Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/5aje5TZhWv-QBWaqjAXbJ4U_Syo.roa
File: 5aje5TZhWv-QBWaqjAXbJ4U_Syo.roa (raw, json)
Hash identifier: oTZ2FksDFygmx2Uqut38fkkdj0ai2DpOObPkchR2ap0=
Subject key identifier: E5:A8:DE:E5:36:61:5A:FF:90:05:66:AA:8C:05:DB:27:85:3F:4B:2A
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 12E5
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/5aje5TZhWv-QBWaqjAXbJ4U_Syo.roa
Signing time: Sat 29 Jun 2024 19:44:14 +0000
ROA not before: Sat 29 Jun 2024 19:44:14 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 21859
IP address blocks: 45.252.8.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4837 (0x12e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jun 29 19:44:14 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E5A8DEE536615AFF900566AA8C05DB27853F4B2A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b1:63:93:1c:7e:9f:3f:67:8f:d2:b6:79:7d:
27:78:80:61:cd:5d:56:ee:e1:47:96:cf:67:1f:c4:
5b:a9:80:41:0e:57:96:b0:d5:b8:30:d5:ec:b8:e4:
fd:a6:81:11:a4:10:22:53:fd:c1:5a:3f:66:2a:34:
17:99:1f:57:dc:01:c7:e4:e8:8f:99:a2:40:6e:97:
2b:40:3e:0d:78:42:fe:72:40:f4:cb:74:fc:15:18:
04:7a:db:1e:f7:31:e9:22:c4:0d:1f:a5:c6:70:48:
20:05:3f:b3:e9:44:2e:e2:b1:0d:53:d1:9a:f7:d8:
5b:e7:59:e6:11:8e:e1:0e:a8:f8:9d:45:f4:ad:64:
cd:a2:47:c6:ff:ae:73:ba:a9:2b:0b:74:19:30:1b:
17:28:8b:15:1c:81:1a:b6:80:88:be:2e:74:e9:53:
08:a3:4f:e2:8e:63:e8:6c:7c:82:65:72:9f:43:94:
b7:58:c3:1e:25:2e:e5:21:cc:3e:fd:94:57:35:d9:
7a:d7:14:c6:9f:dc:26:2d:d4:22:02:8a:88:c2:10:
b4:66:39:c6:2f:38:d4:b5:a1:e2:a0:52:39:d7:da:
44:0e:fe:40:c7:22:1c:c6:d9:6f:dd:a5:a1:44:ea:
6d:82:8b:46:ca:68:41:4d:70:da:20:c5:0b:e8:ee:
cc:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:A8:DE:E5:36:61:5A:FF:90:05:66:AA:8C:05:DB:27:85:3F:4B:2A
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/5aje5TZhWv-QBWaqjAXbJ4U_Syo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.8.0/24
Signature Algorithm: sha256WithRSAEncryption
67:b2:51:33:42:d0:88:df:55:6f:a8:56:32:40:93:a6:9b:cf:
75:d9:37:3c:e2:a3:54:10:c3:e1:83:de:df:f2:9d:0c:23:87:
02:ae:7e:98:58:68:fb:80:1d:9f:08:71:dd:3d:ee:88:b5:ed:
b0:e6:be:c3:09:e8:a3:68:ef:0a:7b:22:7b:10:99:80:8e:f3:
69:1c:d9:0d:31:9b:2b:8e:22:95:f0:a4:3d:1b:76:c4:4f:e9:
f3:f6:34:df:51:75:37:65:84:01:3d:16:14:d9:28:e4:d5:ea:
9d:8e:ee:99:88:78:4d:82:3b:3a:2d:db:a5:ae:3b:59:45:a5:
52:1e:5c:6e:a8:c6:1c:bd:f0:a1:15:9a:24:5b:27:32:1c:cb:
4d:8d:95:05:48:6c:1a:08:83:2c:99:b9:61:2e:03:08:9b:2f:
45:61:85:27:b2:53:c6:9c:d0:3f:20:89:21:7f:f5:96:12:75:
6d:46:b4:b5:38:c6:5a:48:a6:92:a4:5b:c8:61:56:88:7d:87:
a8:4e:0d:60:3f:6c:95:24:46:f0:93:8a:c1:02:8a:61:b5:98:
57:73:bd:08:f1:21:3d:72:55:86:b7:e9:52:d3:04:6c:aa:f0:
e6:23:ac:c3:13:31:53:d6:48:4d:f0:3e:58:ca:f1:d2:d9:1a:
73:91:47:1b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICEuUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA2Mjkx
OTQ0MTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU1QThERUU1MzY2MTVB
RkY5MDA1NjZBQThDMDVEQjI3ODUzRjRCMkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0sWOTHH6fP2eP0rZ5fSd4gGHNXVbu4UeWz2cfxFupgEEOV5aw
1bgw1ey45P2mgRGkECJT/cFaP2YqNBeZH1fcAcfk6I+ZokBulytAPg14Qv5yQPTL
dPwVGAR62x73MekixA0fpcZwSCAFP7PpRC7isQ1T0Zr32FvnWeYRjuEOqPidRfSt
ZM2iR8b/rnO6qSsLdBkwGxcoixUcgRq2gIi+LnTpUwijT+KOY+hsfIJlcp9DlLdY
wx4lLuUhzD79lFc12XrXFMaf3CYt1CICiojCELRmOcYvONS1oeKgUjnX2kQO/kDH
IhzG2W/dpaFE6m2Ci0bKaEFNcNogxQvo7sxFAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU5aje5TZhWv+QBWaqjAXbJ4U/SyowHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzVhamU1VFpoV3YtUUJX
YXFqQVhiSjRVX1N5by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAt/AgwDQYJKoZIhvcNAQELBQADggEBAGeyUTNC0IjfVW+oVjJAk6abz3XZNzzi
o1QQw+GD3t/ynQwjhwKufphYaPuAHZ8Icd097oi17bDmvsMJ6KNo7wp7InsQmYCO
82kc2Q0xmyuOIpXwpD0bdsRP6fP2NN9RdTdlhAE9FhTZKOTV6p2O7pmIeE2COzot
26WuO1lFpVIeXG6oxhy98KEVmiRbJzIcy02NlQVIbBoIgyyZuWEuAwibL0VhhSey
U8ac0D8giSF/9ZYSdW1GtLU4xlpIppKkW8hhVoh9h6hODWA/bJUkRvCTisECimG1
mFdzvQjxIT1yVYa36VLTBGyq8OYjrMMTMVPWSE3wPljK8dLZGnORRxs=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:32:42 2025 by rpki-client