Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/N0l0WD7engb5Nqj5IQ1onwH1HSg.roa
File: N0l0WD7engb5Nqj5IQ1onwH1HSg.roa (raw, json)
Hash identifier: O4VApB18IQS6QNKecIKHUhiQQuRqhICjmsBg1jxfA7A=
Subject key identifier: 37:49:74:58:3E:DE:9E:06:F9:36:A8:F9:21:0D:68:9F:01:F5:1D:28
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 156E
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/N0l0WD7engb5Nqj5IQ1onwH1HSg.roa
Signing time: Wed 11 Sep 2024 04:04:12 +0000
ROA not before: Wed 11 Sep 2024 04:04:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 139259
IP address blocks: 45.252.100.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5486 (0x156e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 04:04:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=374974583EDE9E06F936A8F9210D689F01F51D28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:11:5a:99:1c:d1:16:f4:cc:90:75:01:f8:3b:
1d:31:9d:7a:f5:58:c4:02:3f:27:9d:0a:d8:eb:42:
06:5e:42:14:b9:83:54:e7:e6:eb:61:bb:07:43:6d:
03:ae:c2:1c:ae:51:a3:f1:ba:d5:2b:ca:e2:0e:a6:
88:bc:cb:f6:35:a8:dc:cb:01:54:24:0b:29:14:fa:
7d:dd:81:5b:0c:56:6d:9b:11:2d:da:15:a3:98:42:
5b:20:8b:51:cb:71:7e:d6:c0:af:63:63:65:2f:be:
05:23:b9:de:c5:77:7c:ff:0f:3b:b7:ae:0b:ff:0e:
f2:97:4e:09:a2:77:be:73:f0:8e:b5:02:d3:12:de:
39:e2:28:fa:36:87:06:bc:86:3c:b5:12:b7:1d:0e:
a1:db:c9:2c:3e:f2:b4:a6:90:87:5f:92:bf:cd:db:
6b:9c:bf:37:07:97:a8:39:88:8c:46:d0:03:1d:6e:
ed:15:3d:74:fa:c4:d9:f5:28:c3:f1:99:64:08:0f:
04:f5:97:dc:88:7e:e0:48:b3:21:b5:3f:52:37:96:
77:56:83:c0:d0:78:ac:e3:a5:8d:9b:60:c0:d0:c3:
2e:c8:c1:88:97:56:a5:d6:67:23:6d:9f:88:b3:e9:
0b:f5:52:b2:9f:75:4e:fc:80:36:bd:44:d3:6d:ca:
ea:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:49:74:58:3E:DE:9E:06:F9:36:A8:F9:21:0D:68:9F:01:F5:1D:28
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/N0l0WD7engb5Nqj5IQ1onwH1HSg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.100.0/24
Signature Algorithm: sha256WithRSAEncryption
35:9c:35:5c:d8:4d:94:33:4e:80:2b:ba:02:42:40:d9:27:88:
6a:4c:c9:8f:c7:47:f0:c1:d6:86:dc:66:03:d7:80:5f:e3:a1:
ad:f8:77:cd:75:f6:7d:b9:d9:56:59:38:20:a4:fa:20:fd:82:
1e:65:73:37:7b:2a:02:d1:76:3d:c7:56:0f:aa:47:19:d7:4b:
99:df:ed:37:9e:1e:38:54:2e:9d:27:67:db:1e:4a:69:b8:b8:
6b:0f:c6:f2:11:a8:56:5e:cd:11:d3:8e:91:a1:cb:81:0a:39:
ff:87:d3:fe:7e:42:89:cb:05:97:29:4c:c4:29:ec:e0:b0:13:
ad:43:91:1f:65:79:bc:31:3a:6f:68:42:10:dc:72:70:94:d0:
1a:94:29:ee:93:50:ea:5f:bd:da:64:fc:82:17:4b:4a:7b:37:
43:44:5d:b2:d5:fc:94:c1:9e:c2:72:91:f2:f6:b6:ec:60:d7:
7c:3b:fe:f8:b4:d5:9a:9d:0a:5c:cc:b2:d1:c3:78:8b:0b:23:
e2:87:9d:89:66:37:ca:c7:8a:12:ab:40:cb:80:ee:d1:f0:c5:
a5:8a:39:a8:aa:31:b7:27:ab:be:56:27:cb:60:db:57:5d:30:
97:25:45:68:b0:16:c9:b0:c3:c1:e3:1c:57:43:ca:ad:d6:9d:
35:27:d3:d0
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFW4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
NDA0MTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM3NDk3NDU4M0VERTlF
MDZGOTM2QThGOTIxMEQ2ODlGMDFGNTFEMjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7EVqZHNEW9MyQdQH4Ox0xnXr1WMQCPyedCtjrQgZeQhS5g1Tn
5uthuwdDbQOuwhyuUaPxutUryuIOpoi8y/Y1qNzLAVQkCykU+n3dgVsMVm2bES3a
FaOYQlsgi1HLcX7WwK9jY2UvvgUjud7Fd3z/Dzu3rgv/DvKXTgmid75z8I61AtMS
3jniKPo2hwa8hjy1ErcdDqHbySw+8rSmkIdfkr/N22ucvzcHl6g5iIxG0AMdbu0V
PXT6xNn1KMPxmWQIDwT1l9yIfuBIsyG1P1I3lndWg8DQeKzjpY2bYMDQwy7IwYiX
VqXWZyNtn4iz6Qv1UrKfdU78gDa9RNNtyurVAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUN0l0WD7engb5Nqj5IQ1onwH1HSgwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L04wbDBXRDdlbmdiNU5x
ajVJUTFvbndIMUhTZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAt/GQwDQYJKoZIhvcNAQELBQADggEBADWcNVzYTZQzToArugJCQNkniGpMyY/H
R/DB1obcZgPXgF/joa34d8119n252VZZOCCk+iD9gh5lczd7KgLRdj3HVg+qRxnX
S5nf7TeeHjhULp0nZ9seSmm4uGsPxvIRqFZezRHTjpGhy4EKOf+H0/5+QonLBZcp
TMQp7OCwE61DkR9lebwxOm9oQhDccnCU0BqUKe6TUOpfvdpk/IIXS0p7N0NEXbLV
/JTBnsJykfL2tuxg13w7/vi01ZqdClzMstHDeIsLI+KHnYlmN8rHihKrQMuA7tHw
xaWKOaiqMbcnq75WJ8tg21ddMJclRWiwFsmww8HjHFdDyq3WnTUn09A=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:21 2025 by rpki-client