Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/BXPKiousXlhqOoWfBUspathq0-Y.roa
File: BXPKiousXlhqOoWfBUspathq0-Y.roa (raw, json)
Hash identifier: 16kAFAlHDacLfEES6Qzn6BsSImdhCVyGPt5Va1IC/ck=
Subject key identifier: 05:73:CA:8A:8B:AC:5E:58:6A:3A:85:9F:05:4B:29:6A:D8:6A:D3:E6
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1900
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/BXPKiousXlhqOoWfBUspathq0-Y.roa
Signing time: Fri 17 Jan 2025 01:25:55 +0000
ROA not before: Fri 17 Jan 2025 01:25:55 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139259
IP address blocks: 45.252.144.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6400 (0x1900)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:55 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=0573CA8A8BAC5E586A3A859F054B296AD86AD3E6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ce:c0:da:89:72:5a:46:66:f7:36:3e:d9:12:
fc:03:f1:2f:29:31:8b:5c:fd:bb:1c:e8:dc:86:68:
b2:52:db:8a:d7:21:49:4a:b7:7f:20:26:33:98:e3:
58:5f:1a:2c:e1:68:47:b3:6c:30:89:d3:55:39:09:
df:3c:d6:60:ee:60:a8:fd:1d:63:d4:1d:67:d5:28:
10:ce:63:de:5e:4f:dd:c5:b7:4f:4c:46:f0:d2:d6:
d1:0b:d6:3f:a0:26:6f:a1:95:1e:5a:0c:f1:df:5f:
a6:04:25:fe:19:35:e9:bd:5d:e2:ad:b1:85:03:4c:
85:90:c9:27:01:e1:22:3f:53:10:5f:cd:9f:77:c3:
26:41:20:22:cd:fd:47:63:26:36:ab:0e:77:9b:93:
c5:81:56:e7:6d:00:25:86:07:12:64:34:2a:48:2b:
83:35:e3:86:64:dc:50:db:7a:3e:de:6c:c8:4d:6d:
51:af:d0:44:22:9b:99:4c:b9:5e:a7:78:40:58:99:
59:50:b5:26:3e:cb:56:20:25:bc:2b:bb:1a:1e:73:
90:27:09:9e:65:af:d7:a8:95:b5:62:b6:a5:d0:0c:
42:7a:24:41:2a:f6:38:ff:de:7a:8b:4a:3e:1e:fa:
d6:1c:49:f3:40:90:4f:03:77:99:b7:77:e6:5e:0a:
ef:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:73:CA:8A:8B:AC:5E:58:6A:3A:85:9F:05:4B:29:6A:D8:6A:D3:E6
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/BXPKiousXlhqOoWfBUspathq0-Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.144.0/22
Signature Algorithm: sha256WithRSAEncryption
02:92:f2:dc:a2:25:81:bc:69:04:92:f2:57:6f:8e:a8:ec:34:
ce:08:f5:f7:50:a8:87:9a:ce:24:3e:b6:0c:52:de:08:24:e5:
9a:07:83:b0:e6:ee:a8:2c:44:3d:87:1f:3e:f8:64:1b:98:56:
7e:74:ab:a0:dc:49:c6:73:c5:44:c2:6f:33:fe:ff:94:2b:5f:
cc:7c:86:f0:98:19:28:a2:97:ad:40:68:95:6e:ac:53:0c:43:
25:b1:d0:e9:7b:4d:fd:a7:c6:3e:79:a4:12:2c:4d:94:61:39:
0e:c3:3f:d2:83:2b:da:b5:9f:dd:f3:88:d2:d1:ce:d9:08:f6:
69:98:f5:e2:7b:78:03:b4:ed:96:90:d3:87:16:8e:31:99:d9:
94:1e:9c:56:4e:a3:88:d1:9c:20:75:c0:00:51:99:a0:93:99:
09:a8:fd:c6:f7:3c:5a:0d:a2:e1:15:b8:95:50:dd:f7:6e:0a:
bd:37:f0:63:81:13:f0:3f:4d:a7:fa:35:93:cd:97:b1:2c:77:
c4:ed:02:24:43:dd:5c:11:3b:bb:1d:bd:8c:b7:dc:26:ec:18:
83:4f:5b:a3:b0:dc:33:15:86:df:56:01:2e:e6:bd:bd:3b:08:
a8:82:ad:eb:1f:d2:15:9f:e4:fa:21:9c:df:7e:05:6c:7a:f3:
33:b3:e6:b5
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGQAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1NTVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDA1NzNDQThBOEJBQzVF
NTg2QTNBODU5RjA1NEIyOTZBRDg2QUQzRTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRzsDaiXJaRmb3Nj7ZEvwD8S8pMYtc/bsc6NyGaLJS24rXIUlK
t38gJjOY41hfGizhaEezbDCJ01U5Cd881mDuYKj9HWPUHWfVKBDOY95eT93Ft09M
RvDS1tEL1j+gJm+hlR5aDPHfX6YEJf4ZNem9XeKtsYUDTIWQyScB4SI/UxBfzZ93
wyZBICLN/UdjJjarDnebk8WBVudtACWGBxJkNCpIK4M144Zk3FDbej7ebMhNbVGv
0EQim5lMuV6neEBYmVlQtSY+y1YgJbwruxoec5AnCZ5lr9eolbVitqXQDEJ6JEEq
9jj/3nqLSj4e+tYcSfNAkE8Dd5m3d+ZeCu/hAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUBXPKiousXlhqOoWfBUspathq0+YwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0JYUEtpb3VzWGxocU9v
V2ZCVXNwYXRocTAtWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAIt/JAwDQYJKoZIhvcNAQELBQADggEBAAKS8tyiJYG8aQSS8ldvjqjsNM4I9fdQ
qIeaziQ+tgxS3ggk5ZoHg7Dm7qgsRD2HHz74ZBuYVn50q6DcScZzxUTCbzP+/5Qr
X8x8hvCYGSiil61AaJVurFMMQyWx0Ol7Tf2nxj55pBIsTZRhOQ7DP9KDK9q1n93z
iNLRztkI9mmY9eJ7eAO07ZaQ04cWjjGZ2ZQenFZOo4jRnCB1wABRmaCTmQmo/cb3
PFoNouEVuJVQ3fduCr038GOBE/A/Taf6NZPNl7Esd8TtAiRD3VwRO7sdvYy33Cbs
GINPW6Ow3DMVht9WAS7mvb07CKiCresf0hWf5PohnN9+BWx68zOz5rU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:38:31 2025 by rpki-client