Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/cIFRnvNGbT6zBKm2m70viehTEOs.roa
File: cIFRnvNGbT6zBKm2m70viehTEOs.roa (raw, json)
Hash identifier: Bo9faJxf5wbeAZwaiBsC6BwE8dL0QM7SFQ+Ntkd9Epk=
Subject key identifier: 70:81:51:9E:F3:46:6D:3E:B3:04:A9:B6:9B:BD:2F:89:E8:53:10:EB
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 184C
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/cIFRnvNGbT6zBKm2m70viehTEOs.roa
Signing time: Fri 17 Jan 2025 01:24:53 +0000
ROA not before: Fri 17 Jan 2025 01:24:53 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 17621
IP address blocks: 43.254.152.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6220 (0x184c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:24:53 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=7081519EF3466D3EB304A9B69BBD2F89E85310EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:4b:db:31:a7:d4:b1:b0:62:fb:a0:ac:22:96:
c3:3d:77:ff:3f:82:10:1f:07:b5:a7:30:22:ad:b4:
fa:15:08:5b:12:e9:33:74:bb:bb:8f:4d:72:44:20:
0a:33:05:7f:c1:52:83:de:1e:02:2e:87:a3:f1:6f:
48:a7:61:22:34:e4:1d:47:c9:f7:e6:01:5e:23:9b:
bb:56:d1:c8:8f:77:38:bc:08:ec:07:bf:66:d0:fd:
a3:68:c8:33:de:92:d7:6e:21:fd:fd:e7:8e:57:68:
a7:e8:b0:9a:de:a0:3b:8e:c1:b0:9c:5d:13:3b:5d:
29:4a:a2:e7:0f:ec:e9:25:ac:d6:a0:66:57:ec:d8:
59:55:a2:15:a1:68:4e:17:2e:5d:48:18:ec:28:ab:
33:88:eb:66:ce:d5:67:a0:d4:b5:20:2b:0f:7b:69:
e0:1c:06:77:a7:1a:5a:ec:fc:10:92:87:a4:3f:aa:
e8:e2:d3:55:9d:00:fa:af:42:a1:76:a1:6f:84:ba:
fe:1d:46:bb:1a:db:cb:8e:34:91:f6:77:97:0a:be:
9f:83:93:ac:5d:d9:0b:6e:29:ff:73:08:cf:1b:0b:
8d:57:44:58:2f:51:ea:fd:ee:31:8e:5c:b8:ca:01:
06:e1:24:b6:79:7c:d5:9e:43:04:e9:21:85:0d:ee:
72:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:81:51:9E:F3:46:6D:3E:B3:04:A9:B6:9B:BD:2F:89:E8:53:10:EB
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/cIFRnvNGbT6zBKm2m70viehTEOs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.152.0/24
Signature Algorithm: sha256WithRSAEncryption
67:97:96:57:1e:82:47:da:64:19:59:01:6f:19:ff:8e:cb:fd:
79:e1:f2:b7:d0:37:77:ea:23:5e:58:c9:03:f7:0f:c0:ff:07:
7c:8d:89:c9:7c:19:7d:01:a6:3e:68:62:57:2e:a0:51:48:77:
cc:5b:e9:b3:b5:64:76:24:92:c9:47:9d:ce:64:b3:23:fe:d0:
ee:81:52:8f:71:df:1f:8e:82:3e:42:43:3c:a8:c4:bc:40:08:
e8:dc:ec:13:19:65:9d:f2:e4:93:b3:76:96:a7:b8:eb:70:fa:
57:14:7a:7b:f4:6d:c0:9d:01:b0:69:7a:20:07:b8:15:c5:f7:
c8:eb:81:67:22:de:43:f2:b0:fe:30:b3:1f:8e:5a:75:27:c2:
fc:e7:ac:6a:d1:43:0b:e6:3e:99:da:93:db:75:31:1b:cc:46:
47:67:15:fc:b0:86:90:b1:e5:25:20:73:4d:1f:83:f4:9d:ed:
b6:00:72:48:ee:12:9f:bb:ff:b9:9c:2d:7c:88:66:0f:74:5e:
2c:26:e8:95:b3:b3:77:71:dc:1d:0b:a3:cd:17:8c:9b:d7:d0:
a8:85:98:3e:c2:37:4d:1a:9a:cf:f4:f5:55:01:5d:01:0a:83:
1f:9d:38:2c:63:cb:ff:2d:b0:01:8a:d2:20:cf:31:be:bf:5b:
77:22:06:f4
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGEwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI0NTNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDcwODE1MTlFRjM0NjZE
M0VCMzA0QTlCNjlCQkQyRjg5RTg1MzEwRUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmS9sxp9SxsGL7oKwilsM9d/8/ghAfB7WnMCKttPoVCFsS6TN0
u7uPTXJEIAozBX/BUoPeHgIuh6Pxb0inYSI05B1HyffmAV4jm7tW0ciPdzi8COwH
v2bQ/aNoyDPektduIf39545XaKfosJreoDuOwbCcXRM7XSlKoucP7OklrNagZlfs
2FlVohWhaE4XLl1IGOwoqzOI62bO1Weg1LUgKw97aeAcBnenGlrs/BCSh6Q/quji
01WdAPqvQqF2oW+Euv4dRrsa28uONJH2d5cKvp+Dk6xd2QtuKf9zCM8bC41XRFgv
Uer97jGOXLjKAQbhJLZ5fNWeQwTpIYUN7nJlAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUcIFRnvNGbT6zBKm2m70viehTEOswHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2NJRlJudk5HYlQ2ekJL
bTJtNzB2aWVoVEVPcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAr/pgwDQYJKoZIhvcNAQELBQADggEBAGeXllcegkfaZBlZAW8Z/47L/Xnh8rfQ
N3fqI15YyQP3D8D/B3yNicl8GX0Bpj5oYlcuoFFId8xb6bO1ZHYkkslHnc5ksyP+
0O6BUo9x3x+Ogj5CQzyoxLxACOjc7BMZZZ3y5JOzdpanuOtw+lcUenv0bcCdAbBp
eiAHuBXF98jrgWci3kPysP4wsx+OWnUnwvznrGrRQwvmPpnak9t1MRvMRkdnFfyw
hpCx5SUgc00fg/Sd7bYAckjuEp+7/7mcLXyIZg90Xiwm6JWzs3dx3B0Lo80XjJvX
0KiFmD7CN00ams/09VUBXQEKgx+dOCxjy/8tsAGK0iDPMb6/W3ciBvQ=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:39:18 2025 by rpki-client