Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/nKDrGk5EuV-C34mIUk0N41qN84U.roa
File: nKDrGk5EuV-C34mIUk0N41qN84U.roa (raw, json)
Hash identifier: CjBy5+2dBF5YIMTSw8pR5jUMZsubE7bqn3ICeVSK4as=
Subject key identifier: 9C:A0:EB:1A:4E:44:B9:5F:82:DF:89:88:52:4D:0D:E3:5A:8D:F3:85
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 0CDD
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/nKDrGk5EuV-C34mIUk0N41qN84U.roa
Signing time: Wed 13 Mar 2024 01:21:58 +0000
ROA not before: Wed 13 Mar 2024 01:21:58 +0000
ROA not after: Fri 07 Jun 2024 02:16:11 +0000
asID: 24373
IP address blocks: 45.252.8.0/22 maxlen: 24
45.252.12.0/22 maxlen: 24
45.252.16.0/22 maxlen: 24
45.252.20.0/22 maxlen: 24
45.252.24.0/22 maxlen: 24
45.252.28.0/22 maxlen: 24
45.252.32.0/22 maxlen: 24
45.252.36.0/22 maxlen: 24
45.252.40.0/22 maxlen: 24
45.252.44.0/22 maxlen: 24
45.252.48.0/22 maxlen: 24
45.252.100.0/22 maxlen: 24
45.252.144.0/22 maxlen: 24
103.220.248.0/22 maxlen: 24
103.220.252.0/22 maxlen: 24
103.221.0.0/22 maxlen: 24
103.221.4.0/22 maxlen: 24
103.221.8.0/22 maxlen: 24
103.221.12.0/22 maxlen: 24
103.221.16.0/22 maxlen: 24
103.221.20.0/22 maxlen: 24
103.221.24.0/22 maxlen: 24
103.221.28.0/22 maxlen: 24
103.221.32.0/22 maxlen: 24
103.221.36.0/22 maxlen: 24
103.221.40.0/22 maxlen: 24
103.221.44.0/22 maxlen: 24
103.221.48.0/22 maxlen: 24
103.221.92.0/22 maxlen: 24
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3293 (0xcdd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Mar 13 01:21:58 2024 GMT
Not After : Jun 7 02:16:11 2024 GMT
Subject: CN=9CA0EB1A4E44B95F82DF8988524D0DE35A8DF385
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:bf:a8:e2:a3:3d:1d:5e:c2:8f:86:72:ce:14:
16:54:d2:0f:8c:e8:f1:a0:84:24:4f:83:31:e0:19:
06:0b:3f:c1:f6:77:a2:e4:2b:4b:ca:fe:14:d6:b5:
1c:7e:56:11:b0:40:0d:1b:f8:b7:7d:23:15:07:d6:
c0:02:4f:c7:f6:67:01:a8:8b:85:26:43:14:2e:23:
0c:6f:d9:3b:66:5f:eb:51:a3:e9:b0:13:6a:7c:8d:
89:d5:00:f5:f9:53:21:1a:a1:51:c1:41:c3:c0:3c:
ee:1f:5e:35:9f:8e:dc:15:ac:81:fe:45:82:ef:6e:
56:99:b5:be:c8:31:fc:29:0b:af:fc:aa:a2:ab:ce:
71:d3:46:05:9b:dc:a2:94:dd:ff:89:14:5d:f8:22:
dc:f4:56:35:1a:cc:ed:c4:05:6f:58:a2:5d:24:d6:
8d:8f:a5:39:0c:c1:53:45:4a:29:b8:37:60:68:1b:
30:77:71:72:8e:47:4e:73:0c:f3:c3:a1:29:b0:69:
05:c9:43:fc:52:e8:0a:35:91:93:5f:0a:24:e5:7a:
71:e1:db:59:8f:b7:cd:c1:0d:e9:5a:d9:71:64:ac:
34:38:33:c8:8c:e1:d9:e7:bc:76:90:b8:a6:2f:14:
ef:7d:b0:47:e7:08:dd:56:a2:86:0a:13:9f:03:c1:
8a:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:A0:EB:1A:4E:44:B9:5F:82:DF:89:88:52:4D:0D:E3:5A:8D:F3:85
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/nKDrGk5EuV-C34mIUk0N41qN84U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.8.0-45.252.51.255
45.252.100.0/22
45.252.144.0/22
103.220.248.0-103.221.51.255
103.221.92.0/22
Signature Algorithm: sha256WithRSAEncryption
b3:15:5b:98:cb:f7:d6:36:b3:51:c1:11:49:80:ff:c3:d4:d2:
35:90:f0:1b:78:6e:9e:de:64:fe:26:26:4e:38:5a:2d:8d:74:
d6:1f:06:ca:e1:3f:16:1f:48:1d:dd:da:51:6e:87:28:8d:8f:
44:c1:bb:25:41:b5:40:a3:d3:88:eb:fb:1c:90:e6:ff:d3:4f:
d5:00:56:94:f7:e1:ca:f5:3f:45:a6:1b:a9:4c:c2:f3:17:69:
30:e6:ff:c5:2a:67:5e:a3:01:5e:a4:d3:1c:7b:8e:c6:c7:de:
9c:bb:a8:f8:41:6d:e6:c6:ab:18:f2:53:bb:40:ce:52:b8:3f:
d2:8e:00:65:8a:26:12:3c:bc:bd:78:4a:ce:0c:4e:32:ef:e8:
6b:e7:d8:ea:b8:91:11:aa:71:cd:f5:b2:cc:5f:63:ef:9e:fd:
ed:fa:e0:15:ae:2e:59:f4:27:f9:6b:dc:86:5f:29:38:a7:d6:
aa:9e:48:fa:a0:af:74:82:15:ff:be:f1:8d:ad:8f:04:15:cf:
04:46:c0:c6:04:9c:0d:23:85:0e:7b:1c:31:82:ca:56:7d:8d:
6b:f0:e3:ce:40:7d:31:7b:84:3a:bb:b1:54:69:fe:05:43:ad:
62:7d:69:3b:42:59:7d:27:6a:6e:2b:7d:60:1a:f3:30:e9:43:
a1:cb:c1:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgICDN0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDAzMTMw
MTIxNThaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKDlDQTBFQjFBNEU0NEI5
NUY4MkRGODk4ODUyNEQwREUzNUE4REYzODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvv6jioz0dXsKPhnLOFBZU0g+M6PGghCRPgzHgGQYLP8H2d6Lk
K0vK/hTWtRx+VhGwQA0b+Ld9IxUH1sACT8f2ZwGoi4UmQxQuIwxv2TtmX+tRo+mw
E2p8jYnVAPX5UyEaoVHBQcPAPO4fXjWfjtwVrIH+RYLvblaZtb7IMfwpC6/8qqKr
znHTRgWb3KKU3f+JFF34Itz0VjUazO3EBW9Yol0k1o2PpTkMwVNFSim4N2BoGzB3
cXKOR05zDPPDoSmwaQXJQ/xS6Ao1kZNfCiTlenHh21mPt83BDela2XFkrDQ4M8iM
4dnnvHaQuKYvFO99sEfnCN1WooYKE58DwYr5AgMBAAGjggIZMIICFTAdBgNVHQ4E
FgQUnKDrGk5EuV+C34mIUk0N41qN84UwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L25LRHJHazVFdVYtQzM0
bUlVazBONDFxTjg0VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwRwYIKwYBBQUHAQcBAf8EODA2MDQEAgABMC4w
DAMEAy38CAMEAi38MAMEAi38ZAMEAi38kDAMAwQDZ9z4AwQCZ90wAwQCZ91cMA0G
CSqGSIb3DQEBCwUAA4IBAQCzFVuYy/fWNrNRwRFJgP/D1NI1kPAbeG6e3mT+JiZO
OFotjXTWHwbK4T8WH0gd3dpRbocojY9EwbslQbVAo9OI6/sckOb/00/VAFaU9+HK
9T9FphupTMLzF2kw5v/FKmdeowFepNMce47Gx96cu6j4QW3mxqsY8lO7QM5SuD/S
jgBliiYSPLy9eErODE4y7+hr59jquJERqnHN9bLMX2Pvnv3t+uAVri5Z9Cf5a9yG
Xyk4p9aqnkj6oK90ghX/vvGNrY8EFc8ERsDGBJwNI4UOexwxgspWfY1r8OPOQH0x
e4Q6u7FUaf4FQ61ifWk7Qll9J2puK31gGvMw6UOhy8Gb
-----END CERTIFICATE-----
Generated at Fri Jun 7 03:29:12 2024 by rpki-client on console-fra.rpki-client.org