:37:e1:27:58:
5b:f2:b8:6e:64:96:6a:22:98:e0:6b:53:a2:8c:9b:
8f:28:7d:ad:11:6b:9f:f3:35:97:fe:2c:ac:37:87:
b3:86:e5:dd:07:d3:f1:19:a5:cb:3e:e5:84:25:40:
00:84:73:86:79:93:21:21:ec:75:e3:3f:ef:56:ff:
ba:27:0b:8d:8f:77:f6:09:d8:a0:42:a5:15:9b:8a:
93:db:b3:ff:80:4c:aa:6c:31:09:39:05:b7:b4:48:
e9:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:7A:02:F8:86:FB:54:03:DF:39:83:1B:A3:CB:B9:39:FD:74:13:97
X509v3 Authority Key Identifier:
keyid:58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/YHoC-Ib7VAPfOYMbo8u5Of10E5c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.57.201.0/24
Signature Algorithm: sha256WithRSAEncryption
08:f7:d2:25:d7:2b:3d:20:c2:bd:90:03:3e:8b:c1:f1:58:a0:
d2:83:3b:56:d6:53:ef:42:23:4d:de:5f:81:78:6a:14:ee:90:
99:47:0f:dc:c4:43:f6:d4:3a:61:5d:01:97:2e:53:53:d2:33:
20:1e:9e:5c:0e:63:39:97:e1:84:f5:c9:ff:a2:ee:bc:1d:1b:
bb:07:45:cc:57:34:58:03:6c:97:58:ee:21:e4:6b:59:ca:67:
ca:e1:a1:19:48:b0:a1:8b:94:2d:2f:a8:2b:72:99:dc:14:8d:
17:01:a9:ff:e7:3d:57:3d:86:57:ca:45:c5:a1:9e:44:00:7e:
e2:d9:e4:47:83:8a:58:48:27:8c:8f:fc:ec:ae:53:3c:ed:4c:
06:16:b7:15:13:16:a8:0e:ee:2b:fc:45:2e:d7:f9:7e:af:8a:
eb:07:e2:21:3f:57:aa:99:ac:49:69:6d:6c:33:dc:fd:c1:92:
35:e0:71:4c:ff:15:61:3c:66:2c:5d:ee:11:39:67:d3:88:f0:
ce:d5:d2:ab:e3:6f:66:35:ce:94:a7:50:ce:35:52:41:87:64:
ec:0d:b2:b6:40:c5:48:2b:8f:b8:c6:8f:80:5a:a4:d0:65:3b:
4a:92:1e:17:9e:ec:ca:37:33:6c:6c:86:81:80:a2:84:d1:dd:
44:56:f6:5e
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICHoYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTg1
MjA2Qzg3NDIwQkU0MkM3QjkwNDJERTNFNUZENTE1OTVGRjE0QjAeFw0yNTA2MDUw
ODUzMTNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDYwN0EwMkY4ODZGQjU0
MDNERjM5ODMxQkEzQ0JCOTM5RkQ3NDEzOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDL9tcOyn4ExA5mZXcM/EwyoXgShVDUf91AOmjmAP9wlrqZtfTq
rI1sUKTsb0BnAIxHG+ZjP4Wl8pprjrEz8OIjm7nvbXnWqyd1Bo4axeZRkS+eETJr
4qoADnbQrFcoU2Z/EgGInaZrixYM49+1rsxty5hPSHujC67tTyTLX8hmAVGYgxRv
E136yaUZYiIDpBTSnBzKRzPBExiSfVzz0Ww7N+EnWFvyuG5klmoimOBrU6KMm48o
fa0Ra5/zNZf+LKw3h7OG5d0H0/EZpcs+5YQlQACEc4Z5kyEh7HXjP+9W/7onC42P
d/YJ2KBCpRWbipPbs/+ATKpsMQk5Bbe0SOkPAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUYHoC+Ib7VAPfOYMbo8u5Of10E5cwHwYDVR0jBBgwFoAUWFIGyHQgvkLHuQQt
4+X9UVlf8UswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYx
L1dGSUd5SFFndmtMSHVRUXQ0LVg5VVZsZjhVcy5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvV0ZJR3lIUWd2a0xIdVFRdDQtWDlVVmxmOFVzLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYxL1lIb0MtSWI3VkFQZk9Z
TWJvOHU1T2YxMEU1Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADKOckwDQYJKoZIhvcNAQELBQADggEBAAj30iXXKz0gwr2QAz6LwfFYoNKDO1bW
U+9CI03eX4F4ahTukJlHD9zEQ/bUOmFdAZcuU1PSMyAenlwOYzmX4YT1yf+i7rwd
G7sHRcxXNFgDbJdY7iHka1nKZ8rhoRlIsKGLlC0vqCtymdwUjRcBqf/nPVc9hlfK
RcWhnkQAfuLZ5EeDilhIJ4yP/OyuUzztTAYWtxUTFqgO7iv8RS7X+X6viusH4iE/
V6qZrElpbWwz3P3BkjXgcUz/FWE8Zixd7hE5Z9OI8M7V0qvjb2Y1zpSnUM41UkGH
ZOwNsrZAxUgrj7jGj4BapNBlO0qSHhee7Mo3M2xshoGAooTR3URW9l4=
-----END CERTIFICATE-----
Generated at Mon Aug 11 15:05:24 2025 by rpki-client