Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/R5TwmZX4ggr6m8M3ip-3Cplhy2Y.roa
File: R5TwmZX4ggr6m8M3ip-3Cplhy2Y.roa (raw, json)
Hash identifier: JODz0wGaGQkr+AFd/njUVBOL2kktMOoxx/8OLoIPLx8=
Subject key identifier: 47:94:F0:99:95:F8:82:0A:FA:9B:C3:37:8A:9F:B7:0A:99:61:CB:66
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 18C5
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/R5TwmZX4ggr6m8M3ip-3Cplhy2Y.roa
Signing time: Fri 17 Jan 2025 01:25:32 +0000
ROA not before: Fri 17 Jan 2025 01:25:32 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 24373
IP address blocks: 45.252.12.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6341 (0x18c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:32 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=4794F09995F8820AFA9BC3378A9FB70A9961CB66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:53:d2:60:97:10:13:5c:54:42:0b:a5:41:3e:
8e:f9:43:63:e9:b4:70:d1:de:c2:9e:e0:9d:e9:60:
1d:af:13:c1:d0:6f:ea:ff:61:10:fe:ff:8b:3f:f1:
21:54:66:c9:cb:f3:02:eb:20:c8:79:5c:45:89:84:
ce:62:52:35:8a:e1:1a:0e:0c:24:4c:48:da:2d:21:
f1:bc:d1:4d:3e:6d:2b:72:1f:e3:75:35:3c:dd:74:
91:df:a7:0a:3b:57:34:1e:72:e3:75:7c:bd:68:d9:
71:9d:b5:9f:53:88:1d:d5:86:5b:0f:ea:78:d3:6c:
56:f6:4c:87:cd:02:65:c2:12:fd:83:d5:1f:91:48:
a8:c4:52:bd:15:4c:90:0d:9c:64:17:60:76:01:59:
b6:15:df:47:8a:15:3e:93:9b:b1:4d:4c:72:0e:8a:
a7:64:55:5d:4d:19:03:03:26:a3:ed:43:34:88:74:
af:42:a8:1c:be:41:a1:7d:b4:4b:3d:3d:19:d3:86:
89:f1:7c:eb:85:d3:8b:b1:3a:e0:29:90:fc:7e:f0:
72:93:dd:ac:43:ce:8e:68:a1:88:ae:32:4f:33:2f:
16:4a:c6:7a:c6:9e:43:21:d2:36:c6:61:58:73:dd:
f3:6e:1e:ca:f0:e5:2e:56:2b:c6:8a:7a:74:fd:86:
5b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:94:F0:99:95:F8:82:0A:FA:9B:C3:37:8A:9F:B7:0A:99:61:CB:66
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/R5TwmZX4ggr6m8M3ip-3Cplhy2Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.12.0/22
Signature Algorithm: sha256WithRSAEncryption
ba:50:73:82:16:7e:c6:a4:4b:d4:e4:e6:d2:c0:fe:9c:97:ea:
d7:bc:40:c3:3f:6f:f8:9e:ff:49:76:de:03:6a:f9:d1:4d:c0:
08:4f:8e:03:d1:9a:6b:2a:94:7b:dc:08:03:9f:89:03:9c:2e:
d3:52:5c:35:04:de:47:2f:c6:9e:60:a1:25:c4:e0:02:63:4c:
8c:d9:bf:69:50:2d:41:ef:31:7a:97:c7:a9:ef:9a:f6:c1:1f:
98:01:ba:db:10:df:20:1c:a5:5d:db:93:43:23:7b:3f:36:80:
9d:a2:2f:b9:8f:86:35:eb:e2:cf:7f:2c:ec:59:a6:20:93:09:
21:91:c6:62:a3:51:e7:1f:a6:16:04:8d:85:48:cb:a8:c1:e7:
1c:d1:c5:8a:18:ae:3f:5a:a5:64:e0:27:e8:07:74:2a:38:c5:
a0:98:7e:1a:be:c5:45:57:f8:34:c1:34:c5:d7:82:4c:2c:25:
35:a2:b6:da:42:bd:97:e4:72:80:ce:e3:d3:86:69:cd:fb:44:
f6:af:e8:bc:e5:2e:31:63:09:e0:38:d0:78:f4:e3:e8:f3:73:
7a:61:df:6c:2c:5e:64:11:49:57:85:f0:f8:b0:62:53:f6:66:
d0:8e:b7:65:28:14:66:80:1a:a9:34:39:d9:0f:8c:e4:7c:f9:
3c:b7:95:4e
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGMUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1MzJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDQ3OTRGMDk5OTVGODgy
MEFGQTlCQzMzNzhBOUZCNzBBOTk2MUNCNjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCaU9JglxATXFRCC6VBPo75Q2PptHDR3sKe4J3pYB2vE8HQb+r/
YRD+/4s/8SFUZsnL8wLrIMh5XEWJhM5iUjWK4RoODCRMSNotIfG80U0+bStyH+N1
NTzddJHfpwo7VzQecuN1fL1o2XGdtZ9TiB3VhlsP6njTbFb2TIfNAmXCEv2D1R+R
SKjEUr0VTJANnGQXYHYBWbYV30eKFT6Tm7FNTHIOiqdkVV1NGQMDJqPtQzSIdK9C
qBy+QaF9tEs9PRnThonxfOuF04uxOuApkPx+8HKT3axDzo5ooYiuMk8zLxZKxnrG
nkMh0jbGYVhz3fNuHsrw5S5WK8aKenT9hlvNAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUR5TwmZX4ggr6m8M3ip+3Cplhy2YwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1I1VHdtWlg0Z2dyNm04
TTNpcC0zQ3BsaHkyWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAIt/AwwDQYJKoZIhvcNAQELBQADggEBALpQc4IWfsakS9Tk5tLA/pyX6te8QMM/
b/ie/0l23gNq+dFNwAhPjgPRmmsqlHvcCAOfiQOcLtNSXDUE3kcvxp5goSXE4AJj
TIzZv2lQLUHvMXqXx6nvmvbBH5gButsQ3yAcpV3bk0Mjez82gJ2iL7mPhjXr4s9/
LOxZpiCTCSGRxmKjUecfphYEjYVIy6jB5xzRxYoYrj9apWTgJ+gHdCo4xaCYfhq+
xUVX+DTBNMXXgkwsJTWittpCvZfkcoDO49OGac37RPav6LzlLjFjCeA40Hj04+jz
c3ph32wsXmQRSVeF8PiwYlP2ZtCOt2UoFGaAGqk0OdkPjOR8+Ty3lU4=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:29:38 2025 by rpki-client