Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/361/UvFPFtfZRwIpsVPDwTcaivNQT2M.roa
File: UvFPFtfZRwIpsVPDwTcaivNQT2M.roa (raw, json)
Hash identifier: +20FoExPiMakZMJcWWLawNFL0zT3N3DsgEk8fS/12+g=
Subject key identifier: 52:F1:4F:16:D7:D9:47:02:29:B1:53:C3:C1:37:1A:8A:F3:50:4F:63
Certificate issuer: /CN=585206C87420BE42C7B9042DE3E5FD51595FF14B
Certificate serial: 1BBC
Authority key identifier: 58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/UvFPFtfZRwIpsVPDwTcaivNQT2M.roa
Signing time: Fri 17 Jan 2025 01:26:12 +0000
ROA not before: Fri 17 Jan 2025 01:26:12 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 45110
IP address blocks: 43.254.228.0/22 maxlen: 24
43.254.228.0/24 maxlen: 24
43.254.229.0/24 maxlen: 24
43.254.230.0/24 maxlen: 24
103.200.220.0/22 maxlen: 24
111.118.200.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7100 (0x1bbc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=585206C87420BE42C7B9042DE3E5FD51595FF14B
Validity
Not Before: Jan 17 01:26:12 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=52F14F16D7D9470229B153C3C1371A8AF3504F63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:46:f9:f9:be:08:18:79:60:0a:a4:2a:44:d5:
98:22:9a:07:e8:4d:e6:7f:83:45:d8:d4:7a:fa:7b:
f4:27:9b:ed:1e:17:77:c9:65:10:85:fb:28:02:d1:
3e:cc:5e:78:e2:33:97:af:af:09:62:e8:23:38:e3:
66:ba:ea:32:1a:1a:60:1e:2a:06:39:01:da:b2:f5:
3a:0a:46:16:01:a3:33:c5:37:bd:6e:f3:80:25:20:
ad:5a:50:d3:7c:a1:1d:31:d0:84:24:ca:8b:fc:21:
78:28:b9:25:8d:38:f9:3a:18:fa:88:c8:99:49:68:
4f:8c:ee:01:f8:37:69:f3:f2:77:09:f7:af:7e:46:
bc:d6:3f:2d:75:3e:30:fb:63:22:d0:ef:e6:ac:09:
4d:da:7d:cb:9c:93:a2:4d:61:58:e4:77:9c:3f:1b:
49:d1:e8:41:1b:a9:d7:94:6c:f5:77:a7:3d:35:8e:
a5:bb:0c:03:c5:8a:f1:ee:0c:4c:5d:d1:c9:56:0d:
13:8e:62:d5:3f:2d:48:85:07:93:ee:bc:bc:b8:5e:
81:17:ce:68:30:31:2e:8d:31:25:a5:a4:ed:75:c2:
d3:ea:99:98:68:18:56:ac:55:76:72:01:5e:db:8c:
da:09:cb:81:ba:26:03:45:ff:60:ae:c6:81:c6:ef:
f9:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:F1:4F:16:D7:D9:47:02:29:B1:53:C3:C1:37:1A:8A:F3:50:4F:63
X509v3 Authority Key Identifier:
keyid:58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/UvFPFtfZRwIpsVPDwTcaivNQT2M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.228.0/22
103.200.220.0/22
111.118.200.0/24
Signature Algorithm: sha256WithRSAEncryption
28:7b:21:0b:16:7f:61:6b:e7:cf:30:3f:6a:79:c7:42:f5:22:
89:3d:f2:90:ac:82:df:52:cd:24:99:85:36:91:10:5a:6a:2d:
e9:4a:c8:b9:30:7d:af:8d:a8:88:25:ae:9a:27:29:2f:fd:c2:
29:5a:64:cf:40:e9:e6:e3:8e:6f:4a:58:15:09:d2:cc:75:5f:
38:2f:0b:5c:a0:12:9b:8e:9b:c6:d0:b7:2a:5d:b0:1e:89:ee:
32:62:39:5b:1a:74:bf:ed:ee:63:b0:81:b8:d7:03:a9:6a:5a:
ab:29:f1:28:85:34:76:30:7f:30:9c:9a:44:f9:6e:80:38:a4:
e8:5f:23:01:13:de:9b:5b:8a:ea:4c:49:cc:c4:ea:c7:7d:1d:
61:f8:63:c3:35:07:9c:bf:2c:f1:8a:f0:c7:04:f4:73:6d:1b:
82:1a:b5:28:fc:22:e0:6c:6d:1a:fb:99:90:c3:89:c3:ed:80:
39:f4:58:01:56:66:bc:95:78:28:f3:ac:8d:13:1b:a9:be:56:
41:3f:fb:3e:a5:94:95:b0:c7:7d:76:01:0a:1c:8a:13:ef:da:
f4:81:24:6a:66:01:29:fd:38:bf:e3:1e:5c:d4:7e:8b:c3:78:
55:f8:58:12:d8:fe:3b:9e:28:8e:f3:64:54:89:fe:16:d7:48:
a6:9e:44:1a
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICG7wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTg1
MjA2Qzg3NDIwQkU0MkM3QjkwNDJERTNFNUZENTE1OTVGRjE0QjAeFw0yNTAxMTcw
MTI2MTJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDUyRjE0RjE2RDdEOTQ3
MDIyOUIxNTNDM0MxMzcxQThBRjM1MDRGNjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6Rvn5vggYeWAKpCpE1ZgimgfoTeZ/g0XY1Hr6e/Qnm+0eF3fJ
ZRCF+ygC0T7MXnjiM5evrwli6CM442a66jIaGmAeKgY5Adqy9ToKRhYBozPFN71u
84AlIK1aUNN8oR0x0IQkyov8IXgouSWNOPk6GPqIyJlJaE+M7gH4N2nz8ncJ969+
RrzWPy11PjD7YyLQ7+asCU3afcuck6JNYVjkd5w/G0nR6EEbqdeUbPV3pz01jqW7
DAPFivHuDExd0clWDROOYtU/LUiFB5PuvLy4XoEXzmgwMS6NMSWlpO11wtPqmZho
GFasVXZyAV7bjNoJy4G6JgNF/2CuxoHG7/n5AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUUvFPFtfZRwIpsVPDwTcaivNQT2MwHwYDVR0jBBgwFoAUWFIGyHQgvkLHuQQt
4+X9UVlf8UswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYx
L1dGSUd5SFFndmtMSHVRUXQ0LVg5VVZsZjhVcy5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvV0ZJR3lIUWd2a0xIdVFRdDQtWDlVVmxmOFVzLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYxL1V2RlBGdGZaUndJcHNW
UER3VGNhaXZOUVQyTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAIr/uQDBAJnyNwDBABvdsgwDQYJKoZIhvcNAQELBQADggEBACh7IQsWf2Fr588w
P2p5x0L1Iok98pCsgt9SzSSZhTaREFpqLelKyLkwfa+NqIglrponKS/9wilaZM9A
6ebjjm9KWBUJ0sx1XzgvC1ygEpuOm8bQtypdsB6J7jJiOVsadL/t7mOwgbjXA6lq
Wqsp8SiFNHYwfzCcmkT5boA4pOhfIwET3ptbiupMSczE6sd9HWH4Y8M1B5y/LPGK
8McE9HNtG4IatSj8IuBsbRr7mZDDicPtgDn0WAFWZryVeCjzrI0TG6m+VkE/+z6l
lJWwx312AQocihPv2vSBJGpmASn9OL/jHlzUfovDeFX4WBLY/jueKI7zZFSJ/hbX
SKaeRBo=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:27:26 2025 by rpki-client