Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/1U1iPwspuXBRpOXYrmAjuubD_0o.roa
File: 1U1iPwspuXBRpOXYrmAjuubD_0o.roa (raw, json)
Hash identifier: Rg8bTTf8sUU4ZRDx+byAtS9WUEMQlXBWew+aCvXvPQ8=
Subject key identifier: D5:4D:62:3F:0B:29:B9:70:51:A4:E5:D8:AE:60:23:BA:E6:C3:FF:4A
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1808
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/1U1iPwspuXBRpOXYrmAjuubD_0o.roa
Signing time: Fri 17 Jan 2025 01:24:28 +0000
ROA not before: Fri 17 Jan 2025 01:24:28 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 24373
IP address blocks: 45.252.8.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6152 (0x1808)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:24:28 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=D54D623F0B29B97051A4E5D8AE6023BAE6C3FF4A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:fe:62:16:10:ac:06:c3:58:60:9a:6c:21:51:
6c:d4:0f:53:fc:86:34:9f:69:b7:12:dd:de:4f:e4:
5a:9b:fc:ae:87:64:fa:fb:2d:be:d6:36:5d:ae:93:
30:b6:4b:db:1c:68:69:a5:be:6f:37:9f:b0:c8:86:
4b:09:b9:48:5f:d0:cf:54:37:40:15:a3:4a:41:8f:
1c:a9:9d:8c:8b:7f:00:e1:f2:35:3f:f8:ea:5d:c8:
a6:29:5b:35:16:a3:31:00:5e:6f:53:2a:73:1f:c6:
9f:11:d3:29:7d:ed:ed:96:31:65:7f:c5:3b:ca:0c:
df:7f:9b:2e:ae:d4:94:b4:31:97:14:fc:fc:1a:5e:
2a:54:9f:43:12:59:ac:70:37:33:24:4a:0d:26:bd:
da:7e:fe:70:8f:bb:4c:dc:5e:50:b0:43:eb:91:5d:
0c:3b:96:30:94:0e:30:e8:23:e2:7e:4b:47:e0:20:
a6:f8:a6:00:df:ad:e5:ba:d3:94:67:71:f2:92:34:
86:58:88:18:2e:56:d3:6b:dc:1a:95:4b:6b:a0:35:
31:a3:9b:b9:61:56:4e:ee:1d:a9:85:59:93:c2:30:
62:3d:3f:38:93:54:24:eb:84:ee:ff:a3:51:a5:58:
96:1a:31:b6:79:cd:00:b0:8b:66:5f:3e:86:03:7d:
9d:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:4D:62:3F:0B:29:B9:70:51:A4:E5:D8:AE:60:23:BA:E6:C3:FF:4A
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/1U1iPwspuXBRpOXYrmAjuubD_0o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.8.0/22
Signature Algorithm: sha256WithRSAEncryption
96:61:55:5c:93:1e:a4:c6:c9:65:9f:0f:ec:34:67:5b:6b:f7:
49:cd:64:67:8b:d1:c9:d7:80:ea:bc:2a:a6:8f:7d:57:b5:a6:
bf:1a:7f:1b:8c:25:43:1c:0c:10:6c:5a:fb:24:29:a1:9c:6f:
8a:53:c4:5e:5d:37:36:65:03:89:46:b9:b0:5e:33:ee:cf:54:
fa:4a:50:dc:6c:53:b2:0c:60:d3:61:66:1a:d0:a4:1c:5c:21:
91:47:65:87:6b:7a:0b:cd:1e:c4:a9:57:0a:dc:c3:48:84:d1:
5d:72:d7:29:35:6e:2a:7d:63:83:f4:36:7c:fa:7f:c6:22:41:
36:3b:8f:44:4d:10:5e:a5:29:a9:26:a2:19:8a:ed:b1:4b:75:
00:99:97:ee:dd:85:1b:bd:38:de:a6:01:c9:0e:a5:a3:33:da:
13:32:c1:87:c1:26:38:4e:15:73:2b:e6:bb:fd:e5:34:23:49:
58:25:18:76:29:49:be:b1:3f:69:84:c4:76:b5:b0:16:03:5d:
e2:67:6e:f5:18:8e:5d:ee:8b:4a:44:8c:c1:fd:57:89:40:a8:
ee:39:1e:3c:b3:e5:ca:b8:d6:69:b5:59:d9:3e:dc:05:da:e0:
a3:c4:86:2e:ff:f4:cb:30:ee:9f:a7:fb:64:9f:c1:4a:f5:83:
21:23:cc:f5
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGAgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI0MjhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEQ1NEQ2MjNGMEIyOUI5
NzA1MUE0RTVEOEFFNjAyM0JBRTZDM0ZGNEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDs/mIWEKwGw1hgmmwhUWzUD1P8hjSfabcS3d5P5Fqb/K6HZPr7
Lb7WNl2ukzC2S9scaGmlvm83n7DIhksJuUhf0M9UN0AVo0pBjxypnYyLfwDh8jU/
+OpdyKYpWzUWozEAXm9TKnMfxp8R0yl97e2WMWV/xTvKDN9/my6u1JS0MZcU/Pwa
XipUn0MSWaxwNzMkSg0mvdp+/nCPu0zcXlCwQ+uRXQw7ljCUDjDoI+J+S0fgIKb4
pgDfreW605RncfKSNIZYiBguVtNr3BqVS2ugNTGjm7lhVk7uHamFWZPCMGI9PziT
VCTrhO7/o1GlWJYaMbZ5zQCwi2ZfPoYDfZ0/AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU1U1iPwspuXBRpOXYrmAjuubD/0owHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzFVMWlQd3NwdVhCUnBP
WFlybUFqdXViRF8wby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAIt/AgwDQYJKoZIhvcNAQELBQADggEBAJZhVVyTHqTGyWWfD+w0Z1tr90nNZGeL
0cnXgOq8KqaPfVe1pr8afxuMJUMcDBBsWvskKaGcb4pTxF5dNzZlA4lGubBeM+7P
VPpKUNxsU7IMYNNhZhrQpBxcIZFHZYdregvNHsSpVwrcw0iE0V1y1yk1bip9Y4P0
Nnz6f8YiQTY7j0RNEF6lKakmohmK7bFLdQCZl+7dhRu9ON6mAckOpaMz2hMywYfB
JjhOFXMr5rv95TQjSVglGHYpSb6xP2mExHa1sBYDXeJnbvUYjl3ui0pEjMH9V4lA
qO45Hjyz5cq41mm1Wdk+3AXa4KPEhi7/9Msw7p+n+2SfwUr1gyEjzPU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:47:07 2025 by rpki-client