Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/nYq9BPjSwZkErY-CzFVC4n3AAyE.roa
File: nYq9BPjSwZkErY-CzFVC4n3AAyE.roa (raw, json)
Hash identifier: gJYrwssUi2W7wrgo7lGMVQVpczvwX1rNz9yeYEDFa8Q=
Subject key identifier: 9D:8A:BD:04:F8:D2:C1:99:04:AD:8F:82:CC:55:42:E2:7D:C0:03:21
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 18F2
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/nYq9BPjSwZkErY-CzFVC4n3AAyE.roa
Signing time: Fri 17 Jan 2025 01:25:51 +0000
ROA not before: Fri 17 Jan 2025 01:25:51 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 24373
IP address blocks: 45.252.32.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6386 (0x18f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jan 17 01:25:51 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=9D8ABD04F8D2C19904AD8F82CC5542E27DC00321
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:fd:40:5f:c6:f5:6d:2c:ee:12:81:0c:3b:07:
cb:19:43:c0:9d:92:0f:f7:79:97:a1:81:a2:11:81:
77:89:70:1b:85:42:ea:ee:f1:bc:14:42:47:07:0d:
ce:fb:7a:bb:45:4e:0d:e0:84:0b:0b:0c:44:b4:59:
67:1b:c2:8f:7c:4b:2e:5e:8c:87:9a:69:5a:c0:9d:
37:a1:d0:0e:f3:2e:b4:ac:7f:d3:fb:f9:4e:dc:c4:
93:10:64:fc:e1:53:7f:51:a9:34:87:9b:79:fd:ea:
ab:06:bf:61:00:34:75:e2:b8:4a:7e:a1:77:ab:42:
b6:75:8d:f9:91:eb:94:f7:2b:a5:c6:c9:70:ad:58:
cf:75:37:5b:7b:c5:7c:4b:9a:d0:98:36:37:1b:8b:
ee:5e:96:80:46:d2:f1:53:b8:5b:14:d7:b7:a1:ad:
70:97:69:0c:2c:89:f8:97:05:6f:a8:82:d4:05:7f:
8a:1f:2b:68:56:fb:e2:80:49:b0:91:bf:4c:d7:3e:
24:dc:76:ac:a2:80:b4:b1:19:b3:eb:94:ad:0d:8f:
4d:9f:4c:09:12:7a:a0:37:4b:79:89:e3:22:c6:ab:
18:5a:6b:61:a2:8c:6a:1c:55:83:76:30:21:bb:50:
a2:da:fe:c0:00:87:4f:4f:66:6b:31:38:6b:19:0a:
5d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:8A:BD:04:F8:D2:C1:99:04:AD:8F:82:CC:55:42:E2:7D:C0:03:21
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/nYq9BPjSwZkErY-CzFVC4n3AAyE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.32.0/22
Signature Algorithm: sha256WithRSAEncryption
00:8a:b7:cb:a8:ec:3b:f8:59:ce:de:a0:d9:e9:41:df:0f:0b:
dc:0e:63:df:a2:ca:4b:34:23:8c:f3:b2:f1:e1:f2:72:d6:9e:
cd:f8:89:5d:b9:72:cb:5a:e6:87:79:77:86:a2:84:63:e9:bc:
13:cc:eb:fd:09:ee:04:b4:c2:be:41:5a:c0:f0:56:f6:63:0c:
2e:e0:6c:27:6a:58:a3:96:7f:06:35:46:e2:4f:7c:75:c1:b0:
55:f6:d7:65:6a:05:e3:be:77:20:37:a9:14:c6:8e:5a:6f:c6:
ab:6a:06:7d:d9:0c:cb:08:7c:ce:e3:5a:85:8f:37:be:b1:36:
f4:82:b1:d9:46:3f:40:c0:d9:26:fc:aa:07:1b:6d:5d:b0:dc:
59:e2:76:8a:e9:eb:23:3e:97:cf:9a:89:e8:bd:40:c6:8c:11:
aa:24:ff:82:13:f5:ed:c6:c4:ac:4c:b0:ac:26:04:a8:a1:55:
c2:e9:2d:c7:a0:47:04:20:07:0c:4c:81:4a:9a:b2:0e:54:58:
19:a9:bd:13:99:32:68:ea:13:b8:e9:d2:6d:3e:27:59:f8:3f:
72:d0:f9:70:fe:a0:1f:62:3f:d6:99:82:65:1a:d1:f0:8b:8b:
33:85:6e:5d:fd:15:f3:2b:ab:1d:18:85:36:5a:2b:76:c2:fa:
9d:a2:92:c6
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICGPIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw
MTI1NTFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDlEOEFCRDA0RjhEMkMx
OTkwNEFEOEY4MkNDNTU0MkUyN0RDMDAzMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJ/UBfxvVtLO4SgQw7B8sZQ8Cdkg/3eZehgaIRgXeJcBuFQuru
8bwUQkcHDc77ertFTg3ghAsLDES0WWcbwo98Sy5ejIeaaVrAnTeh0A7zLrSsf9P7
+U7cxJMQZPzhU39RqTSHm3n96qsGv2EANHXiuEp+oXerQrZ1jfmR65T3K6XGyXCt
WM91N1t7xXxLmtCYNjcbi+5eloBG0vFTuFsU17ehrXCXaQwsifiXBW+ogtQFf4of
K2hW++KASbCRv0zXPiTcdqyigLSxGbPrlK0Nj02fTAkSeqA3S3mJ4yLGqxhaa2Gi
jGocVYN2MCG7UKLa/sAAh09PZmsxOGsZCl3fAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUnYq9BPjSwZkErY+CzFVC4n3AAyEwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L25ZcTlCUGpTd1prRXJZ
LUN6RlZDNG4zQUF5RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAIt/CAwDQYJKoZIhvcNAQELBQADggEBAACKt8uo7Dv4Wc7eoNnpQd8PC9wOY9+i
yks0I4zzsvHh8nLWns34iV25csta5od5d4aihGPpvBPM6/0J7gS0wr5BWsDwVvZj
DC7gbCdqWKOWfwY1RuJPfHXBsFX212VqBeO+dyA3qRTGjlpvxqtqBn3ZDMsIfM7j
WoWPN76xNvSCsdlGP0DA2Sb8qgcbbV2w3Fnidorp6yM+l8+aiei9QMaMEaok/4IT
9e3GxKxMsKwmBKihVcLpLcegRwQgBwxMgUqasg5UWBmpvROZMmjqE7jp0m0+J1n4
P3LQ+XD+oB9iP9aZgmUa0fCLizOFbl39FfMrqx0YhTZaK3bC+p2iksY=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:45:12 2025 by rpki-client