Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1826/s6qZ59C9C3Rx1_dYYkL8Pba15QE.roa
File: s6qZ59C9C3Rx1_dYYkL8Pba15QE.roa (raw, json)
Hash identifier: Z5eUU4BhcKqS/6XZ5bO9vhYAIrozt8on0FwXTp8twqs=
Subject key identifier: B3:AA:99:E7:D0:BD:0B:74:71:D7:F7:58:62:42:FC:3D:B6:B5:E5:01
Certificate issuer: /CN=75324D3B8F1D5EBA5770E661EE16AF24A750554F
Certificate serial: 1094
Authority key identifier: 75:32:4D:3B:8F:1D:5E:BA:57:70:E6:61:EE:16:AF:24:A7:50:55:4F
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dTJNO48dXrpXcOZh7havJKdQVU8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1826/s6qZ59C9C3Rx1_dYYkL8Pba15QE.roa
Signing time: Tue 24 Sep 2024 00:21:32 +0000
ROA not before: Tue 24 Sep 2024 00:21:32 +0000
ROA not after: Sat 20 Sep 2025 07:41:26 +0000
asID: 152320
IP address blocks: 45.254.24.0/24 maxlen: 24
45.254.25.0/24 maxlen: 24
45.254.26.0/24 maxlen: 24
45.254.27.0/24 maxlen: 24
103.223.120.0/24 maxlen: 24
103.223.121.0/24 maxlen: 24
103.223.122.0/24 maxlen: 24
103.223.123.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4244 (0x1094)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75324D3B8F1D5EBA5770E661EE16AF24A750554F
Validity
Not Before: Sep 24 00:21:32 2024 GMT
Not After : Sep 20 07:41:26 2025 GMT
Subject: CN=B3AA99E7D0BD0B7471D7F7586242FC3DB6B5E501
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:79:fa:56:30:86:7d:5a:e2:dd:0b:fa:83:bf:
13:4e:43:a3:a5:ec:6a:5c:b2:15:86:75:99:ee:94:
53:83:a0:c3:02:56:99:54:09:dd:d4:55:f1:7e:36:
3e:d3:c4:db:e3:cc:62:a9:37:9a:5c:a0:ae:fc:ac:
0d:47:f2:56:b5:d3:0b:ef:77:f7:e2:f4:35:bc:87:
ab:03:9f:75:fc:5c:c0:b4:9e:a9:02:a8:ef:14:7b:
de:c9:f0:95:f0:80:72:e6:69:e7:ae:65:0e:dd:32:
d2:66:db:ce:8f:61:f8:f3:f7:a0:f5:8b:8e:45:9f:
ea:ea:05:76:0f:61:51:f0:31:a8:c9:ab:7f:2e:cb:
0c:86:c5:a1:e9:ca:14:91:f0:be:be:0e:da:ba:3c:
b3:2b:be:49:9a:64:aa:fe:83:b1:a9:84:f7:56:2f:
02:1d:e3:df:9a:41:e9:b3:4d:5a:eb:3a:45:54:f4:
fc:50:f8:a5:f2:d7:28:97:01:93:6b:fd:f5:57:f4:
f8:82:6b:7a:d5:8e:cb:10:ab:db:12:13:61:f8:40:
5b:75:56:b5:1f:35:48:42:c7:7b:67:8e:ea:40:ee:
d5:ac:e4:74:74:ab:66:10:4a:9d:31:99:4c:9c:db:
52:18:05:68:bc:a0:cf:6b:78:34:fd:8e:23:e9:5f:
cc:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:AA:99:E7:D0:BD:0B:74:71:D7:F7:58:62:42:FC:3D:B6:B5:E5:01
X509v3 Authority Key Identifier:
keyid:75:32:4D:3B:8F:1D:5E:BA:57:70:E6:61:EE:16:AF:24:A7:50:55:4F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1826/dTJNO48dXrpXcOZh7havJKdQVU8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dTJNO48dXrpXcOZh7havJKdQVU8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1826/s6qZ59C9C3Rx1_dYYkL8Pba15QE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.254.24.0/22
103.223.120.0/22
Signature Algorithm: sha256WithRSAEncryption
94:42:76:54:4f:3f:52:65:8f:7f:39:c4:31:90:16:d5:d2:b9:
c3:cd:4e:84:9c:7b:a0:f9:e0:8a:1d:69:bb:01:82:44:03:1e:
dc:33:59:ff:53:41:4e:03:3c:4d:64:a6:6f:60:2d:d1:36:2a:
e8:7c:7a:31:b7:e7:f3:fe:97:37:aa:f4:51:92:fc:70:41:f5:
6f:cd:af:4d:54:1b:fb:20:75:db:e1:8a:2f:fd:85:5d:01:e0:
43:3b:ab:9c:e6:46:3e:bb:9c:af:b3:f4:0f:2d:2d:3a:b7:19:
39:76:92:44:94:48:71:63:b2:2e:44:85:fc:90:51:0a:db:34:
4a:45:60:39:2b:ed:be:60:dc:9d:c7:9e:89:0c:af:47:bd:bb:
11:53:9c:c5:89:98:f8:4b:42:31:4b:fb:9a:9d:ff:45:ca:cf:
55:e9:70:a9:f2:20:51:cb:94:14:df:87:73:91:56:10:4c:d1:
8e:1d:45:63:e0:58:14:a0:20:70:8c:8b:cf:c0:fa:d9:e5:ca:
62:85:51:75:02:f8:06:96:cc:9a:82:d5:81:9a:05:18:c6:65:
86:a5:0c:3f:25:60:19:ee:38:fa:c4:c1:6b:6b:66:45:16:f7:
9e:18:fb:16:12:e7:c3:06:96:c8:9a:6e:40:91:7f:94:27:42:
59:e1:d1:bb
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgICEJQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzUz
MjREM0I4RjFENUVCQTU3NzBFNjYxRUUxNkFGMjRBNzUwNTU0RjAeFw0yNDA5MjQw
MDIxMzJaFw0yNTA5MjAwNzQxMjZaMDMxMTAvBgNVBAMTKEIzQUE5OUU3RDBCRDBC
NzQ3MUQ3Rjc1ODYyNDJGQzNEQjZCNUU1MDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD3efpWMIZ9WuLdC/qDvxNOQ6Ol7GpcshWGdZnulFODoMMCVplU
Cd3UVfF+Nj7TxNvjzGKpN5pcoK78rA1H8la10wvvd/fi9DW8h6sDn3X8XMC0nqkC
qO8Ue97J8JXwgHLmaeeuZQ7dMtJm286PYfjz96D1i45Fn+rqBXYPYVHwMajJq38u
ywyGxaHpyhSR8L6+Dtq6PLMrvkmaZKr+g7GphPdWLwId49+aQemzTVrrOkVU9PxQ
+KXy1yiXAZNr/fVX9PiCa3rVjssQq9sSE2H4QFt1VrUfNUhCx3tnjupA7tWs5HR0
q2YQSp0xmUyc21IYBWi8oM9reDT9jiPpX8wDAgMBAAGjggH5MIIB9TAdBgNVHQ4E
FgQUs6qZ59C9C3Rx1/dYYkL8Pba15QEwHwYDVR0jBBgwFoAUdTJNO48dXrpXcOZh
7havJKdQVU8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTgy
Ni9kVEpOTzQ4ZFhycFhjT1poN2hhdkpLZFFWVTguY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2RUSk5PNDhkWHJwWGNPWmg3aGF2SktkUVZVOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE4MjYvczZxWjU5QzlDM1J4
MV9kWVlrTDhQYmExNVFFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw
DAMEAi3+GAMEAmffeDANBgkqhkiG9w0BAQsFAAOCAQEAlEJ2VE8/UmWPfznEMZAW
1dK5w81OhJx7oPngih1puwGCRAMe3DNZ/1NBTgM8TWSmb2At0TYq6Hx6Mbfn8/6X
N6r0UZL8cEH1b82vTVQb+yB12+GKL/2FXQHgQzurnOZGPrucr7P0Dy0tOrcZOXaS
RJRIcWOyLkSF/JBRCts0SkVgOSvtvmDcnceeiQyvR727EVOcxYmY+EtCMUv7mp3/
RcrPVelwqfIgUcuUFN+Hc5FWEEzRjh1FY+BYFKAgcIyLz8D62eXKYoVRdQL4BpbM
moLVgZoFGMZlhqUMPyVgGe44+sTBa2tmRRb3nhj7FhLnwwaWyJpuQJF/lCdCWeHR
uw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:17:14 2025 by rpki-client