Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/hW-5dXzxsXMrKktpTm1BM7XfH8M.roa
File: hW-5dXzxsXMrKktpTm1BM7XfH8M.roa (raw, json)
Hash identifier: MN0qpppBE1fdoG3xM4+qIVc6AM6+JTRj1Mqu3LjABfE=
Subject key identifier: 85:6F:B9:75:7C:F1:B1:73:2B:2A:4B:69:4E:6D:41:33:B5:DF:1F:C3
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 18F1
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/hW-5dXzxsXMrKktpTm1BM7XfH8M.roa
Signing time: Fri 17 Jan 2025 01:25:51 +0000
ROA not before: Fri 17 Jan 2025 01:25:51 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 138527
IP address blocks: 45.252.20.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6385 (0x18f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:51 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=856FB9757CF1B1732B2A4B694E6D4133B5DF1FC3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3a:28:78:da:de:6d:6b:2b:bc:4f:a1:bb:70:
46:e4:b2:ef:5b:85:e0:47:33:3e:08:aa:60:3a:d8:
95:c1:4e:df:b5:a0:7a:4b:7e:2c:31:56:66:6f:de:
0c:11:f9:42:1f:b7:6b:20:f0:4b:c0:39:fc:1e:d3:
59:6f:e1:87:7d:ad:7b:85:6d:40:33:07:d5:f6:7f:
20:3b:93:8f:5f:e4:b4:af:fa:e4:5c:42:1a:72:0c:
93:7e:78:e8:2d:28:1d:b9:32:d3:0f:7e:0d:ba:6a:
2f:bd:a4:c6:cb:23:e3:ff:8d:28:97:dd:49:69:46:
ea:03:78:a0:fe:4b:51:b9:86:85:15:7b:8f:62:b5:
87:82:60:5f:8d:45:52:a9:9a:76:cd:0d:36:62:f4:
7d:b7:09:fe:ed:f6:2d:58:02:c0:69:a3:9a:0a:a1:
cb:88:94:0b:7d:0c:58:eb:52:f8:c5:d8:b9:e9:09:
10:f5:2b:11:1a:4a:50:2f:24:60:36:b0:3e:96:36:
81:44:91:8b:b7:dd:2c:07:03:b1:82:60:36:3b:78:
a7:d6:32:1f:2a:78:7e:da:23:67:cf:66:88:d4:72:
2c:b1:7c:6e:dd:1e:6f:25:01:03:f3:f2:03:be:57:
5d:b9:e5:ea:0a:c2:62:31:df:a9:3d:a1:cc:02:e8:
d5:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:6F:B9:75:7C:F1:B1:73:2B:2A:4B:69:4E:6D:41:33:B5:DF:1F:C3
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/hW-5dXzxsXMrKktpTm1BM7XfH8M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.20.0/22
Signature Algorithm: sha256WithRSAEncryption
05:87:8d:d3:fe:34:e4:f2:62:d4:0d:09:ff:e2:f4:ba:87:b0:
c3:c2:55:c6:da:95:54:b1:a8:f6:70:db:dd:9d:65:48:c3:3f:
bf:49:8a:63:90:8d:f7:39:69:09:ad:6c:8e:6b:84:d9:f1:e7:
43:bb:d5:a0:52:29:26:d3:83:bd:61:b1:d0:2e:be:36:74:1e:
f5:1c:ee:b8:10:96:64:9f:a7:30:8f:0a:66:fd:2b:b4:61:c0:
a6:eb:c4:d7:02:d7:09:0b:4a:91:64:56:9f:67:ce:45:3a:16:
a3:26:0a:b0:f7:a5:19:99:f1:f6:6a:8e:bb:f1:07:39:4e:2f:
e6:6e:e5:81:cc:4e:60:b3:ab:57:2a:1d:60:a4:63:17:cb:6f:
80:86:66:42:b4:96:65:1a:44:c1:00:d7:66:9f:7e:4e:6c:66:
84:75:32:18:3c:1b:c2:d8:f3:d6:26:c9:33:c4:f1:62:4c:e0:
26:5f:e8:aa:86:c4:21:6e:35:73:2d:8c:c6:e1:46:e0:5b:9c:
72:60:54:a4:fd:af:8f:1f:e6:13:02:dc:e5:41:3a:57:2f:1c:
aa:20:11:0e:81:ce:9d:27:62:2b:55:d0:91:d4:b4:b4:f5:04:
0b:d7:60:4d:2d:18:12:4e:9d:01:1e:f4:d4:58:47:dc:f9:f1:
ba:42:c4:70
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGPEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1NTFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDg1NkZCOTc1N0NGMUIx
NzMyQjJBNEI2OTRFNkQ0MTMzQjVERjFGQzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtOih42t5tayu8T6G7cEbksu9bheBHMz4IqmA62JXBTt+1oHpL
fiwxVmZv3gwR+UIft2sg8EvAOfwe01lv4Yd9rXuFbUAzB9X2fyA7k49f5LSv+uRc
QhpyDJN+eOgtKB25MtMPfg26ai+9pMbLI+P/jSiX3UlpRuoDeKD+S1G5hoUVe49i
tYeCYF+NRVKpmnbNDTZi9H23Cf7t9i1YAsBpo5oKocuIlAt9DFjrUvjF2LnpCRD1
KxEaSlAvJGA2sD6WNoFEkYu33SwHA7GCYDY7eKfWMh8qeH7aI2fPZojUciyxfG7d
Hm8lAQPz8gO+V1255eoKwmIx36k9ocwC6NW/AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUhW+5dXzxsXMrKktpTm1BM7XfH8MwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2hXLTVkWHp4c1hNcktr
dHBUbTFCTTdYZkg4TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAIt/BQwDQYJKoZIhvcNAQELBQADggEBAAWHjdP+NOTyYtQNCf/i9LqHsMPCVcba
lVSxqPZw292dZUjDP79JimOQjfc5aQmtbI5rhNnx50O71aBSKSbTg71hsdAuvjZ0
HvUc7rgQlmSfpzCPCmb9K7RhwKbrxNcC1wkLSpFkVp9nzkU6FqMmCrD3pRmZ8fZq
jrvxBzlOL+Zu5YHMTmCzq1cqHWCkYxfLb4CGZkK0lmUaRMEA12affk5sZoR1Mhg8
G8LY89YmyTPE8WJM4CZf6KqGxCFuNXMtjMbhRuBbnHJgVKT9r48f5hMC3OVBOlcv
HKogEQ6Bzp0nYitV0JHUtLT1BAvXYE0tGBJOnQEe9NRYR9z58bpCxHA=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:47:13 2025 by rpki-client