Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/3mYkkybo5cWdgr6nh8euJ91wniI.roa
File: 3mYkkybo5cWdgr6nh8euJ91wniI.roa (raw, json)
Hash identifier: PCO+TwUa7BRTFmdMu8HWjNOiXy4IPRicfENEGKeeSQU=
Subject key identifier: DE:66:24:93:26:E8:E5:C5:9D:82:BE:A7:87:C7:AE:27:DD:70:9E:22
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 186B
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/3mYkkybo5cWdgr6nh8euJ91wniI.roa
Signing time: Fri 17 Jan 2025 01:25:02 +0000
ROA not before: Fri 17 Jan 2025 01:25:02 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 13444
IP address blocks: 45.252.102.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6251 (0x186b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:02 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=DE66249326E8E5C59D82BEA787C7AE27DD709E22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:40:10:6e:4a:4f:90:8e:15:12:93:d1:ae:03:
d7:09:0f:a4:52:2e:51:93:f9:0f:74:b3:1a:d9:79:
9b:4b:09:09:27:32:b0:1b:86:cf:eb:f5:cc:07:be:
27:8d:b8:8e:aa:79:bb:1f:68:8d:81:ef:f6:db:31:
11:6d:ab:d0:55:19:cd:13:20:b5:12:c6:b6:36:d8:
8a:6a:e0:38:84:b0:b0:f3:6d:c3:d0:de:15:4c:d5:
eb:3c:0c:24:2a:75:f0:2e:1e:42:2b:95:e0:5c:c1:
28:d3:00:14:17:af:0e:53:54:95:fe:b7:64:9f:f8:
5a:e9:b4:9e:d0:18:68:d3:85:56:96:2d:a6:73:65:
34:71:83:15:42:64:ce:f2:06:57:1c:83:68:52:1c:
f4:84:3c:14:4a:f7:7c:38:4e:aa:fe:bd:da:5e:7e:
4a:be:44:c1:42:a2:02:56:41:9a:8f:20:9e:a9:6c:
b1:0a:9a:80:69:8b:e2:9d:a7:eb:09:7b:fe:a7:c8:
5b:62:7a:ce:dc:cc:7d:07:41:5e:49:a8:96:21:07:
31:dc:1f:bb:45:e8:18:a8:2a:2c:d4:07:e8:76:b3:
3e:12:37:12:ab:fc:d1:36:da:ff:a5:6c:77:d3:c4:
09:d3:87:43:15:40:5d:6a:fb:f4:50:93:92:02:b7:
4f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:66:24:93:26:E8:E5:C5:9D:82:BE:A7:87:C7:AE:27:DD:70:9E:22
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/3mYkkybo5cWdgr6nh8euJ91wniI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.102.0/24
Signature Algorithm: sha256WithRSAEncryption
20:5f:67:74:10:c1:78:32:b4:a7:a3:d2:2b:4b:08:fa:ab:0b:
9c:16:a7:78:77:84:60:4c:c8:3e:44:57:cd:c6:71:70:93:3e:
a7:df:c6:3f:53:ae:a1:cf:b4:96:e5:d9:22:cf:e9:4f:ef:73:
b1:64:6a:36:f6:3a:b2:3c:3d:88:53:e7:75:68:e6:22:dc:d6:
de:90:1b:18:61:e6:7c:dd:ab:aa:e5:ab:75:7a:df:96:0a:b4:
19:91:99:b6:23:4d:ec:7a:f4:d5:2c:05:69:bd:8a:18:06:eb:
13:7c:0b:db:01:ea:b9:f6:65:52:77:ab:5d:f9:23:07:3b:2b:
33:3f:c3:fe:9f:a8:58:d5:28:57:2e:83:89:e8:14:c8:89:83:
61:7e:42:c8:67:d3:10:b4:76:cd:f5:31:6f:2c:89:bd:7d:9e:
6a:22:7a:9a:84:75:d1:31:ca:bf:fc:a7:2d:b9:20:55:f2:17:
2f:71:36:b3:83:d8:6c:9e:a9:5e:5f:f8:5f:f4:a8:72:68:11:
e7:bd:9d:b2:10:79:db:7a:08:27:39:58:32:e2:1c:48:3c:cd:
0a:df:16:1a:a1:2e:1d:8b:56:67:8f:00:79:ff:a9:b9:62:68:
0e:55:b7:f1:24:df:af:97:19:98:b3:93:2c:a7:6d:a1:56:89:
60:6c:f5:cd
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGGswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1MDJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKERFNjYyNDkzMjZFOEU1
QzU5RDgyQkVBNzg3QzdBRTI3REQ3MDlFMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPQBBuSk+QjhUSk9GuA9cJD6RSLlGT+Q90sxrZeZtLCQknMrAb
hs/r9cwHvieNuI6qebsfaI2B7/bbMRFtq9BVGc0TILUSxrY22Ipq4DiEsLDzbcPQ
3hVM1es8DCQqdfAuHkIrleBcwSjTABQXrw5TVJX+t2Sf+FrptJ7QGGjThVaWLaZz
ZTRxgxVCZM7yBlccg2hSHPSEPBRK93w4Tqr+vdpefkq+RMFCogJWQZqPIJ6pbLEK
moBpi+Kdp+sJe/6nyFties7czH0HQV5JqJYhBzHcH7tF6BioKizUB+h2sz4SNxKr
/NE22v+lbHfTxAnTh0MVQF1q+/RQk5ICt091AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU3mYkkybo5cWdgr6nh8euJ91wniIwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzNtWWtreWJvNWNXZGdy
Nm5oOGV1Sjkxd25pSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAt/GYwDQYJKoZIhvcNAQELBQADggEBACBfZ3QQwXgytKej0itLCPqrC5wWp3h3
hGBMyD5EV83GcXCTPqffxj9TrqHPtJbl2SLP6U/vc7Fkajb2OrI8PYhT53Vo5iLc
1t6QGxhh5nzdq6rlq3V635YKtBmRmbYjTex69NUsBWm9ihgG6xN8C9sB6rn2ZVJ3
q135Iwc7KzM/w/6fqFjVKFcug4noFMiJg2F+Qshn0xC0ds31MW8sib19nmoiepqE
ddExyr/8py25IFXyFy9xNrOD2GyeqV5f+F/0qHJoEee9nbIQedt6CCc5WDLiHEg8
zQrfFhqhLh2LVmePAHn/qbliaA5Vt/Ek36+XGZizkyynbaFWiWBs9c0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:45:01 2025 by rpki-client