Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/TEf3kJkUByLaCZeGoxcJs9tBRII.roa
File: TEf3kJkUByLaCZeGoxcJs9tBRII.roa (raw, json)
Hash identifier: gwXG8ODy079IvS/bLCiJ8WCaK94bA7eFAiz5F0G5SlM=
Subject key identifier: 4C:47:F7:90:99:14:07:22:DA:09:97:86:A3:17:09:B3:DB:41:44:82
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1875
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/TEf3kJkUByLaCZeGoxcJs9tBRII.roa
Signing time: Fri 17 Jan 2025 01:25:05 +0000
ROA not before: Fri 17 Jan 2025 01:25:05 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 24373
IP address blocks: 45.252.100.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6261 (0x1875)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:05 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=4C47F79099140722DA099786A31709B3DB414482
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:61:be:f2:fe:28:b9:e9:06:6f:b1:ef:dd:46:
fe:61:17:0a:a2:fa:f1:84:e4:59:eb:d0:5f:2e:8b:
12:b9:55:be:cb:31:42:51:7e:d7:ee:15:1a:bc:4a:
0a:d9:a0:24:2d:bb:8b:42:df:ce:cf:32:fb:55:f0:
94:5e:72:2d:b5:3c:81:ba:9e:48:8e:9c:4c:fa:40:
a9:d3:ec:f6:91:a6:10:bb:fd:3b:75:97:22:98:8a:
3d:e7:e7:65:3f:11:b6:9c:a2:f1:bd:ad:c7:3e:67:
e9:4f:7c:9f:d9:b6:cb:fd:bf:01:c5:c6:f4:41:53:
1a:ac:f9:c9:1b:0e:e2:27:f8:cb:21:bd:c6:99:10:
75:ff:e2:97:d5:14:11:ff:c7:b8:b4:bd:c9:aa:e0:
c2:09:40:c8:9e:ea:4f:67:dd:95:db:37:d9:11:59:
da:42:7d:b1:ac:67:82:f9:a0:8d:21:9a:3a:71:20:
12:cb:9d:c9:0e:13:cb:21:8a:8a:3c:60:38:91:94:
a1:ef:73:b9:45:a8:95:82:b3:f8:6b:c8:41:87:26:
98:bf:9d:55:b7:80:d3:4f:9e:c2:f7:46:ce:82:41:
93:a3:54:1b:03:a6:66:b6:2e:d0:34:5f:1e:7b:39:
c6:6e:44:be:38:2c:4f:af:e1:30:3f:dd:ee:5c:0a:
a5:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:47:F7:90:99:14:07:22:DA:09:97:86:A3:17:09:B3:DB:41:44:82
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/TEf3kJkUByLaCZeGoxcJs9tBRII.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.100.0/22
Signature Algorithm: sha256WithRSAEncryption
90:09:ce:0c:43:23:a6:0f:4f:1a:83:cf:ea:b4:e5:a9:51:2b:
39:c1:7a:cf:58:4f:82:34:39:9e:11:fe:f9:7b:6c:2b:e0:49:
7f:45:3e:5b:a1:7f:5f:42:78:63:fb:4b:47:5e:04:39:61:c2:
97:62:d6:58:c6:92:4e:b1:ae:33:bf:35:a8:e1:7f:55:ff:b5:
8b:79:57:c1:64:11:09:14:50:bd:fb:7d:0b:79:13:8a:6a:27:
9c:7b:1a:f8:12:14:64:94:f8:a2:d7:10:34:9b:12:e2:fb:49:
16:66:dd:e2:30:32:28:81:2f:92:78:9c:57:5c:b3:f2:1f:52:
a0:6f:f3:5b:ab:72:34:b2:64:08:c4:64:df:fa:05:a5:fb:27:
f6:6d:52:8f:79:da:70:f8:7f:c6:c3:9e:6c:c8:59:93:87:ce:
2a:08:7e:cd:f8:a2:0c:f9:bd:55:5a:c4:51:fc:91:71:71:b6:
aa:9c:c0:89:ee:f1:81:36:bd:fa:29:a2:92:b4:3f:7b:cf:c0:
16:cb:2f:85:21:2f:62:80:e3:ac:b7:49:0b:1d:f8:c0:b8:0f:
40:29:b0:39:90:59:16:62:d3:96:aa:2b:06:bc:29:da:07:d1:
11:17:35:3b:dc:e7:77:94:58:b8:60:a1:09:73:bf:38:5e:d4:
39:4c:f4:47
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGHUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1MDVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDRDNDdGNzkwOTkxNDA3
MjJEQTA5OTc4NkEzMTcwOUIzREI0MTQ0ODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDiYb7y/ii56QZvse/dRv5hFwqi+vGE5Fnr0F8uixK5Vb7LMUJR
ftfuFRq8SgrZoCQtu4tC387PMvtV8JReci21PIG6nkiOnEz6QKnT7PaRphC7/Tt1
lyKYij3n52U/EbacovG9rcc+Z+lPfJ/Ztsv9vwHFxvRBUxqs+ckbDuIn+MshvcaZ
EHX/4pfVFBH/x7i0vcmq4MIJQMie6k9n3ZXbN9kRWdpCfbGsZ4L5oI0hmjpxIBLL
nckOE8shioo8YDiRlKHvc7lFqJWCs/hryEGHJpi/nVW3gNNPnsL3Rs6CQZOjVBsD
pma2LtA0Xx57OcZuRL44LE+v4TA/3e5cCqX7AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUTEf3kJkUByLaCZeGoxcJs9tBRIIwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1RFZjNrSmtVQnlMYUNa
ZUdveGNKczl0QlJJSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAIt/GQwDQYJKoZIhvcNAQELBQADggEBAJAJzgxDI6YPTxqDz+q05alRKznBes9Y
T4I0OZ4R/vl7bCvgSX9FPluhf19CeGP7S0deBDlhwpdi1ljGkk6xrjO/Najhf1X/
tYt5V8FkEQkUUL37fQt5E4pqJ5x7GvgSFGSU+KLXEDSbEuL7SRZm3eIwMiiBL5J4
nFdcs/IfUqBv81urcjSyZAjEZN/6BaX7J/ZtUo952nD4f8bDnmzIWZOHzioIfs34
ogz5vVVaxFH8kXFxtqqcwInu8YE2vfopopK0P3vPwBbLL4UhL2KA46y3SQsd+MC4
D0ApsDmQWRZi05aqKwa8KdoH0REXNTvc53eUWLhgoQlzvzhe1DlM9Ec=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:33:22 2025 by rpki-client