Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/R1-N53eNT9vXmBXjzhyzzoL-CfI.roa
File: R1-N53eNT9vXmBXjzhyzzoL-CfI.roa (raw, json)
Hash identifier: j7Nh8s2bKtby5eudue3xGrfVgZ0iTd//y/3fyJXFsyo=
Subject key identifier: 47:5F:8D:E7:77:8D:4F:DB:D7:98:15:E3:CE:1C:B3:CE:82:FE:09:F2
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1806
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/R1-N53eNT9vXmBXjzhyzzoL-CfI.roa
Signing time: Fri 17 Jan 2025 01:24:27 +0000
ROA not before: Fri 17 Jan 2025 01:24:27 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 138527
IP address blocks: 45.252.36.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6150 (0x1806)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:24:27 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=475F8DE7778D4FDBD79815E3CE1CB3CE82FE09F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:82:07:1e:68:e7:7a:b9:c3:35:37:74:11:98:
dc:13:c8:4e:ec:c1:55:19:62:57:12:b0:67:e8:33:
b4:b0:97:35:a9:29:af:36:c3:9a:d4:33:eb:27:2e:
b9:8d:db:5c:bb:12:b4:8f:53:b4:fc:cd:ee:e4:e7:
a2:52:6c:df:f2:cc:a5:e4:0a:f3:e2:b7:e7:63:cc:
0e:f8:81:e2:48:20:58:49:76:39:1c:11:cd:4e:62:
74:c7:cf:45:fa:d9:32:7a:76:fd:6b:92:83:48:81:
b6:0a:ed:02:05:5f:8e:f8:83:c4:9d:1e:2e:30:d1:
e1:25:9e:4b:36:d7:41:78:7a:ee:0a:e6:0c:07:78:
a4:c0:af:df:eb:6c:9c:1e:95:38:71:f0:e7:93:90:
6d:fe:c3:7d:fc:ec:7d:dc:8e:0f:0b:09:92:37:b7:
d8:7b:7f:8a:31:fa:a1:d3:46:6d:67:c3:71:63:7b:
c9:2e:49:a4:da:7f:a2:2c:b0:54:18:bb:38:d8:3a:
c7:63:4e:91:e9:99:08:cc:11:cc:56:86:2d:10:b6:
21:11:2e:8d:0b:60:1a:28:c4:ed:c9:fd:d3:3d:37:
07:81:86:ae:64:9f:68:b6:3a:58:5c:b1:67:b6:d5:
15:31:50:a9:c0:a4:b2:71:4c:dc:c5:6c:ee:cc:66:
6c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:5F:8D:E7:77:8D:4F:DB:D7:98:15:E3:CE:1C:B3:CE:82:FE:09:F2
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/R1-N53eNT9vXmBXjzhyzzoL-CfI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.36.0/22
Signature Algorithm: sha256WithRSAEncryption
40:b2:a8:e6:17:42:71:61:2a:5e:ec:48:96:4f:5f:60:fd:66:
43:44:44:f7:db:bc:9e:13:4b:5b:6f:18:54:4a:25:cf:ac:db:
b7:1e:a4:dc:2d:bd:56:1a:00:db:e0:dd:b5:27:da:d9:da:bf:
4a:86:28:28:12:6d:50:e8:27:9b:76:c5:9f:f9:3c:f9:48:ed:
52:f9:68:98:77:c8:82:d3:9f:50:0a:52:06:a8:70:46:c3:70:
bb:c9:b8:35:06:fa:49:e3:ee:1a:2a:a7:fa:34:47:83:79:15:
70:41:aa:4e:17:68:4b:01:2a:94:d8:00:70:a0:b5:7a:0b:c8:
d2:ad:51:9a:49:44:f0:18:59:b5:32:fb:2c:34:d9:e8:c4:ed:
63:b1:5c:54:b0:a0:64:33:b2:fd:6d:51:3d:94:9a:aa:f7:40:
3a:64:41:e2:85:aa:2b:41:c3:70:4a:01:da:14:92:cc:0b:84:
81:5b:b8:52:ba:fe:ac:ae:d5:33:07:4b:e1:10:41:59:4e:8d:
eb:8a:3d:00:27:7a:52:dd:16:ef:69:29:1e:64:41:12:2e:28:
b0:68:d6:cf:f2:af:10:89:5f:f3:43:5e:02:61:dd:c8:38:70:
f5:b5:f8:fc:b3:d9:e4:be:70:6e:8d:28:92:d0:41:59:5d:54:
9d:e8:cd:7c
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGAYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI0MjdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDQ3NUY4REU3Nzc4RDRG
REJENzk4MTVFM0NFMUNCM0NFODJGRTA5RjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZggceaOd6ucM1N3QRmNwTyE7swVUZYlcSsGfoM7SwlzWpKa82
w5rUM+snLrmN21y7ErSPU7T8ze7k56JSbN/yzKXkCvPit+djzA74geJIIFhJdjkc
Ec1OYnTHz0X62TJ6dv1rkoNIgbYK7QIFX474g8SdHi4w0eElnks210F4eu4K5gwH
eKTAr9/rbJwelThx8OeTkG3+w3387H3cjg8LCZI3t9h7f4ox+qHTRm1nw3Fje8ku
SaTaf6IssFQYuzjYOsdjTpHpmQjMEcxWhi0QtiERLo0LYBooxO3J/dM9NweBhq5k
n2i2OlhcsWe21RUxUKnApLJxTNzFbO7MZmxtAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUR1+N53eNT9vXmBXjzhyzzoL+CfIwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1IxLU41M2VOVDl2WG1C
WGp6aHl6em9MLUNmSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAIt/CQwDQYJKoZIhvcNAQELBQADggEBAECyqOYXQnFhKl7sSJZPX2D9ZkNERPfb
vJ4TS1tvGFRKJc+s27cepNwtvVYaANvg3bUn2tnav0qGKCgSbVDoJ5t2xZ/5PPlI
7VL5aJh3yILTn1AKUgaocEbDcLvJuDUG+knj7hoqp/o0R4N5FXBBqk4XaEsBKpTY
AHCgtXoLyNKtUZpJRPAYWbUy+yw02ejE7WOxXFSwoGQzsv1tUT2Umqr3QDpkQeKF
qitBw3BKAdoUkswLhIFbuFK6/qyu1TMHS+EQQVlOjeuKPQAnelLdFu9pKR5kQRIu
KLBo1s/yrxCJX/NDXgJh3cg4cPW1+Pyz2eS+cG6NKJLQQVldVJ3ozXw=
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:35:05 2025 by rpki-client