Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/4joUW3KMn9n8_P_e0OTaoF5jIus.roa
File: 4joUW3KMn9n8_P_e0OTaoF5jIus.roa (raw, json)
Hash identifier: atg31PJoRMWC3bOJkjWDlpWCiB18j4ixogtw4mdU79E=
Subject key identifier: E2:3A:14:5B:72:8C:9F:D9:FC:FC:FF:DE:D0:E4:DA:A0:5E:63:22:EB
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 186F
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/4joUW3KMn9n8_P_e0OTaoF5jIus.roa
Signing time: Fri 17 Jan 2025 01:25:03 +0000
ROA not before: Fri 17 Jan 2025 01:25:03 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 21859
IP address blocks: 45.252.8.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6255 (0x186f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:03 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=E23A145B728C9FD9FCFCFFDED0E4DAA05E6322EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:10:78:7c:46:3f:cc:de:4b:ef:c2:cb:3b:14:
0c:2d:1e:78:40:9e:d8:48:a9:95:87:e8:93:4f:f3:
bf:da:a7:48:2d:99:55:11:bd:57:db:fc:9c:5d:39:
cd:dd:bc:91:69:38:e6:91:42:a5:62:79:08:2e:02:
2f:2b:b1:e4:ec:05:22:c1:b6:a3:28:1e:7d:ec:ba:
ac:dd:33:0f:a9:96:e9:4c:c5:51:e8:9c:0d:1e:98:
aa:d4:50:65:a4:e9:67:ed:2a:80:e5:07:6b:73:be:
5c:7b:61:85:a6:b6:46:d2:9d:da:62:f3:a8:3e:40:
a0:1d:c5:82:ac:b3:b5:c2:cb:6e:45:06:be:da:e1:
e1:8b:b3:c7:74:29:b5:5e:46:85:eb:d7:96:a1:84:
94:d8:93:59:25:69:a9:63:ef:9a:f9:14:76:65:2f:
a9:c6:5c:c8:ca:4e:62:79:1f:0c:f3:0a:d3:28:67:
5e:62:7c:65:f2:93:6a:be:c4:c6:8d:b2:56:f9:71:
ba:f7:6f:1f:a5:77:1e:90:6f:6a:12:fb:25:c5:d9:
5d:63:dc:cf:61:86:4d:b4:6c:58:99:93:0e:e7:5e:
6e:b1:bb:b2:8b:40:fd:dd:7f:05:bb:9c:cf:71:b3:
26:52:ff:f5:53:14:fc:70:1f:0d:63:df:ec:16:3b:
1a:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:3A:14:5B:72:8C:9F:D9:FC:FC:FF:DE:D0:E4:DA:A0:5E:63:22:EB
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/4joUW3KMn9n8_P_e0OTaoF5jIus.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.8.0/24
Signature Algorithm: sha256WithRSAEncryption
d2:57:dc:42:c0:da:4a:e3:03:b6:62:20:20:e2:8d:bb:7c:79:
77:a0:59:18:28:4c:cb:78:77:39:ba:4e:52:a7:bf:20:58:8f:
78:23:5f:5e:f7:48:b0:d1:0f:48:97:a3:b8:3c:c2:98:1a:78:
3c:54:49:e1:d1:3f:5b:58:5e:0d:5a:8a:f2:a1:94:3b:d6:83:
d2:18:75:50:0e:ca:7b:62:2e:36:e3:04:78:8c:13:65:e0:b8:
d6:1a:a5:d0:65:76:60:1f:1b:f3:32:6f:25:51:6c:87:3d:8c:
ae:b4:f0:70:83:e4:1a:72:44:82:d9:ff:cf:39:fa:5d:85:99:
50:ca:8a:9e:24:d1:a9:de:a3:71:81:0d:43:46:59:9f:39:d6:
9a:9e:bd:1f:b5:cd:51:f0:a2:21:c1:1e:05:48:2e:e7:8e:c1:
3a:e5:96:61:6f:7f:e0:80:4f:37:54:e9:db:5d:4f:38:ea:bc:
0a:b6:a5:33:7c:9a:78:9b:3a:4e:ef:44:bc:01:91:70:55:b7:
10:b5:2e:69:45:a6:1d:50:12:2b:ad:2d:9e:02:b6:4e:09:3b:
76:79:52:3a:46:db:06:98:6c:ae:a6:8d:7d:44:0a:fb:f4:f8:
c3:55:c5:b6:a0:85:46:31:bb:c5:0d:c3:4d:89:17:95:e8:f5:
2a:cc:13:26
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGG8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1MDNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEUyM0ExNDVCNzI4QzlG
RDlGQ0ZDRkZERUQwRTREQUEwNUU2MzIyRUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCiEHh8Rj/M3kvvwss7FAwtHnhAnthIqZWH6JNP87/ap0gtmVUR
vVfb/JxdOc3dvJFpOOaRQqVieQguAi8rseTsBSLBtqMoHn3suqzdMw+plulMxVHo
nA0emKrUUGWk6WftKoDlB2tzvlx7YYWmtkbSndpi86g+QKAdxYKss7XCy25FBr7a
4eGLs8d0KbVeRoXr15ahhJTYk1klaalj75r5FHZlL6nGXMjKTmJ5HwzzCtMoZ15i
fGXyk2q+xMaNslb5cbr3bx+ldx6Qb2oS+yXF2V1j3M9hhk20bFiZkw7nXm6xu7KL
QP3dfwW7nM9xsyZS//VTFPxwHw1j3+wWOxqjAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU4joUW3KMn9n8/P/e0OTaoF5jIuswHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzRqb1VXM0tNbjluOF9Q
X2UwT1Rhb0Y1akl1cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAt/AgwDQYJKoZIhvcNAQELBQADggEBANJX3ELA2krjA7ZiICDijbt8eXegWRgo
TMt4dzm6TlKnvyBYj3gjX173SLDRD0iXo7g8wpgaeDxUSeHRP1tYXg1aivKhlDvW
g9IYdVAOyntiLjbjBHiME2XguNYapdBldmAfG/MybyVRbIc9jK608HCD5BpyRILZ
/885+l2FmVDKip4k0aneo3GBDUNGWZ851pqevR+1zVHwoiHBHgVILueOwTrllmFv
f+CATzdU6dtdTzjqvAq2pTN8mnibOk7vRLwBkXBVtxC1LmlFph1QEiutLZ4Ctk4J
O3Z5UjpG2waYbK6mjX1ECvv0+MNVxbaghUYxu8UNw02JF5Xo9SrMEyY=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:48:53 2025 by rpki-client