Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/fBqFQ0P5Ip1Hck0c5SKpDK2ykYc.roa
File: fBqFQ0P5Ip1Hck0c5SKpDK2ykYc.roa (raw, json)
Hash identifier: RQVsComJ/n+hDUOP9kYD2Tv1DfWbY7ftA9V7mnZ2SMM=
Subject key identifier: 7C:1A:85:43:43:F9:22:9D:47:72:4D:1C:E5:22:A9:0C:AD:B2:91:87
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1871
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/fBqFQ0P5Ip1Hck0c5SKpDK2ykYc.roa
Signing time: Fri 17 Jan 2025 01:25:04 +0000
ROA not before: Fri 17 Jan 2025 01:25:04 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 139259
IP address blocks: 45.252.103.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6257 (0x1871)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:04 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=7C1A854343F9229D47724D1CE522A90CADB29187
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:26:be:82:48:a9:39:30:d5:7a:eb:34:7c:d2:
70:3a:e9:c3:5f:27:cf:3f:99:73:94:fd:60:2a:89:
e0:25:50:a5:55:5e:14:b1:33:b3:47:bf:dd:83:6a:
51:7e:11:3e:11:07:cd:00:76:2f:b8:6b:09:e2:98:
55:3a:a5:0d:ec:4e:20:da:a6:75:df:5a:60:ab:e0:
53:a3:e0:7f:7d:ad:65:b5:02:db:1e:8b:02:90:40:
59:7b:46:6e:f4:7b:07:23:4d:30:89:df:fd:f5:24:
45:8d:73:3a:60:b8:b3:15:d6:66:15:62:b0:81:ce:
e5:db:c9:3e:75:0b:e0:45:8e:0c:e0:a1:e9:1e:1b:
0f:57:f1:ba:9f:65:e2:08:7c:00:c9:2d:37:23:29:
6f:9c:c3:33:21:1d:4f:06:a7:0d:6a:41:2c:d5:11:
41:01:f7:d6:ea:57:a8:f9:20:06:16:dd:82:74:8d:
36:50:3b:3a:18:6d:94:3d:4a:a5:d6:2c:66:1a:f5:
9d:55:98:ab:15:7e:bd:c2:9a:c2:c6:e8:2f:e3:3e:
b7:9a:31:ba:30:63:4a:cb:ad:ea:e0:be:de:47:a0:
56:69:61:32:b2:1d:6d:72:7b:6b:d3:45:4c:7c:ff:
23:99:ee:ad:0f:51:49:1f:f4:b6:c8:8b:ce:29:94:
f9:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:1A:85:43:43:F9:22:9D:47:72:4D:1C:E5:22:A9:0C:AD:B2:91:87
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/fBqFQ0P5Ip1Hck0c5SKpDK2ykYc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.103.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:3f:11:f8:f2:a2:24:b2:4b:3c:04:d2:03:ed:35:e8:8a:92:
19:25:46:8a:64:6c:b2:d5:80:13:66:9c:4f:c7:df:11:b3:a3:
93:a9:c5:31:a3:bf:7d:a8:13:a5:4a:bb:6f:49:e8:89:1e:69:
91:bb:e6:81:08:1a:67:00:4c:00:d4:6b:b1:0d:0b:2e:dc:5a:
bf:b4:0f:2d:65:d6:1d:c6:bf:ad:56:29:b6:01:1f:8f:04:51:
db:03:44:23:81:39:f0:c6:b8:70:8e:ed:1c:f1:8e:e5:33:bf:
cd:91:50:8e:94:e5:94:63:d9:d9:7b:61:3b:44:96:fe:72:5a:
d8:17:5a:b8:6f:c8:03:d6:5e:7f:12:30:3b:f1:9b:c4:09:ab:
fa:3d:2c:36:a1:c2:c4:f9:d2:b8:75:7f:20:6d:1f:0a:de:40:
1b:cb:bc:d7:b9:c4:e9:22:7d:34:a7:b7:64:bf:9d:cc:24:99:
91:01:3f:2e:6d:e5:cb:67:22:f9:be:54:ea:44:56:d5:44:5a:
1a:2b:56:26:8b:81:9f:e0:c1:04:d9:11:72:53:bf:2a:d5:73:
e1:0b:3c:bd:db:e6:4b:14:28:07:26:38:4f:6b:9e:be:7b:b1:
63:d3:a5:7e:b1:5a:8c:34:03:c8:19:31:fa:9c:47:8a:25:41:
31:36:68:c7
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGHEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1MDRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDdDMUE4NTQzNDNGOTIy
OUQ0NzcyNEQxQ0U1MjJBOTBDQURCMjkxODcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD4Jr6CSKk5MNV66zR80nA66cNfJ88/mXOU/WAqieAlUKVVXhSx
M7NHv92DalF+ET4RB80Adi+4awnimFU6pQ3sTiDapnXfWmCr4FOj4H99rWW1Atse
iwKQQFl7Rm70ewcjTTCJ3/31JEWNczpguLMV1mYVYrCBzuXbyT51C+BFjgzgoeke
Gw9X8bqfZeIIfADJLTcjKW+cwzMhHU8Gpw1qQSzVEUEB99bqV6j5IAYW3YJ0jTZQ
OzoYbZQ9SqXWLGYa9Z1VmKsVfr3CmsLG6C/jPreaMbowY0rLrergvt5HoFZpYTKy
HW1ye2vTRUx8/yOZ7q0PUUkf9LbIi84plPkBAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUfBqFQ0P5Ip1Hck0c5SKpDK2ykYcwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2ZCcUZRMFA1SXAxSGNr
MGM1U0twREsyeWtZYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAt/GcwDQYJKoZIhvcNAQELBQADggEBAKU/EfjyoiSySzwE0gPtNeiKkhklRopk
bLLVgBNmnE/H3xGzo5OpxTGjv32oE6VKu29J6IkeaZG75oEIGmcATADUa7ENCy7c
Wr+0Dy1l1h3Gv61WKbYBH48EUdsDRCOBOfDGuHCO7RzxjuUzv82RUI6U5ZRj2dl7
YTtElv5yWtgXWrhvyAPWXn8SMDvxm8QJq/o9LDahwsT50rh1fyBtHwreQBvLvNe5
xOkifTSnt2S/ncwkmZEBPy5t5ctnIvm+VOpEVtVEWhorViaLgZ/gwQTZEXJTvyrV
c+ELPL3b5ksUKAcmOE9rnr57sWPTpX6xWow0A8gZMfqcR4olQTE2aMc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:42:51 2025 by rpki-client