Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/492crvuGprRar-cK6PAaawIpAYY.roa
File: 492crvuGprRar-cK6PAaawIpAYY.roa (raw, json)
Hash identifier: ru9qOgfymWgia2oAuriq4kSeQGX0z1XGBnqjH709TQU=
Subject key identifier: E3:DD:9C:AE:FB:86:A6:B4:5A:AF:E7:0A:E8:F0:1A:6B:02:29:01:86
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 16D0
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/492crvuGprRar-cK6PAaawIpAYY.roa
Signing time: Tue 19 Nov 2024 02:39:43 +0000
ROA not before: Tue 19 Nov 2024 02:39:43 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 13444
IP address blocks: 45.252.145.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5840 (0x16d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Nov 19 02:39:43 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=E3DD9CAEFB86A6B45AAFE70AE8F01A6B02290186
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:9a:b9:77:84:42:32:55:4c:eb:4e:aa:7d:0f:
99:fe:bb:30:a9:c3:c9:24:d8:f2:12:3a:b5:6f:d0:
39:9f:1e:db:50:9f:c9:0a:d7:de:c3:1b:6f:f9:b0:
da:48:be:f8:09:bf:56:75:a2:ed:eb:b1:2f:f7:e6:
e5:8e:0e:6e:50:fd:5f:61:15:25:ee:e6:a9:84:79:
6e:95:63:0b:50:dd:5d:be:ca:7b:97:52:28:ea:58:
71:4c:c7:01:5e:0a:3d:94:1d:63:cf:dc:64:4d:0f:
7d:98:32:75:70:31:21:6f:76:2c:14:4e:55:4e:97:
a7:fc:50:e7:8e:8f:59:3e:b3:cf:d2:04:50:b5:6c:
73:53:1b:26:bb:9a:1f:a3:83:e2:99:41:25:df:0f:
c9:40:1f:20:e6:96:c5:c9:6c:90:be:58:54:72:3d:
76:02:e5:c1:7e:fd:c1:0f:10:e3:3d:66:99:37:ea:
78:4e:19:2e:14:b3:0a:54:12:88:21:eb:05:d7:bd:
43:af:6c:bd:3f:34:1c:75:c9:ce:d2:2c:26:75:e8:
ca:c8:0b:a1:c4:e5:90:52:0f:4a:b6:2d:a1:b9:bd:
5d:b1:72:92:73:d1:ba:7e:0b:8a:3f:58:27:83:73:
03:e3:6b:b7:a0:30:ff:37:84:01:48:e1:0d:e5:c2:
76:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:DD:9C:AE:FB:86:A6:B4:5A:AF:E7:0A:E8:F0:1A:6B:02:29:01:86
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/492crvuGprRar-cK6PAaawIpAYY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.145.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:5b:ad:53:8d:70:b0:d1:ac:09:cb:a7:9e:65:6d:a4:d7:f8:
9e:68:ad:5b:01:21:be:5a:e6:2a:46:8b:77:4b:e2:66:6a:6e:
90:b3:e4:08:d7:2c:c0:4e:09:30:6c:cf:4d:f0:65:17:1b:a7:
10:28:fb:0b:46:80:39:42:9a:12:64:89:d1:8e:8b:9a:98:3b:
ec:b0:e0:c0:a6:17:3d:92:92:57:aa:2c:71:e4:2c:ee:fe:a5:
f5:23:a5:99:a7:69:75:e9:bd:84:65:c4:84:cd:a5:82:b5:8c:
4a:a7:2f:2a:de:9d:f8:a7:41:c3:27:c2:62:9e:63:c2:76:3c:
eb:f4:a2:f0:aa:7e:b2:a4:05:90:d4:57:58:6d:e5:96:02:41:
4c:62:05:26:47:ee:11:a1:b3:1b:4f:e7:3c:c0:95:be:72:2d:
44:3b:95:ca:eb:b9:4d:40:f4:97:16:34:b7:f0:55:a7:96:cd:
28:86:ab:52:5e:8e:f8:f9:0d:20:4b:e4:1e:f2:03:c9:fc:1e:
8d:25:6e:a1:32:73:ee:c3:4d:b3:33:30:da:b9:4f:05:53:e1:
fe:e1:7c:57:47:eb:45:15:da:6c:b5:b5:80:fa:7f:a8:54:73:
86:5a:85:9c:c4:39:13:a6:d8:0e:ab:3d:18:3e:26:88:92:18:
53:f3:10:21
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFtAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDExMTkw
MjM5NDNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEUzREQ5Q0FFRkI4NkE2
QjQ1QUFGRTcwQUU4RjAxQTZCMDIyOTAxODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRmrl3hEIyVUzrTqp9D5n+uzCpw8kk2PISOrVv0DmfHttQn8kK
197DG2/5sNpIvvgJv1Z1ou3rsS/35uWODm5Q/V9hFSXu5qmEeW6VYwtQ3V2+ynuX
UijqWHFMxwFeCj2UHWPP3GRND32YMnVwMSFvdiwUTlVOl6f8UOeOj1k+s8/SBFC1
bHNTGya7mh+jg+KZQSXfD8lAHyDmlsXJbJC+WFRyPXYC5cF+/cEPEOM9Zpk36nhO
GS4UswpUEogh6wXXvUOvbL0/NBx1yc7SLCZ16MrIC6HE5ZBSD0q2LaG5vV2xcpJz
0bp+C4o/WCeDcwPja7egMP83hAFI4Q3lwnbbAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU492crvuGprRar+cK6PAaawIpAYYwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzQ5MmNydnVHcHJSYXIt
Y0s2UEFhYXdJcEFZWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAt/JEwDQYJKoZIhvcNAQELBQADggEBAKFbrVONcLDRrAnLp55lbaTX+J5orVsB
Ib5a5ipGi3dL4mZqbpCz5AjXLMBOCTBsz03wZRcbpxAo+wtGgDlCmhJkidGOi5qY
O+yw4MCmFz2SkleqLHHkLO7+pfUjpZmnaXXpvYRlxITNpYK1jEqnLyrenfinQcMn
wmKeY8J2POv0ovCqfrKkBZDUV1ht5ZYCQUxiBSZH7hGhsxtP5zzAlb5yLUQ7lcrr
uU1A9JcWNLfwVaeWzSiGq1Jejvj5DSBL5B7yA8n8Ho0lbqEyc+7DTbMzMNq5TwVT
4f7hfFdH60UV2my1tYD6f6hUc4ZahZzEOROm2A6rPRg+JoiSGFPzECE=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:45:16 2025 by rpki-client