Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/SRELzN943dnqMOmdlDWdKl_2AGM.roa
File: SRELzN943dnqMOmdlDWdKl_2AGM.roa (raw, json)
Hash identifier: s+bgyveaK7Ink+2FH8HK6ZJyBViouXL6GMYWp9AOKvE=
Subject key identifier: 49:11:0B:CC:DF:78:DD:D9:EA:30:E9:9D:94:35:9D:2A:5F:F6:00:63
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1469
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/SRELzN943dnqMOmdlDWdKl_2AGM.roa
Signing time: Wed 11 Sep 2024 02:23:16 +0000
ROA not before: Wed 11 Sep 2024 02:23:16 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 139259
IP address blocks: 45.252.12.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5225 (0x1469)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:23:16 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=49110BCCDF78DDD9EA30E99D94359D2A5FF60063
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:9b:41:2f:2a:1b:bd:ea:75:7e:24:63:76:19:
e2:a9:b1:8c:f2:70:b4:a6:e9:55:25:89:f2:bf:b6:
f3:8f:db:3f:9a:3d:9b:a8:04:6a:4c:53:1a:c8:12:
cd:65:06:c3:d9:75:0d:5c:ce:90:0c:58:15:7d:ef:
cd:15:e6:54:cc:01:44:26:ff:eb:67:6b:20:55:78:
3e:2b:07:0f:76:3b:4a:5a:5c:e2:86:f0:e5:0b:b0:
ee:7a:72:86:24:dd:20:c7:9e:e0:31:6e:6f:0b:7a:
b9:0a:55:24:9a:5d:0a:84:f7:a1:5e:6a:e8:71:4c:
cf:d1:6d:80:63:4a:85:2d:f6:c1:6d:14:07:0f:90:
de:1e:3f:8b:3b:06:5b:1a:3f:d5:f5:3a:6c:ff:e6:
8f:09:55:bd:00:f5:a9:9c:d7:2c:e9:57:e8:10:e4:
88:1a:c6:0d:a7:28:57:46:63:8c:4d:d1:02:e4:47:
dd:9d:46:57:ea:de:30:74:f9:00:0a:16:e9:fc:ba:
76:cc:04:25:01:8c:22:11:cf:a1:97:df:b8:af:4d:
19:46:27:f3:5d:73:bd:12:58:33:12:67:3d:6d:42:
0d:a8:72:4f:14:83:ce:6a:55:49:c2:43:9a:82:da:
d4:8c:4b:d2:46:64:56:6e:ae:23:d2:3d:bf:15:d5:
f5:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:11:0B:CC:DF:78:DD:D9:EA:30:E9:9D:94:35:9D:2A:5F:F6:00:63
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/SRELzN943dnqMOmdlDWdKl_2AGM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.12.0/22
Signature Algorithm: sha256WithRSAEncryption
87:f2:a6:d3:fe:2b:96:35:5d:7e:b8:a2:76:c2:55:f6:69:f9:
e0:64:0e:1f:ac:aa:5d:97:78:93:8a:d5:74:52:56:53:36:11:
bb:dd:d1:f3:11:6b:f9:07:4c:bd:97:1d:96:a1:d8:81:ad:62:
ef:5b:2e:42:0c:4d:d3:26:80:24:7f:c1:1b:62:a2:d8:1f:2c:
5a:1c:60:45:2c:8e:ac:a0:31:2a:47:70:7c:50:26:25:cd:94:
39:72:b4:0f:bd:de:5e:b6:32:7d:f1:c3:b6:cc:7e:f6:b5:df:
e5:63:ba:16:5c:df:8c:7f:bb:86:66:36:d7:72:d4:73:dd:25:
dc:f3:bd:48:b5:be:5b:b8:77:35:3b:0e:01:1e:49:6b:e7:86:
57:ab:de:9e:f7:1e:12:2e:a8:f3:86:9a:1e:66:ff:55:e0:b5:
5c:90:af:5b:3f:a1:94:98:74:82:c0:01:91:2b:0b:bf:c2:76:
ac:82:94:d6:28:d8:18:fa:fa:0b:63:a5:85:73:38:49:4f:3d:
dd:0d:c4:c6:22:f0:0f:24:c9:81:57:ab:b4:49:0d:ef:16:93:
3c:00:b1:a7:67:60:05:d5:ee:94:2c:bc:38:0b:92:ca:39:36:
32:c7:fc:79:d4:46:ae:3f:ad:ae:c7:3a:9c:43:38:ca:2c:76:
ca:81:b5:32
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFGkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjIzMTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ5MTEwQkNDREY3OERE
RDlFQTMwRTk5RDk0MzU5RDJBNUZGNjAwNjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDam0EvKhu96nV+JGN2GeKpsYzycLSm6VUlifK/tvOP2z+aPZuo
BGpMUxrIEs1lBsPZdQ1czpAMWBV9780V5lTMAUQm/+tnayBVeD4rBw92O0paXOKG
8OULsO56coYk3SDHnuAxbm8LerkKVSSaXQqE96FeauhxTM/RbYBjSoUt9sFtFAcP
kN4eP4s7BlsaP9X1Omz/5o8JVb0A9amc1yzpV+gQ5Igaxg2nKFdGY4xN0QLkR92d
Rlfq3jB0+QAKFun8unbMBCUBjCIRz6GX37ivTRlGJ/Ndc70SWDMSZz1tQg2ock8U
g85qVUnCQ5qC2tSMS9JGZFZuriPSPb8V1fXdAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUSRELzN943dnqMOmdlDWdKl/2AGMwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1NSRUx6Tjk0M2RucU1P
bWRsRFdkS2xfMkFHTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAIt/AwwDQYJKoZIhvcNAQELBQADggEBAIfyptP+K5Y1XX64onbCVfZp+eBkDh+s
ql2XeJOK1XRSVlM2Ebvd0fMRa/kHTL2XHZah2IGtYu9bLkIMTdMmgCR/wRtiotgf
LFocYEUsjqygMSpHcHxQJiXNlDlytA+93l62Mn3xw7bMfva13+VjuhZc34x/u4Zm
Ntdy1HPdJdzzvUi1vlu4dzU7DgEeSWvnhler3p73HhIuqPOGmh5m/1XgtVyQr1s/
oZSYdILAAZErC7/CdqyClNYo2Bj6+gtjpYVzOElPPd0NxMYi8A8kyYFXq7RJDe8W
kzwAsadnYAXV7pQsvDgLkso5NjLH/HnURq4/ra7HOpxDOMosdsqBtTI=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:39:10 2025 by rpki-client