Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3168/opgAiE1en4VEXgjtUKsIkROLdAk.roa
File: opgAiE1en4VEXgjtUKsIkROLdAk.roa (raw, json)
Hash identifier: qtxJLz18bhqTHdp8C9PQBGM1kkbjPiKM1IN0/TVEOQw=
Subject key identifier: A2:98:00:88:4D:5E:9F:85:44:5E:08:ED:50:AB:08:91:13:8B:74:09
Certificate issuer: /CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094
Certificate serial: 118F
Authority key identifier: 24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/opgAiE1en4VEXgjtUKsIkROLdAk.roa
Signing time: Sat 18 Jan 2025 15:10:18 +0000
ROA not before: Sat 18 Jan 2025 15:10:18 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 211392
IP address blocks: 45.250.152.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4495 (0x118f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094
Validity
Not Before: Jan 18 15:10:18 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=A29800884D5E9F85445E08ED50AB0891138B7409
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d8:0f:aa:6d:2c:65:55:ea:a7:40:81:9c:86:
73:6e:51:93:90:12:60:0b:5b:bf:d9:19:82:19:f2:
cd:c6:09:3d:ce:b1:f2:fe:7f:a6:a7:9b:04:f9:86:
15:f2:b5:70:99:ce:19:6b:a1:99:71:ea:90:54:c0:
a1:d7:d6:b2:8f:54:a9:b0:4c:7a:3d:87:f3:c6:20:
25:c8:21:6f:0e:08:3b:fb:c4:8f:37:c1:ef:d0:19:
ef:1b:2b:87:03:0b:3c:f6:5d:b0:69:1f:76:d3:d2:
12:ed:ca:c1:d0:9f:93:c6:53:53:33:4e:3f:69:cd:
4f:16:60:6d:88:a1:f7:1e:55:ad:d0:fb:a2:98:dd:
17:40:ef:37:94:8d:76:c5:d3:e5:64:df:36:8d:f6:
70:a8:0d:3a:36:fd:fa:1b:85:e1:f9:24:c2:b2:53:
4d:7b:42:e1:8c:af:e9:6e:c2:8f:45:c4:46:f1:b0:
d5:2a:34:6e:61:39:c7:3e:33:00:ba:e2:e8:98:d9:
e0:31:fd:44:00:8b:c7:a0:c8:e8:67:de:fc:04:23:
c5:f6:a3:e6:7d:7f:dd:a0:f9:c5:8b:d9:bd:00:b8:
c1:a2:25:df:57:5f:2b:f0:e8:05:1a:f1:ff:06:fc:
d2:ff:82:91:8c:53:5d:7c:4d:87:4c:82:30:74:eb:
df:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:98:00:88:4D:5E:9F:85:44:5E:08:ED:50:AB:08:91:13:8B:74:09
X509v3 Authority Key Identifier:
keyid:24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/opgAiE1en4VEXgjtUKsIkROLdAk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.250.152.0/24
Signature Algorithm: sha256WithRSAEncryption
27:84:1f:1c:20:ad:f2:c4:11:64:4a:4f:ae:ec:97:24:c0:88:
c2:62:d3:e0:fe:2c:75:3b:89:98:2f:d7:39:ed:a7:3f:7a:db:
fd:0c:38:43:40:b1:a1:0d:2b:70:f7:64:c4:10:11:9d:35:93:
a7:55:82:d3:f3:97:71:b1:8e:d6:b4:10:09:19:8a:0c:09:4d:
b0:67:dc:b1:5f:34:cb:66:e7:59:74:0a:d6:72:d0:50:86:20:
07:8b:8c:fa:02:31:dc:72:b2:36:d2:bd:2a:bf:1e:67:4f:c0:
8f:9b:69:a0:3e:57:be:79:8a:8e:5a:e0:ba:81:63:20:25:6d:
c9:13:be:a5:26:18:f5:70:e3:09:d4:dd:3f:13:3a:42:cf:24:
70:5d:a3:93:c2:cb:8f:6c:5b:09:29:83:3d:35:86:86:45:07:
91:05:71:ca:87:82:3f:fe:5b:e2:87:58:01:2c:02:f6:a3:0d:
b2:f2:99:bb:26:49:d4:49:53:c7:2e:15:3d:86:e9:30:2f:c0:
81:a4:df:cc:e0:a2:f5:19:f4:49:4c:01:90:fd:17:ae:e3:81:
d5:92:ae:3e:70:06:a6:d4:e0:19:9a:f6:68:4a:ef:e9:8e:e5:
04:08:81:d9:34:89:ae:ae:5d:eb:42:a6:e3:e9:6e:4c:71:6c:
2d:67:f0:46
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICEY8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjQw
OTg3RjQwQTYwMzBDREZBMzNERUQxRUVFN0NGNERDN0MzMDA5NDAeFw0yNTAxMTgx
NTEwMThaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEEyOTgwMDg4NEQ1RTlG
ODU0NDVFMDhFRDUwQUIwODkxMTM4Qjc0MDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC12A+qbSxlVeqnQIGchnNuUZOQEmALW7/ZGYIZ8s3GCT3OsfL+
f6anmwT5hhXytXCZzhlroZlx6pBUwKHX1rKPVKmwTHo9h/PGICXIIW8OCDv7xI83
we/QGe8bK4cDCzz2XbBpH3bT0hLtysHQn5PGU1MzTj9pzU8WYG2IofceVa3Q+6KY
3RdA7zeUjXbF0+Vk3zaN9nCoDTo2/fobheH5JMKyU017QuGMr+luwo9FxEbxsNUq
NG5hOcc+MwC64uiY2eAx/UQAi8egyOhn3vwEI8X2o+Z9f92g+cWL2b0AuMGiJd9X
Xyvw6AUa8f8G/NL/gpGMU118TYdMgjB069/hAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUopgAiE1en4VEXgjtUKsIkROLdAkwHwYDVR0jBBgwFoAUJAmH9ApgMM36M97R
7ufPTcfDAJQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2
OC9KQW1IOUFwZ01NMzZNOTdSN3VmUFRjZkRBSlEuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0pBbUg5QXBnTU0zNk05N1I3dWZQVGNmREFKUS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNjgvb3BnQWlFMWVuNFZF
WGdqdFVLc0lrUk9MZEFrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAC36mDANBgkqhkiG9w0BAQsFAAOCAQEAJ4QfHCCt8sQRZEpPruyXJMCIwmLT
4P4sdTuJmC/XOe2nP3rb/Qw4Q0CxoQ0rcPdkxBARnTWTp1WC0/OXcbGO1rQQCRmK
DAlNsGfcsV80y2bnWXQK1nLQUIYgB4uM+gIx3HKyNtK9Kr8eZ0/Aj5tpoD5XvnmK
jlrguoFjICVtyRO+pSYY9XDjCdTdPxM6Qs8kcF2jk8LLj2xbCSmDPTWGhkUHkQVx
yoeCP/5b4odYASwC9qMNsvKZuyZJ1ElTxy4VPYbpMC/AgaTfzOCi9Rn0SUwBkP0X
ruOB1ZKuPnAGptTgGZr2aErv6Y7lBAiB2TSJrq5d60Km4+luTHFsLWfwRg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:46:12 2025 by rpki-client