Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/7b96rVF5IOhoid1VhkP96uXCSTk.roa
File: 7b96rVF5IOhoid1VhkP96uXCSTk.roa (raw, json)
Hash identifier: pZVt97zTi7OS1trsmjSGVJ+KptYyMgW2c8EHEnMZ0hM=
Subject key identifier: ED:BF:7A:AD:51:79:20:E8:68:89:DD:55:86:43:FD:EA:E5:C2:49:39
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 18D7
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/7b96rVF5IOhoid1VhkP96uXCSTk.roa
Signing time: Fri 17 Jan 2025 01:25:39 +0000
ROA not before: Fri 17 Jan 2025 01:25:39 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 24373
IP address blocks: 45.252.20.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6359 (0x18d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:39 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=EDBF7AAD517920E86889DD558643FDEAE5C24939
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b0:16:db:7b:09:f5:8f:66:8a:40:f4:3e:a0:
f5:aa:ca:21:a1:af:a2:eb:e2:1a:93:6a:47:ae:f0:
a4:47:8c:ac:da:54:c2:fb:71:1a:01:7d:b4:a0:c8:
2b:e0:3e:66:96:5d:5b:81:83:4f:f8:59:71:1a:66:
8e:5d:a4:a0:39:83:f1:1b:76:32:37:28:46:f5:b8:
69:b7:18:32:5f:68:9d:5a:e3:8f:ba:81:24:67:c9:
24:b9:db:5e:09:e0:24:c7:e8:82:a6:3a:ca:94:1d:
1b:fc:03:9c:0c:c1:3b:8d:fb:a2:b4:31:ca:89:78:
8d:65:30:3b:91:4c:fb:83:fd:4c:64:1c:e3:99:3e:
f3:2d:a2:95:f2:1b:12:cc:6b:b5:f7:33:a7:77:4e:
30:02:31:3e:36:e7:13:25:c4:42:41:34:8c:02:59:
b8:c1:fb:5c:1e:dd:b3:be:b9:93:81:0e:52:47:c5:
f0:1f:76:c9:d4:7b:0e:3a:26:bb:66:50:34:a5:5c:
9e:4e:a1:7e:14:44:02:ff:ce:31:51:2a:b9:1e:d9:
c2:39:23:8f:84:76:47:c8:27:4e:85:20:87:32:5a:
80:94:72:4f:ba:e7:43:7a:97:e2:ff:74:e4:19:94:
c4:bc:7f:9d:3d:20:e0:91:0d:c5:9d:d7:44:98:27:
fa:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:BF:7A:AD:51:79:20:E8:68:89:DD:55:86:43:FD:EA:E5:C2:49:39
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/7b96rVF5IOhoid1VhkP96uXCSTk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.20.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:1f:eb:da:4a:69:40:fd:77:68:ac:db:1a:f2:08:1c:48:4a:
55:cc:ed:24:b4:2b:f8:4c:4b:88:70:d2:26:64:84:f0:45:45:
7e:d5:cc:1d:cc:43:a4:5c:3d:96:de:5e:5c:66:ff:7a:b0:82:
b7:59:3f:02:ea:4a:06:d3:25:7a:0a:b1:7c:c2:f2:42:79:a5:
aa:ae:18:bd:51:43:cd:db:9b:33:bd:1c:0e:2f:8a:e8:41:bd:
76:09:8d:2b:de:dd:13:72:9b:91:68:33:fe:97:f6:0b:ac:62:
89:62:4a:c3:71:88:af:db:1a:80:64:a2:b9:cb:ab:47:51:27:
d0:d2:a6:41:57:f3:46:39:04:e5:1f:4e:58:3c:9c:85:c7:92:
05:02:18:96:71:96:7a:10:64:2e:59:37:be:56:48:6b:12:2e:
2d:65:c6:e6:dd:3a:53:9c:c2:c5:3f:6e:94:53:c6:07:96:7c:
47:27:af:d2:25:a0:9e:bb:c7:60:2e:77:26:d9:8f:3a:75:ae:
cb:0c:9f:d8:2c:6e:db:d8:39:df:d1:96:54:f3:e1:d8:1c:5c:
e3:a1:b7:6a:cb:3c:9f:9d:79:94:f7:bc:f7:2a:21:9b:65:fa:
55:4e:65:d7:f2:a6:34:64:d7:60:4b:b3:3a:8f:2c:b3:3a:46:
bc:c4:87:85
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGNcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1MzlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEVEQkY3QUFENTE3OTIw
RTg2ODg5REQ1NTg2NDNGREVBRTVDMjQ5MzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxsBbbewn1j2aKQPQ+oPWqyiGhr6Lr4hqTakeu8KRHjKzaVML7
cRoBfbSgyCvgPmaWXVuBg0/4WXEaZo5dpKA5g/EbdjI3KEb1uGm3GDJfaJ1a44+6
gSRnySS5214J4CTH6IKmOsqUHRv8A5wMwTuN+6K0McqJeI1lMDuRTPuD/UxkHOOZ
PvMtopXyGxLMa7X3M6d3TjACMT425xMlxEJBNIwCWbjB+1we3bO+uZOBDlJHxfAf
dsnUew46JrtmUDSlXJ5OoX4URAL/zjFRKrke2cI5I4+EdkfIJ06FIIcyWoCUck+6
50N6l+L/dOQZlMS8f509IOCRDcWd10SYJ/o9AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU7b96rVF5IOhoid1VhkP96uXCSTkwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzdiOTZyVkY1SU9ob2lk
MVZoa1A5NnVYQ1NUay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAIt/BQwDQYJKoZIhvcNAQELBQADggEBAJof69pKaUD9d2is2xryCBxISlXM7SS0
K/hMS4hw0iZkhPBFRX7VzB3MQ6RcPZbeXlxm/3qwgrdZPwLqSgbTJXoKsXzC8kJ5
paquGL1RQ83bmzO9HA4viuhBvXYJjSve3RNym5FoM/6X9gusYoliSsNxiK/bGoBk
ornLq0dRJ9DSpkFX80Y5BOUfTlg8nIXHkgUCGJZxlnoQZC5ZN75WSGsSLi1lxubd
OlOcwsU/bpRTxgeWfEcnr9IloJ67x2AudybZjzp1rssMn9gsbtvYOd/RllTz4dgc
XOOht2rLPJ+deZT3vPcqIZtl+lVOZdfypjRk12BLszqPLLM6RrzEh4U=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:39:03 2025 by rpki-client