Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/6nreZHxuWZJp1M4yPN7c5tvKQ-M.roa
File: 6nreZHxuWZJp1M4yPN7c5tvKQ-M.roa (raw, json)
Hash identifier: saM8pqGHt8Rb3MDlnTtwnk7+tYe4d1i+NQ/hROUm55c=
Subject key identifier: EA:7A:DE:64:7C:6E:59:92:69:D4:CE:32:3C:DE:DC:E6:DB:CA:43:E3
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 18A8
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/6nreZHxuWZJp1M4yPN7c5tvKQ-M.roa
Signing time: Fri 17 Jan 2025 01:25:23 +0000
ROA not before: Fri 17 Jan 2025 01:25:23 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 13444
IP address blocks: 45.252.103.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6312 (0x18a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:23 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=EA7ADE647C6E599269D4CE323CDEDCE6DBCA43E3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:90:17:f8:5c:c5:4c:1e:34:ce:d1:9b:c7:22:
ff:37:71:88:d1:a9:82:ea:0e:51:d0:3a:d6:c4:1e:
f6:91:07:63:34:40:a2:2c:80:d7:34:8f:cf:61:f0:
fd:f0:24:10:52:d2:ba:a1:68:9a:cd:67:7d:b6:49:
4f:89:58:dc:74:2e:64:c1:57:f9:6e:a4:41:d9:e7:
bb:41:85:25:5a:26:fd:69:71:b6:9e:cf:c2:9e:85:
b9:67:ee:82:a4:cb:74:79:75:80:d5:68:22:bd:e8:
dc:68:82:85:01:79:a4:1f:03:ee:51:ca:34:62:10:
a3:c2:83:db:ec:b3:32:30:50:40:e7:57:7f:e5:ad:
c4:0b:85:b6:ad:ab:d9:fd:be:ce:64:ce:fb:bb:90:
e6:e5:bb:e2:6a:f0:de:65:39:bf:a2:e1:c9:b4:da:
49:00:35:92:60:5c:e9:e7:ac:fe:d1:55:97:72:e5:
cf:d6:c1:c4:d0:4f:8b:ab:85:f1:42:ea:9e:c1:cd:
ba:58:71:39:d1:36:82:c9:c7:80:d7:2f:ce:ef:81:
63:e9:bf:af:65:7a:9f:ed:ef:a2:96:05:bc:16:38:
7c:47:cc:66:3e:83:7c:68:9b:ec:1b:89:32:51:b6:
af:fb:de:91:9b:17:12:04:d7:0f:19:fb:5e:bf:38:
3a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:7A:DE:64:7C:6E:59:92:69:D4:CE:32:3C:DE:DC:E6:DB:CA:43:E3
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/6nreZHxuWZJp1M4yPN7c5tvKQ-M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.103.0/24
Signature Algorithm: sha256WithRSAEncryption
89:b5:45:cc:e9:5d:87:e5:01:36:15:7e:3a:01:79:8b:73:41:
bc:7c:3a:3a:a2:87:af:33:c7:4d:2f:bc:10:b6:02:1c:35:50:
85:ac:b3:cd:73:3e:2c:4d:34:e5:41:b4:bf:9c:2f:0f:42:da:
11:20:d3:a1:37:4e:40:bc:5e:b0:d6:d9:8a:11:d6:0a:9d:f5:
c2:56:d2:a9:bc:a4:91:55:34:e8:b4:9a:97:31:34:1e:c9:6d:
f0:48:da:21:26:f4:b8:2b:ac:60:88:a4:e2:80:99:a9:90:87:
79:a6:0c:00:c5:af:31:31:57:8c:25:96:a2:5a:7b:e0:b4:96:
5b:a4:d3:a1:30:eb:7f:55:be:13:ea:88:d2:ee:a6:1d:53:b7:
79:b6:17:5a:48:63:c4:64:2f:6a:ec:5e:99:22:d5:4c:38:13:
2c:dd:0c:ca:c4:6d:8e:ed:ca:10:16:71:42:aa:6d:8e:aa:fa:
87:f8:9f:ae:b8:db:87:29:de:4f:cc:30:32:47:61:85:dd:51:
fb:6e:7c:4f:7f:e0:de:c2:30:ad:db:c3:4c:c7:41:06:52:21:
0d:40:2d:aa:fd:57:c8:e8:f0:d6:7f:63:40:99:8c:1f:4a:22:
fc:cf:c6:d8:0b:ca:a6:27:61:00:f1:40:89:e4:d4:be:bd:53:
72:b7:a8:d5
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGKgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1MjNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEVBN0FERTY0N0M2RTU5
OTI2OUQ0Q0UzMjNDREVEQ0U2REJDQTQzRTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDskBf4XMVMHjTO0ZvHIv83cYjRqYLqDlHQOtbEHvaRB2M0QKIs
gNc0j89h8P3wJBBS0rqhaJrNZ322SU+JWNx0LmTBV/lupEHZ57tBhSVaJv1pcbae
z8Kehbln7oKky3R5dYDVaCK96NxogoUBeaQfA+5RyjRiEKPCg9vsszIwUEDnV3/l
rcQLhbatq9n9vs5kzvu7kOblu+Jq8N5lOb+i4cm02kkANZJgXOnnrP7RVZdy5c/W
wcTQT4urhfFC6p7BzbpYcTnRNoLJx4DXL87vgWPpv69lep/t76KWBbwWOHxHzGY+
g3xom+wbiTJRtq/73pGbFxIE1w8Z+16/ODqHAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU6nreZHxuWZJp1M4yPN7c5tvKQ+MwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzZucmVaSHh1V1pKcDFN
NHlQTjdjNXR2S1EtTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAt/GcwDQYJKoZIhvcNAQELBQADggEBAIm1RczpXYflATYVfjoBeYtzQbx8Ojqi
h68zx00vvBC2Ahw1UIWss81zPixNNOVBtL+cLw9C2hEg06E3TkC8XrDW2YoR1gqd
9cJW0qm8pJFVNOi0mpcxNB7JbfBI2iEm9LgrrGCIpOKAmamQh3mmDADFrzExV4wl
lqJae+C0lluk06Ew639VvhPqiNLuph1Tt3m2F1pIY8RkL2rsXpki1Uw4EyzdDMrE
bY7tyhAWcUKqbY6q+of4n66424cp3k/MMDJHYYXdUftufE9/4N7CMK3bw0zHQQZS
IQ1ALar9V8jo8NZ/Y0CZjB9KIvzPxtgLyqYnYQDxQInk1L69U3K3qNU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:42:37 2025 by rpki-client