Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/TvKXzEMLikhOzP9JB1V2Ep-FJ_Y.roa
File: TvKXzEMLikhOzP9JB1V2Ep-FJ_Y.roa (raw, json)
Hash identifier: orSsdOvOb6BrIGZ/XDd9eYEG6mFmC1QE0eJ74M4vsak=
Subject key identifier: 4E:F2:97:CC:43:0B:8A:48:4E:CC:FF:49:07:55:76:12:9F:85:27:F6
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 188F
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/TvKXzEMLikhOzP9JB1V2Ep-FJ_Y.roa
Signing time: Fri 17 Jan 2025 01:25:14 +0000
ROA not before: Fri 17 Jan 2025 01:25:14 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139259
IP address blocks: 45.252.8.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6287 (0x188f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:14 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=4EF297CC430B8A484ECCFF49075576129F8527F6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:08:71:11:9d:0f:e0:98:cf:7e:dd:bc:85:9a:
0a:16:ab:44:35:d4:34:b1:75:d5:43:ca:ae:60:4f:
e4:f6:ce:37:55:b9:47:b3:34:b2:9e:f7:c9:7c:9c:
cb:a3:fe:0b:b7:eb:29:0f:c8:e2:a9:91:52:7e:ab:
8c:8c:d3:c7:02:cd:50:88:53:18:4d:47:fe:78:aa:
1f:1d:83:bb:bb:0e:bf:51:bc:aa:55:9a:87:79:86:
33:47:ee:65:f7:76:33:f1:55:56:a7:e8:c4:f5:32:
0e:c4:0b:94:61:e5:a8:06:c2:12:43:f2:99:ad:8e:
e9:86:9b:c7:ae:a2:e5:de:f5:b0:f8:ca:bf:fa:4c:
b5:8e:4f:96:ca:ec:dc:03:6c:ef:35:92:31:b6:fb:
bc:b0:06:bb:24:58:a5:9c:58:a7:c9:e1:2b:5e:64:
39:ba:56:cb:33:0f:34:2c:e7:28:46:b0:08:5d:4b:
66:a4:ab:40:e8:6f:e3:a7:e8:a9:46:a0:f3:3a:20:
6a:15:49:2e:6c:4b:35:94:b1:14:ee:c0:d2:a7:10:
fb:0a:ba:0f:9d:5a:31:ca:57:a5:aa:06:98:b0:21:
ec:0c:9d:d2:58:61:25:50:3a:ca:6d:8f:63:93:ea:
b7:f4:75:47:13:20:a5:78:f4:8a:82:ae:50:e9:78:
28:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:F2:97:CC:43:0B:8A:48:4E:CC:FF:49:07:55:76:12:9F:85:27:F6
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/TvKXzEMLikhOzP9JB1V2Ep-FJ_Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.8.0/22
Signature Algorithm: sha256WithRSAEncryption
29:4a:19:f9:12:9f:c6:9b:44:7d:e7:9a:2e:22:1d:cb:d2:f5:
ed:f5:10:10:15:4d:c7:6d:b4:20:d5:77:51:e3:b3:5e:45:06:
37:ce:68:a0:d5:9b:db:19:7f:bb:2f:d2:29:b3:26:21:52:8a:
98:50:47:fd:21:0a:1b:1b:f1:8e:2e:ae:f0:19:e4:42:63:2c:
7d:dd:08:0d:90:03:d6:df:08:1d:3f:fd:e9:37:71:bf:a6:11:
de:45:80:5b:83:04:28:8c:87:46:b1:2f:ec:58:30:2c:46:7d:
2e:7d:67:90:68:9f:f6:6b:22:55:24:b8:d2:4f:5b:b1:3d:30:
5a:ce:2d:e7:6e:94:db:0c:1c:f6:f4:03:14:c6:18:46:2c:d6:
1d:03:b5:b0:f1:52:3d:53:d9:50:18:d8:81:c7:1c:05:f6:9b:
f3:73:a6:60:3a:27:4c:60:34:3e:45:f6:3b:9c:fd:e4:17:f7:
4c:cb:79:99:7c:e3:00:7c:81:fb:3b:17:45:f1:54:67:bb:9c:
2f:62:f3:0b:96:9d:25:f3:00:aa:f1:1a:59:10:79:68:23:28:
45:f9:a1:0c:51:16:e2:9d:d0:4e:af:5c:b8:af:b3:68:85:ea:
87:d2:c6:df:39:56:ca:2e:2f:57:92:14:09:0a:7b:8d:92:70:
e9:11:be:d0
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGI8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1MTRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDRFRjI5N0NDNDMwQjhB
NDg0RUNDRkY0OTA3NTU3NjEyOUY4NTI3RjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDACHERnQ/gmM9+3byFmgoWq0Q11DSxddVDyq5gT+T2zjdVuUez
NLKe98l8nMuj/gu36ykPyOKpkVJ+q4yM08cCzVCIUxhNR/54qh8dg7u7Dr9RvKpV
mod5hjNH7mX3djPxVVan6MT1Mg7EC5Rh5agGwhJD8pmtjumGm8euouXe9bD4yr/6
TLWOT5bK7NwDbO81kjG2+7ywBrskWKWcWKfJ4SteZDm6VsszDzQs5yhGsAhdS2ak
q0Dob+On6KlGoPM6IGoVSS5sSzWUsRTuwNKnEPsKug+dWjHKV6WqBpiwIewMndJY
YSVQOsptj2OT6rf0dUcTIKV49IqCrlDpeCi3AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUTvKXzEMLikhOzP9JB1V2Ep+FJ/YwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1R2S1h6RU1MaWtoT3pQ
OUpCMVYyRXAtRkpfWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAIt/AgwDQYJKoZIhvcNAQELBQADggEBAClKGfkSn8abRH3nmi4iHcvS9e31EBAV
TcdttCDVd1Hjs15FBjfOaKDVm9sZf7sv0imzJiFSiphQR/0hChsb8Y4urvAZ5EJj
LH3dCA2QA9bfCB0//ek3cb+mEd5FgFuDBCiMh0axL+xYMCxGfS59Z5Bon/ZrIlUk
uNJPW7E9MFrOLedulNsMHPb0AxTGGEYs1h0DtbDxUj1T2VAY2IHHHAX2m/NzpmA6
J0xgND5F9juc/eQX90zLeZl84wB8gfs7F0XxVGe7nC9i8wuWnSXzAKrxGlkQeWgj
KEX5oQxRFuKd0E6vXLivs2iF6ofSxt85VsouL1eSFAkKe42ScOkRvtA=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:38:38 2025 by rpki-client