Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/C22SiKiaoC0o9WMjmvpq1k6LGVQ.roa
File: C22SiKiaoC0o9WMjmvpq1k6LGVQ.roa (raw, json)
Hash identifier: CkuDc1+v0doEmUrCmEStXjaC9+qaKAFXs6R9uv/W4zI=
Subject key identifier: 0B:6D:92:88:A8:9A:A0:2D:28:F5:63:23:9A:FA:6A:D6:4E:8B:19:54
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1861
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/C22SiKiaoC0o9WMjmvpq1k6LGVQ.roa
Signing time: Fri 17 Jan 2025 01:25:00 +0000
ROA not before: Fri 17 Jan 2025 01:25:00 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 4812
IP address blocks: 43.254.152.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6241 (0x1861)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:00 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=0B6D9288A89AA02D28F563239AFA6AD64E8B1954
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f8:0a:42:1a:f1:7f:e6:4b:7b:93:47:e1:7f:
cd:39:06:df:96:24:b5:6d:0e:7e:95:fd:4a:f5:9f:
10:3f:6d:4c:85:00:b1:2f:f1:99:ba:d5:39:91:ca:
a3:f4:7a:1f:89:b7:0f:0f:a6:00:df:51:e3:78:8a:
c7:5d:a8:2d:d1:9e:3b:b3:76:e3:9f:55:27:a6:a5:
3e:92:c1:3d:14:bc:80:ec:34:45:c1:65:1d:4d:35:
58:cd:cd:20:f6:73:6e:ae:96:b3:1d:59:91:16:c5:
af:f8:d4:05:7d:96:27:9f:a8:07:49:7b:99:f8:6f:
05:8c:11:d1:79:de:47:f0:4d:ef:af:a9:64:d1:2d:
ab:59:1d:d2:e4:bc:6d:16:6f:c0:a6:42:92:6e:3e:
b4:82:52:6b:e0:74:be:2e:60:88:5b:5c:03:2c:0e:
45:2c:29:9d:34:e6:09:92:d0:68:2c:99:f2:17:38:
ec:15:0e:5f:a9:21:67:3b:42:62:59:f0:b9:92:e3:
f7:28:ae:af:e8:a3:1d:12:df:7e:4e:07:a4:b7:3c:
95:92:2c:33:a2:a3:b2:e3:d2:47:dd:ca:02:91:5f:
a3:29:4b:af:46:11:9b:93:56:3c:6c:58:86:cb:7c:
bd:d9:13:d0:81:77:c7:5e:ae:8b:ca:c3:8f:fa:ba:
5c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:6D:92:88:A8:9A:A0:2D:28:F5:63:23:9A:FA:6A:D6:4E:8B:19:54
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/C22SiKiaoC0o9WMjmvpq1k6LGVQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.152.0/24
Signature Algorithm: sha256WithRSAEncryption
80:f2:10:ef:ea:5b:d5:a2:04:a1:06:ca:7e:49:e2:12:5d:30:
c3:72:ff:d0:39:26:ca:ba:f6:d0:4e:4a:f4:71:f6:10:07:a1:
93:bc:1e:e5:aa:ef:69:4e:d5:cb:23:ff:a9:17:38:0d:da:79:
6f:b7:b6:15:4a:ce:13:66:7a:28:3b:89:f5:bb:d2:f7:3e:16:
38:30:ca:47:12:a4:4f:14:45:1f:8c:28:07:d5:95:56:9c:a2:
a2:8e:d4:1f:79:8d:b3:28:77:f8:c2:dd:94:c9:00:6d:a8:89:
b9:51:3a:f4:27:fb:f0:3f:e3:c4:e6:0f:2f:90:81:8b:9b:2d:
a1:e5:d2:59:e4:23:0e:cc:a6:2a:49:dc:9f:58:78:32:5e:08:
e1:d6:8c:ca:87:05:b2:56:f2:9e:24:6b:e0:55:9c:ca:b3:98:
45:de:0e:60:4e:29:80:ea:a6:82:e4:3b:1f:13:79:92:64:25:
86:51:49:8e:e5:ca:58:be:2e:a1:8d:29:2b:c0:af:13:59:09:
a9:5d:59:08:a6:95:4e:a8:71:89:c6:b7:1e:16:f7:f7:c0:20:
dd:92:c7:50:a3:a7:82:de:cd:a3:9c:55:ba:94:36:5e:28:93:
65:ac:de:9b:4f:ec:9b:95:37:9a:4d:5d:46:bc:55:7e:5e:15:
65:07:b9:79
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGGEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1MDBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDBCNkQ5Mjg4QTg5QUEw
MkQyOEY1NjMyMzlBRkE2QUQ2NEU4QjE5NTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCz+ApCGvF/5kt7k0fhf805Bt+WJLVtDn6V/Ur1nxA/bUyFALEv
8Zm61TmRyqP0eh+Jtw8PpgDfUeN4isddqC3RnjuzduOfVSempT6SwT0UvIDsNEXB
ZR1NNVjNzSD2c26ulrMdWZEWxa/41AV9liefqAdJe5n4bwWMEdF53kfwTe+vqWTR
LatZHdLkvG0Wb8CmQpJuPrSCUmvgdL4uYIhbXAMsDkUsKZ005gmS0GgsmfIXOOwV
Dl+pIWc7QmJZ8LmS4/corq/oox0S335OB6S3PJWSLDOio7Lj0kfdygKRX6MpS69G
EZuTVjxsWIbLfL3ZE9CBd8derovKw4/6ulzpAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUC22SiKiaoC0o9WMjmvpq1k6LGVQwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0MyMlNpS2lhb0MwbzlX
TWptdnBxMWs2TEdWUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAr/pgwDQYJKoZIhvcNAQELBQADggEBAIDyEO/qW9WiBKEGyn5J4hJdMMNy/9A5
Jsq69tBOSvRx9hAHoZO8HuWq72lO1csj/6kXOA3aeW+3thVKzhNmeig7ifW70vc+
FjgwykcSpE8URR+MKAfVlVacoqKO1B95jbMod/jC3ZTJAG2oiblROvQn+/A/48Tm
Dy+QgYubLaHl0lnkIw7MpipJ3J9YeDJeCOHWjMqHBbJW8p4ka+BVnMqzmEXeDmBO
KYDqpoLkOx8TeZJkJYZRSY7lyli+LqGNKSvArxNZCaldWQimlU6ocYnGtx4W9/fA
IN2Sx1Cjp4LezaOcVbqUNl4ok2Ws3ptP7JuVN5pNXUa8VX5eFWUHuXk=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:34:26 2025 by rpki-client