Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/esyxDydkLp2nniPbaELGyKTLcrI.roa
File: esyxDydkLp2nniPbaELGyKTLcrI.roa (raw, json)
Hash identifier: TZfmq1o5xynJbVMdIHQ2xJStPYwD7JBRVc/fH00eUGQ=
Subject key identifier: 7A:CC:B1:0F:27:64:2E:9D:A7:9E:23:DB:68:42:C6:C8:A4:CB:72:B2
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 18F7
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/esyxDydkLp2nniPbaELGyKTLcrI.roa
Signing time: Fri 17 Jan 2025 01:25:52 +0000
ROA not before: Fri 17 Jan 2025 01:25:52 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 24373
IP address blocks: 45.252.28.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6391 (0x18f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:52 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=7ACCB10F27642E9DA79E23DB6842C6C8A4CB72B2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:3b:c0:12:52:f0:f7:da:0a:1d:e6:87:5e:fa:
d8:e8:35:92:57:02:18:70:d9:2c:7b:27:d6:dd:b6:
46:7d:ce:09:10:eb:20:a8:6e:6f:e7:e3:67:4a:83:
a1:dd:c0:80:6f:3d:6a:2b:ee:05:63:fc:7e:00:a3:
97:1a:52:d9:43:28:63:6f:bb:ad:83:ea:29:3e:4d:
66:4f:48:71:f5:c8:a2:ee:a3:af:53:76:4b:56:5d:
96:60:80:a5:d6:1f:1f:ee:a1:9e:43:bc:aa:67:b5:
74:35:81:a8:7b:78:83:f6:9f:14:cb:84:de:a7:ff:
85:8d:b9:4a:64:7f:23:4a:83:3b:96:ae:1b:76:2b:
40:cf:a6:d5:45:21:2c:71:b1:ce:3e:e3:d1:c1:59:
9d:36:6a:93:bc:bc:61:92:af:78:3c:36:2f:f6:27:
eb:41:8a:82:49:c1:26:15:fe:ad:a6:ce:21:35:fe:
84:fa:e0:a2:cb:62:30:0c:80:eb:34:80:d8:9e:47:
80:59:f0:ef:8f:81:d0:14:94:69:25:43:3d:d7:26:
01:3b:79:3a:22:1d:26:ca:66:d2:6a:27:b6:af:aa:
f4:5d:a9:b7:3d:df:b7:a7:7f:f8:5c:ba:bd:03:fb:
b8:f0:06:32:a6:da:b5:7f:54:d4:6c:b8:20:32:62:
eb:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:CC:B1:0F:27:64:2E:9D:A7:9E:23:DB:68:42:C6:C8:A4:CB:72:B2
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/esyxDydkLp2nniPbaELGyKTLcrI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.28.0/22
Signature Algorithm: sha256WithRSAEncryption
90:a2:e7:2f:66:89:5a:14:f7:1a:52:83:32:b1:bd:43:c8:eb:
3c:a3:0d:e7:d6:8d:66:93:65:5b:30:c7:5b:cc:a8:83:b3:97:
3b:db:fc:91:a1:48:8c:69:77:47:25:c4:19:0b:7f:52:2e:e2:
26:01:2b:bb:89:da:68:74:d4:0b:0a:5d:e7:95:20:67:24:8c:
9a:10:81:33:09:01:67:f6:78:a6:07:7c:d7:7d:51:b0:e5:e6:
96:99:58:1f:c6:ab:22:2d:89:79:84:2b:43:a8:02:9a:d7:83:
fb:45:f3:69:02:c4:29:59:e5:ea:c7:4f:d4:e3:0e:3d:e2:cf:
ee:14:8a:0e:a7:65:dc:21:35:24:2c:46:e1:d8:8d:d6:40:81:
93:a9:a9:00:77:d7:f9:8d:e8:b7:df:9e:ef:2d:cf:aa:0d:e9:
eb:84:60:8e:41:43:d5:9a:25:6a:1c:18:1f:11:17:90:da:8c:
58:8d:f2:25:22:6c:48:e3:67:27:3e:70:ad:61:48:4e:fe:00:
9d:21:84:97:cd:37:f3:1d:63:1a:48:69:85:bb:be:e1:6d:3f:
b3:c0:af:bc:a9:a6:7a:5c:78:d2:9a:5a:37:5b:5a:44:3f:89:
56:d1:33:67:d0:a5:7f:eb:6a:87:1d:75:f8:52:62:13:2c:22:
45:43:87:69
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGPcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1NTJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDdBQ0NCMTBGMjc2NDJF
OURBNzlFMjNEQjY4NDJDNkM4QTRDQjcyQjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGO8ASUvD32god5ode+tjoNZJXAhhw2Sx7J9bdtkZ9zgkQ6yCo
bm/n42dKg6HdwIBvPWor7gVj/H4Ao5caUtlDKGNvu62D6ik+TWZPSHH1yKLuo69T
dktWXZZggKXWHx/uoZ5DvKpntXQ1gah7eIP2nxTLhN6n/4WNuUpkfyNKgzuWrht2
K0DPptVFISxxsc4+49HBWZ02apO8vGGSr3g8Ni/2J+tBioJJwSYV/q2mziE1/oT6
4KLLYjAMgOs0gNieR4BZ8O+PgdAUlGklQz3XJgE7eToiHSbKZtJqJ7avqvRdqbc9
37enf/hcur0D+7jwBjKm2rV/VNRsuCAyYuvJAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUesyxDydkLp2nniPbaELGyKTLcrIwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2VzeXhEeWRrTHAybm5p
UGJhRUxHeUtUTGNySS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAIt/BwwDQYJKoZIhvcNAQELBQADggEBAJCi5y9miVoU9xpSgzKxvUPI6zyjDefW
jWaTZVswx1vMqIOzlzvb/JGhSIxpd0clxBkLf1Iu4iYBK7uJ2mh01AsKXeeVIGck
jJoQgTMJAWf2eKYHfNd9UbDl5paZWB/GqyItiXmEK0OoAprXg/tF82kCxClZ5erH
T9TjDj3iz+4Uig6nZdwhNSQsRuHYjdZAgZOpqQB31/mN6Lffnu8tz6oN6euEYI5B
Q9WaJWocGB8RF5DajFiN8iUibEjjZyc+cK1hSE7+AJ0hhJfNN/MdYxpIaYW7vuFt
P7PAr7yppnpceNKaWjdbWkQ/iVbRM2fQpX/raocddfhSYhMsIkVDh2k=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:37:52 2025 by rpki-client