Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/XQXxlA5QGQNB4SCzkPeG8AFSqU8.roa
File: XQXxlA5QGQNB4SCzkPeG8AFSqU8.roa (raw, json)
Hash identifier: 6nd6xh8eb//XXj6nuHis7iCLVmdt1iM2H3nkPy0OEGE=
Subject key identifier: 5D:05:F1:94:0E:50:19:03:41:E1:20:B3:90:F7:86:F0:01:52:A9:4F
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 0D
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/XQXxlA5QGQNB4SCzkPeG8AFSqU8.roa
Signing time: Wed 01 Jun 2022 07:07:36 +0000
ROA not before: Wed 01 Jun 2022 07:07:36 +0000
ROA not after: Thu 01 Jun 2023 06:58:54 +0000
asID: 139259
IP address blocks: 45.252.8.0/22 maxlen: 24
45.252.12.0/22 maxlen: 24
45.252.16.0/22 maxlen: 24
45.252.20.0/22 maxlen: 24
45.252.24.0/22 maxlen: 24
45.252.28.0/22 maxlen: 24
45.252.32.0/22 maxlen: 24
45.252.36.0/22 maxlen: 24
45.252.40.0/22 maxlen: 24
45.252.44.0/22 maxlen: 24
45.252.48.0/22 maxlen: 24
45.252.100.0/22 maxlen: 24
45.252.144.0/22 maxlen: 24
103.6.108.0/24 maxlen: 24
103.220.248.0/22 maxlen: 24
103.220.252.0/22 maxlen: 24
103.221.0.0/22 maxlen: 24
103.221.4.0/22 maxlen: 24
103.221.8.0/22 maxlen: 24
103.221.12.0/22 maxlen: 24
103.221.16.0/22 maxlen: 24
103.221.20.0/22 maxlen: 24
103.221.24.0/22 maxlen: 24
103.221.28.0/22 maxlen: 24
103.221.32.0/22 maxlen: 24
103.221.36.0/22 maxlen: 24
103.221.40.0/22 maxlen: 24
103.221.44.0/22 maxlen: 24
103.221.48.0/22 maxlen: 24
103.221.92.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13 (0xd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jun 1 07:07:36 2022 GMT
Not After : Jun 1 06:58:54 2023 GMT
Subject: CN=5D05F1940E50190341E120B390F786F00152A94F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ec:72:8f:74:be:92:d1:66:1b:1d:13:8c:cc:
09:dd:5f:64:c0:2b:db:fd:be:c7:fb:c6:1f:39:58:
52:0e:df:20:45:10:c1:5f:15:4d:30:21:4b:17:d0:
7d:4b:5b:56:43:90:36:8d:40:de:b0:73:50:20:76:
88:22:9b:8b:24:a7:fb:df:82:cf:b1:aa:af:b4:7e:
c1:b6:9b:cc:18:3f:6c:39:bd:0e:23:4d:63:0c:bc:
48:61:52:84:b6:f6:fd:47:23:ae:42:9c:67:78:a6:
ad:0d:93:89:db:58:35:3e:5c:36:37:90:6d:d7:d6:
5e:16:d8:00:8e:43:95:2e:69:e5:d0:da:6a:1f:e5:
44:16:2e:39:2d:a8:b9:c2:d5:44:4a:55:80:ad:a5:
ed:6d:12:33:01:89:dc:f0:88:b3:c6:7f:ff:90:9c:
11:f4:d8:10:5e:84:35:ee:07:15:44:aa:31:68:3e:
92:b2:c4:30:03:e4:c2:83:d3:b7:18:6b:53:5f:33:
8d:c8:22:f6:cf:d9:30:b6:ab:26:1d:1e:49:8c:aa:
49:02:c2:60:5f:4f:f0:31:d4:6a:a2:ef:73:19:11:
82:d4:52:d7:38:d6:2a:25:0a:b5:3f:53:bb:38:3c:
3c:d2:cd:33:99:50:df:61:ec:a7:76:3f:82:a3:92:
9e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:05:F1:94:0E:50:19:03:41:E1:20:B3:90:F7:86:F0:01:52:A9:4F
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/XQXxlA5QGQNB4SCzkPeG8AFSqU8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.8.0-45.252.51.255
45.252.100.0/22
45.252.144.0/22
103.6.108.0/24
103.220.248.0-103.221.51.255
103.221.92.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:a8:3f:49:00:58:ec:75:3b:7e:2d:b5:53:f1:5d:b8:0c:0c:
e3:1c:9d:5c:27:14:f5:93:90:3f:2f:df:89:71:09:e2:65:0c:
19:4e:1a:d6:56:e7:8e:ac:df:e1:61:27:c7:ba:73:59:fc:88:
83:31:f3:1d:f1:0d:d3:cc:4b:2f:3c:d0:c5:55:3b:b1:6d:0b:
67:93:49:19:98:4e:ae:0a:cd:75:6d:dd:74:27:41:9e:80:db:
c7:54:84:2d:59:9b:5a:b2:f1:1d:a9:65:d5:e3:6a:16:1b:ae:
45:84:3f:d8:ab:0a:65:a0:00:0b:82:ba:e1:d6:9f:49:fe:e4:
7a:5e:ad:d3:b4:a2:53:dc:50:f5:45:c6:84:65:89:1c:df:b1:
b3:7e:4c:fb:2f:bb:2a:f7:bc:73:11:83:50:56:31:72:0f:9b:
b3:b2:3b:4c:39:14:5a:f3:70:79:57:4f:18:0f:d3:b4:d8:8f:
06:27:3e:fd:24:38:72:a4:0a:32:70:28:0d:35:b4:82:63:b7:
b9:8a:51:a1:26:c4:ed:77:c1:69:de:7f:4e:2b:28:da:8f:b8:
68:fe:8f:fa:8c:e7:1d:07:8a:51:d6:25:46:95:f3:49:1c:c8:
a1:68:b6:63:f5:cf:f4:95:5d:53:27:f4:3a:ef:fe:3e:0a:10:
e1:62:8a:9a
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIBDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3NUI0
NzE0QzRGNjFCRUEwNEEwMkNGOUNGNTYzQUUxMzRGNDc5Qzg1MB4XDTIyMDYwMTA3
MDczNloXDTIzMDYwMTA2NTg1NFowMzExMC8GA1UEAxMoNUQwNUYxOTQwRTUwMTkw
MzQxRTEyMEIzOTBGNzg2RjAwMTUyQTk0RjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAL/sco90vpLRZhsdE4zMCd1fZMAr2/2+x/vGHzlYUg7fIEUQwV8V
TTAhSxfQfUtbVkOQNo1A3rBzUCB2iCKbiySn+9+Cz7Gqr7R+wbabzBg/bDm9DiNN
Ywy8SGFShLb2/UcjrkKcZ3imrQ2TidtYNT5cNjeQbdfWXhbYAI5DlS5p5dDaah/l
RBYuOS2oucLVREpVgK2l7W0SMwGJ3PCIs8Z//5CcEfTYEF6ENe4HFUSqMWg+krLE
MAPkwoPTtxhrU18zjcgi9s/ZMLarJh0eSYyqSQLCYF9P8DHUaqLvcxkRgtRS1zjW
KiUKtT9Tuzg8PNLNM5lQ32Hsp3Y/gqOSnrUCAwEAAaOCAh8wggIbMB0GA1UdDgQW
BBRdBfGUDlAZA0HhILOQ94bwAVKpTzAfBgNVHSMEGDAWgBR1tHFMT2G+oEoCz5z1
Y64TT0echTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFwGA1UdHwRVMFMwUaBP
oE2GS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC81Nzcv
ZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9kYlJ4VEU5aHZxQktBcy1jOVdPdUUwOUhuSVUuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBnAYIKwYBBQUHAQsEgY8wgYwwVwYIKwYBBQUHMAuGS3JzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC81NzcvWFFYeGxBNVFHUU5CNFND
emtQZUc4QUZTcVU4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmlj
LmNuL3JyZHAvbm90aWZ5LnhtbDBNBggrBgEFBQcBBwEB/wQ+MDwwOgQCAAEwNDAM
AwQDLfwIAwQCLfwwAwQCLfxkAwQCLfyQAwQAZwZsMAwDBANn3PgDBAJn3TADBAJn
3VwwDQYJKoZIhvcNAQELBQADggEBAI+oP0kAWOx1O34ttVPxXbgMDOMcnVwnFPWT
kD8v34lxCeJlDBlOGtZW546s3+FhJ8e6c1n8iIMx8x3xDdPMSy880MVVO7FtC2eT
SRmYTq4KzXVt3XQnQZ6A28dUhC1Zm1qy8R2pZdXjahYbrkWEP9irCmWgAAuCuuHW
n0n+5HperdO0olPcUPVFxoRliRzfsbN+TPsvuyr3vHMRg1BWMXIPm7OyO0w5FFrz
cHlXTxgP07TYjwYnPv0kOHKkCjJwKA01tIJjt7mKUaEmxO13wWnef04rKNqPuGj+
j/qM5x0HilHWJUaV80kcyKFotmP1z/SVXVMn9Drv/j4KEOFiipo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:23 2023 by rpki-client on console-fra.rpki-client.org