Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/Qf1BVzbq5Xn3pxFFQ8ZjkvKPVb8.roa
File: Qf1BVzbq5Xn3pxFFQ8ZjkvKPVb8.roa (raw, json)
Hash identifier: EVYLmcmrGppQAQtdIhBXWni/NA5zVMeArtAjp9EY62w=
Subject key identifier: 41:FD:41:57:36:EA:E5:79:F7:A7:11:45:43:C6:63:92:F2:8F:55:BF
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 14B0
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/Qf1BVzbq5Xn3pxFFQ8ZjkvKPVb8.roa
Signing time: Wed 11 Sep 2024 02:23:40 +0000
ROA not before: Wed 11 Sep 2024 02:23:40 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 138527
IP address blocks: 45.252.28.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5296 (0x14b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:23:40 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=41FD415736EAE579F7A7114543C66392F28F55BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ea:c0:6b:d3:42:31:92:73:28:22:30:44:11:
f2:9a:c6:4b:0e:59:f7:25:ce:9d:bd:e3:da:1a:c8:
00:32:ab:08:53:c9:5b:f8:d1:2a:db:90:6d:0d:82:
1c:71:52:cd:ca:47:ca:6e:a3:09:93:3e:51:a9:aa:
6d:72:d0:76:2d:a6:90:89:b8:8e:d9:99:84:1a:c0:
40:e3:16:61:01:ba:8a:74:73:e2:02:49:c6:9a:f3:
61:da:c5:2e:96:df:ba:46:1b:ad:d0:92:65:e6:39:
03:f3:f5:50:d0:6e:ae:72:0f:13:9a:1c:c1:8a:3a:
a6:c3:f4:56:05:49:0a:3a:5e:8a:5b:f9:6d:5c:43:
06:18:e8:9c:29:90:c9:26:af:c2:20:a0:45:0c:c1:
01:03:32:77:90:1f:02:63:71:27:93:a1:84:0a:12:
9e:d1:75:ae:70:bb:de:88:6f:56:27:34:cd:f5:03:
65:55:d2:f5:b7:ea:34:58:7d:d2:1b:7b:bb:11:76:
98:8c:65:49:6c:ef:50:4d:11:24:f0:14:d8:d8:25:
8d:d2:a7:f2:9d:2c:47:e7:5d:ac:fe:47:8d:1d:f9:
86:53:64:57:bd:24:2f:f9:cb:7e:d5:3f:cb:b8:97:
db:ea:7e:6a:49:87:f8:00:46:f8:49:d1:d2:1d:61:
63:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:FD:41:57:36:EA:E5:79:F7:A7:11:45:43:C6:63:92:F2:8F:55:BF
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/Qf1BVzbq5Xn3pxFFQ8ZjkvKPVb8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.28.0/22
Signature Algorithm: sha256WithRSAEncryption
be:03:42:84:ff:d4:78:76:d8:aa:9f:e0:48:d7:a2:72:0a:8f:
01:3e:f1:5a:a5:f1:a7:34:74:29:a3:74:e7:fb:cb:b1:86:3f:
63:e8:dd:16:db:0b:51:70:5d:76:58:0f:25:2f:25:b8:43:4e:
14:5d:7f:79:13:a4:30:7b:37:e7:4a:18:c4:eb:b1:dc:ad:92:
e1:77:be:1a:a3:3c:06:44:b2:d8:1d:6d:b2:02:29:04:12:73:
2d:b3:85:71:bd:39:b5:2a:bb:9d:cf:9e:63:91:48:8e:72:92:
1e:79:2d:d9:ea:01:3a:75:bb:16:77:7f:77:a7:02:4d:c7:1a:
a8:28:fb:bc:f2:0a:37:78:e8:29:7d:c7:af:a0:b6:1c:97:98:
3e:4b:ce:7c:e9:76:36:e0:8c:60:ff:9e:91:bd:aa:dc:50:78:
7e:ce:15:14:0d:8c:be:a1:d6:63:0e:28:e5:83:1a:17:b6:d2:
85:83:c6:6d:23:bf:15:a1:07:69:92:c7:b4:d9:bd:af:ad:7b:
1c:ec:5a:27:aa:62:fa:96:a3:d6:e5:26:7f:cb:a8:72:92:2b:
76:b1:f0:fe:69:f7:ed:5b:d3:f3:d2:2a:da:bd:a8:5e:fe:89:
e1:1d:89:00:f4:c0:44:aa:b3:19:37:24:cc:28:34:61:db:38:
cb:1c:ca:05
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFLAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjIzNDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQxRkQ0MTU3MzZFQUU1
NzlGN0E3MTE0NTQzQzY2MzkyRjI4RjU1QkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDH6sBr00IxknMoIjBEEfKaxksOWfclzp2949oayAAyqwhTyVv4
0SrbkG0NghxxUs3KR8puowmTPlGpqm1y0HYtppCJuI7ZmYQawEDjFmEBuop0c+IC
Scaa82HaxS6W37pGG63QkmXmOQPz9VDQbq5yDxOaHMGKOqbD9FYFSQo6Xopb+W1c
QwYY6JwpkMkmr8IgoEUMwQEDMneQHwJjcSeToYQKEp7Rda5wu96Ib1YnNM31A2VV
0vW36jRYfdIbe7sRdpiMZUls71BNESTwFNjYJY3Sp/KdLEfnXaz+R40d+YZTZFe9
JC/5y37VP8u4l9vqfmpJh/gARvhJ0dIdYWMvAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUQf1BVzbq5Xn3pxFFQ8ZjkvKPVb8wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1FmMUJWemJxNVhuM3B4
RkZROFpqa3ZLUFZiOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAIt/BwwDQYJKoZIhvcNAQELBQADggEBAL4DQoT/1Hh22Kqf4EjXonIKjwE+8Vql
8ac0dCmjdOf7y7GGP2Po3RbbC1FwXXZYDyUvJbhDThRdf3kTpDB7N+dKGMTrsdyt
kuF3vhqjPAZEstgdbbICKQQScy2zhXG9ObUqu53PnmORSI5ykh55LdnqATp1uxZ3
f3enAk3HGqgo+7zyCjd46Cl9x6+gthyXmD5LznzpdjbgjGD/npG9qtxQeH7OFRQN
jL6h1mMOKOWDGhe20oWDxm0jvxWhB2mSx7TZva+texzsWieqYvqWo9blJn/LqHKS
K3ax8P5p9+1b0/PSKtq9qF7+ieEdiQD0wESqsxk3JMwoNGHbOMscygU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:45:22 2025 by rpki-client