Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/l6saPbBC_NE9U_YAT3lyer0j0hM.roa
File: l6saPbBC_NE9U_YAT3lyer0j0hM.roa (raw, json)
Hash identifier: IxYE/QMJGCZo1ig4YdMgXhu9UXykbeXxHa8Hebeo2fI=
Subject key identifier: 97:AB:1A:3D:B0:42:FC:D1:3D:53:F6:00:4F:79:72:7A:BD:23:D2:13
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 1C95
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/l6saPbBC_NE9U_YAT3lyer0j0hM.roa
Signing time: Thu 17 Jul 2025 03:48:03 +0000
ROA not before: Thu 17 Jul 2025 03:48:03 +0000
ROA not after: Fri 03 Apr 2026 08:00:09 +0000
asID: 25734
IP address blocks: 45.252.144.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7317 (0x1c95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jul 17 03:48:03 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=97AB1A3DB042FCD13D53F6004F79727ABD23D213
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:91:da:74:70:24:5a:3f:cc:2a:75:3a:ab:6b:
e5:aa:d6:38:1b:fc:5f:56:5c:d6:db:9e:9d:c6:92:
2b:30:8c:00:3e:3e:ab:91:45:27:a0:b6:ae:e2:53:
d9:dc:fa:1a:4e:b7:bf:34:fd:03:f4:ab:40:66:a7:
67:61:15:c1:67:0b:8b:8e:63:46:3a:f6:d8:11:ae:
4f:06:c2:f2:e0:1e:b7:ad:6b:78:f7:dd:bd:ef:11:
ca:39:ec:10:83:49:7d:09:14:28:d8:9c:cd:62:09:
5f:20:9e:bc:21:40:71:c1:9a:ee:4e:cb:ba:b4:e2:
39:87:43:30:fc:fb:0b:91:d7:e2:7c:c4:e8:a0:0a:
23:d4:65:20:5c:c2:55:9c:0f:28:fd:4a:d7:46:74:
f5:b2:ed:5c:f4:5c:fe:b8:3d:9a:7d:34:b8:db:74:
33:e5:84:4f:87:ec:64:eb:99:4e:76:1f:83:55:83:
b9:4f:a9:05:27:c9:fd:aa:e1:b0:aa:4d:bf:43:99:
d9:c4:4f:64:83:cd:69:0a:a3:78:e9:df:50:2e:00:
1e:40:2f:df:a1:44:1a:6e:3d:37:6c:c4:ed:8b:24:
19:44:10:70:b7:5e:b8:cf:6d:2a:2b:a0:b0:03:b2:
ce:e4:e0:ea:a2:a7:6d:0f:dd:87:35:64:fd:f4:1c:
c1:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:AB:1A:3D:B0:42:FC:D1:3D:53:F6:00:4F:79:72:7A:BD:23:D2:13
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/l6saPbBC_NE9U_YAT3lyer0j0hM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.144.0/22
Signature Algorithm: sha256WithRSAEncryption
42:c6:ac:87:f9:ce:f5:b9:b5:cd:60:ed:88:50:bd:13:3e:49:
f1:de:49:7b:0d:73:02:53:44:09:f8:d2:8d:72:e6:02:be:ef:
cc:6f:b2:f2:1e:2f:15:e6:eb:16:45:1a:7a:94:93:61:19:ff:
79:b4:14:b4:53:71:0d:e0:8f:35:a4:27:f2:33:52:0e:5d:3b:
38:d1:2a:77:51:d8:7e:bc:cd:c0:aa:cf:9b:aa:6f:5d:e2:ad:
00:f9:b5:a7:3e:2b:a3:ce:cd:a9:22:71:bd:1b:d6:60:75:26:
85:b0:a0:75:8f:e6:e3:5b:bc:2d:ed:14:9f:48:9c:a1:3c:ed:
06:87:74:ec:75:91:82:c4:24:d5:05:e1:ef:f3:e3:ee:9d:5a:
d1:f1:bf:dd:48:d1:3b:ee:50:a6:d6:4a:ef:7c:cc:3b:03:57:
81:7c:24:8e:7e:d4:6a:b2:46:3e:5f:37:4d:10:fc:85:bf:f3:
ea:91:97:4b:2a:0c:05:b7:87:b4:b8:6a:d2:c5:0d:be:2a:13:
f4:2a:05:3b:49:99:57:cc:37:ce:6c:20:e0:01:2f:d9:d7:81:
46:9b:17:53:35:b6:b7:28:76:1b:b1:2f:ed:7c:18:2f:d1:fd:
ac:8b:4b:ca:9b:ad:c1:b7:5e:98:e6:3c:4e:cb:b3:c9:6a:c4:
29:b6:35:c5
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICHJUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTA3MTcw
MzQ4MDNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDk3QUIxQTNEQjA0MkZD
RDEzRDUzRjYwMDRGNzk3MjdBQkQyM0QyMTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTkdp0cCRaP8wqdTqra+Wq1jgb/F9WXNbbnp3GkiswjAA+PquR
RSegtq7iU9nc+hpOt780/QP0q0Bmp2dhFcFnC4uOY0Y69tgRrk8GwvLgHreta3j3
3b3vEco57BCDSX0JFCjYnM1iCV8gnrwhQHHBmu5Oy7q04jmHQzD8+wuR1+J8xOig
CiPUZSBcwlWcDyj9StdGdPWy7Vz0XP64PZp9NLjbdDPlhE+H7GTrmU52H4NVg7lP
qQUnyf2q4bCqTb9DmdnET2SDzWkKo3jp31AuAB5AL9+hRBpuPTdsxO2LJBlEEHC3
XrjPbSoroLADss7k4Oqip20P3Yc1ZP30HMFlAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUl6saPbBC/NE9U/YAT3lyer0j0hMwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2w2c2FQYkJDX05FOVVf
WUFUM2x5ZXIwajBoTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAIt/JAwDQYJKoZIhvcNAQELBQADggEBAELGrIf5zvW5tc1g7YhQvRM+SfHeSXsN
cwJTRAn40o1y5gK+78xvsvIeLxXm6xZFGnqUk2EZ/3m0FLRTcQ3gjzWkJ/IzUg5d
OzjRKndR2H68zcCqz5uqb13irQD5tac+K6POzakicb0b1mB1JoWwoHWP5uNbvC3t
FJ9InKE87QaHdOx1kYLEJNUF4e/z4+6dWtHxv91I0TvuUKbWSu98zDsDV4F8JI5+
1GqyRj5fN00Q/IW/8+qRl0sqDAW3h7S4atLFDb4qE/QqBTtJmVfMN85sIOABL9nX
gUabF1M1trcodhuxL+18GC/R/ayLS8qbrcG3XpjmPE7Ls8lqxCm2NcU=
-----END CERTIFICATE-----
Generated at Thu Jul 24 04:01:51 2025 by rpki-client