Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/8zcG8rJRFsFSMXhNB2gTJpZvxq4.roa
File: 8zcG8rJRFsFSMXhNB2gTJpZvxq4.roa (raw, json)
Hash identifier: 0RI5FyIcbXWePvg45tt+uJu66JcqlKXmIAoKAtdCAVE=
Subject key identifier: F3:37:06:F2:B2:51:16:C1:52:31:78:4D:07:68:13:26:96:6F:C6:AE
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 08C3
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/8zcG8rJRFsFSMXhNB2gTJpZvxq4.roa
Signing time: Mon 14 Aug 2023 04:34:24 +0000
ROA not before: Mon 14 Aug 2023 04:34:24 +0000
ROA not after: Fri 07 Jun 2024 02:16:11 +0000
asID: 21859
IP address blocks: 45.252.8.0/24 maxlen: 24
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2243 (0x8c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Aug 14 04:34:24 2023 GMT
Not After : Jun 7 02:16:11 2024 GMT
Subject: CN=F33706F2B25116C15231784D07681326966FC6AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8d:f2:84:04:89:31:c6:a4:b8:35:0f:b8:b2:
b4:3e:06:4a:05:98:57:d1:a3:98:8e:ea:9d:8e:dc:
bd:ac:5c:43:74:c6:12:fb:bb:e9:ec:cf:71:8c:69:
43:87:3c:72:ab:30:f7:fc:c3:0d:1e:f6:cb:ef:58:
8a:ff:75:1f:d4:0b:d0:2b:f9:9c:b6:a2:6f:41:73:
d4:19:2c:bf:2b:8e:e3:be:8f:42:8f:88:44:d8:ae:
3a:f6:77:8e:bb:90:24:b7:72:88:f0:d9:b5:c8:7f:
d9:b7:77:5e:a7:6e:5b:52:38:13:e3:3f:0b:f3:d6:
12:bf:a0:b9:40:38:b5:f4:0c:e5:10:f0:e1:1a:52:
35:36:3a:26:73:93:d9:57:64:e8:e8:2d:c0:b5:29:
51:a3:d0:ae:e7:dd:2d:5d:ca:fc:99:39:a9:70:f0:
c8:45:4a:54:bb:b4:a9:24:94:d4:bd:8d:fa:b6:5d:
4d:40:a3:60:25:86:53:94:c8:bb:bf:ce:4f:92:3b:
cd:6f:fd:04:c4:ba:2e:08:1a:e4:35:40:26:27:af:
d8:16:60:97:4c:51:8b:a8:5d:e5:c6:c4:43:01:a8:
a2:9a:32:15:e5:dc:49:f3:10:e9:ca:d6:06:76:4f:
18:c6:7d:9a:b9:10:ae:22:a0:b4:f8:3c:3a:8c:ec:
19:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:37:06:F2:B2:51:16:C1:52:31:78:4D:07:68:13:26:96:6F:C6:AE
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/8zcG8rJRFsFSMXhNB2gTJpZvxq4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.8.0/24
Signature Algorithm: sha256WithRSAEncryption
d8:d6:12:ac:46:50:91:a4:25:17:9a:1e:0a:8b:2a:3a:2a:92:
20:fc:17:0d:f9:05:07:00:df:25:42:dd:59:3b:08:bc:1f:60:
f3:42:9d:ce:32:ea:83:29:7c:c4:b4:cc:07:e7:b7:b1:de:6c:
9d:bc:73:02:71:1e:f0:85:50:ef:9b:3e:a9:33:54:25:3e:09:
32:95:da:e6:cc:04:32:20:e7:c8:ae:c4:44:21:70:a2:eb:fc:
ec:48:6f:c7:6d:7f:86:57:42:60:e0:22:90:fe:d9:f5:d4:fd:
4b:77:5d:11:78:7a:2b:61:2e:f6:99:d2:c8:58:fa:f1:99:ca:
22:81:69:47:76:5c:33:3d:ee:0f:a8:4a:05:01:c1:17:b9:85:
4c:15:ab:8e:39:d1:51:43:fa:22:e2:41:87:e0:12:bc:03:3c:
1a:89:40:3d:a1:0a:38:05:93:bb:39:1d:ba:df:2d:01:bf:b8:
ef:29:99:b4:bd:6e:60:6c:db:b8:38:d8:59:13:bc:25:bc:3c:
ce:6d:59:2d:31:7a:6e:43:0c:9f:69:af:83:16:1a:6a:67:7a:
6e:2b:f0:a7:0f:1a:22:21:1d:79:d1:13:90:42:53:ff:58:1d:
00:c4:a5:17:bf:a3:3b:43:d3:07:48:47:f7:4a:22:7a:a8:57:
4d:36:c1:84
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICCMMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yMzA4MTQw
NDM0MjRaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKEYzMzcwNkYyQjI1MTE2
QzE1MjMxNzg0RDA3NjgxMzI2OTY2RkM2QUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvjfKEBIkxxqS4NQ+4srQ+BkoFmFfRo5iO6p2O3L2sXEN0xhL7
u+nsz3GMaUOHPHKrMPf8ww0e9svvWIr/dR/UC9Ar+Zy2om9Bc9QZLL8rjuO+j0KP
iETYrjr2d467kCS3cojw2bXIf9m3d16nbltSOBPjPwvz1hK/oLlAOLX0DOUQ8OEa
UjU2OiZzk9lXZOjoLcC1KVGj0K7n3S1dyvyZOalw8MhFSlS7tKkklNS9jfq2XU1A
o2AlhlOUyLu/zk+SO81v/QTEui4IGuQ1QCYnr9gWYJdMUYuoXeXGxEMBqKKaMhXl
3EnzEOnK1gZ2TxjGfZq5EK4ioLT4PDqM7BmXAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU8zcG8rJRFsFSMXhNB2gTJpZvxq4wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3Lzh6Y0c4ckpSRnNGU01Y
aE5CMmdUSnBadnhxNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAt/AgwDQYJKoZIhvcNAQELBQADggEBANjWEqxGUJGkJReaHgqLKjoqkiD8Fw35
BQcA3yVC3Vk7CLwfYPNCnc4y6oMpfMS0zAfnt7HebJ28cwJxHvCFUO+bPqkzVCU+
CTKV2ubMBDIg58iuxEQhcKLr/OxIb8dtf4ZXQmDgIpD+2fXU/Ut3XRF4eithLvaZ
0shY+vGZyiKBaUd2XDM97g+oSgUBwRe5hUwVq4450VFD+iLiQYfgErwDPBqJQD2h
CjgFk7s5HbrfLQG/uO8pmbS9bmBs27g42FkTvCW8PM5tWS0xem5DDJ9pr4MWGmpn
em4r8KcPGiIhHXnRE5BCU/9YHQDEpRe/oztD0wdIR/dKInqoV002wYQ=
-----END CERTIFICATE-----
Generated at Fri Jun 7 03:29:12 2024 by rpki-client on console-fra.rpki-client.org