Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/sGOSXaTGjaiX5jte0ZwGkPigJIw.roa
File: sGOSXaTGjaiX5jte0ZwGkPigJIw.roa (raw, json)
Hash identifier: bkJ+D8/jBxPboKZRJKHRW4iMcZIFFv/ykKe1kO05lSE=
Subject key identifier: B0:63:92:5D:A4:C6:8D:A8:97:E6:3B:5E:D1:9C:06:90:F8:A0:24:8C
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 148C
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/sGOSXaTGjaiX5jte0ZwGkPigJIw.roa
Signing time: Wed 11 Sep 2024 02:23:28 +0000
ROA not before: Wed 11 Sep 2024 02:23:28 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 139259
IP address blocks: 45.252.16.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5260 (0x148c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:23:28 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B063925DA4C68DA897E63B5ED19C0690F8A0248C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:19:31:c5:12:ea:73:b7:c4:82:59:80:ff:2a:
c5:e9:d1:02:79:ae:ae:6f:5c:5d:dc:d7:45:cd:3f:
49:95:a3:9c:7f:ea:e1:17:60:a3:b4:06:96:01:2b:
b7:37:7c:0a:34:ee:9d:29:e8:10:9d:f9:a5:1d:23:
44:fa:a1:ba:d7:8f:3a:87:ef:8f:ad:a3:e5:d7:02:
ff:22:05:44:15:d2:64:bf:e2:6a:ba:48:cc:62:62:
1d:6b:bc:c4:a8:68:7a:b3:05:c2:c1:13:3c:83:76:
46:f3:c9:a5:54:50:e6:0c:74:1f:49:f8:91:66:38:
22:a8:ce:06:f9:05:37:50:d1:9b:eb:0b:51:d0:ff:
da:77:b9:fe:e9:41:9e:19:05:c6:b8:cd:31:31:62:
e5:57:49:3c:cc:36:d4:a4:6c:bc:e8:20:58:2b:ed:
1a:89:62:20:77:04:17:a6:38:0c:90:e0:c1:0a:95:
68:31:7b:51:20:bb:ba:a1:2d:92:1b:9a:77:a4:62:
3e:c5:98:73:58:82:4a:4b:e5:4e:a9:a3:a9:6d:67:
25:85:d6:37:74:a5:80:c2:c8:1b:68:10:fb:0c:48:
2e:57:16:ef:14:9a:8a:57:9b:03:cd:89:4a:54:9d:
30:fb:35:4e:2d:e6:f9:73:fd:02:1d:27:b7:86:f8:
28:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:63:92:5D:A4:C6:8D:A8:97:E6:3B:5E:D1:9C:06:90:F8:A0:24:8C
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/sGOSXaTGjaiX5jte0ZwGkPigJIw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.16.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:79:f8:f4:de:b0:b4:71:3e:c9:85:74:11:aa:42:cd:6c:c8:
50:67:67:2b:68:1f:bc:91:da:a4:b1:6f:01:a2:0b:61:bb:59:
9b:b0:fd:20:43:38:3a:2f:ee:17:f8:1e:c7:8d:27:2a:19:aa:
05:dd:72:c7:12:db:82:74:b1:fc:87:4a:19:33:92:da:4d:ef:
65:82:9b:59:08:36:45:37:f9:87:0c:49:c6:11:c5:b0:f3:39:
9e:47:c1:37:f5:43:b8:3c:f2:73:d2:73:3a:bd:2b:5e:6d:f3:
c3:a9:34:44:89:c8:82:1b:88:03:93:df:18:34:05:6f:fb:28:
7f:36:bd:a2:e8:7d:c2:09:ab:1d:3b:df:68:e9:19:ae:b0:5a:
c3:6d:b6:89:5a:68:be:24:62:93:1b:eb:a8:c8:b7:16:a6:ed:
77:a4:e1:23:cf:63:f8:3d:64:8b:01:ab:6b:30:99:c6:3a:ee:
e4:34:5e:2e:6a:32:a8:f6:99:20:b8:a9:1c:69:20:a5:9b:01:
f5:8e:63:ff:a7:25:fd:23:ce:20:29:f1:20:3e:72:18:3e:0c:
6e:7a:4b:d7:58:2a:ba:b9:92:a2:ad:7d:ae:db:0c:28:6a:3e:
a6:99:fd:52:61:2d:8d:ff:0a:38:e7:ae:80:d6:ad:78:89:db:
11:22:ef:2a
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFIwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjIzMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIwNjM5MjVEQTRDNjhE
QTg5N0U2M0I1RUQxOUMwNjkwRjhBMDI0OEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyGTHFEupzt8SCWYD/KsXp0QJ5rq5vXF3c10XNP0mVo5x/6uEX
YKO0BpYBK7c3fAo07p0p6BCd+aUdI0T6obrXjzqH74+to+XXAv8iBUQV0mS/4mq6
SMxiYh1rvMSoaHqzBcLBEzyDdkbzyaVUUOYMdB9J+JFmOCKozgb5BTdQ0ZvrC1HQ
/9p3uf7pQZ4ZBca4zTExYuVXSTzMNtSkbLzoIFgr7RqJYiB3BBemOAyQ4MEKlWgx
e1Egu7qhLZIbmnekYj7FmHNYgkpL5U6po6ltZyWF1jd0pYDCyBtoEPsMSC5XFu8U
mopXmwPNiUpUnTD7NU4t5vlz/QIdJ7eG+CihAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUsGOSXaTGjaiX5jte0ZwGkPigJIwwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3NHT1NYYVRHamFpWDVq
dGUwWndHa1BpZ0pJdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAIt/BAwDQYJKoZIhvcNAQELBQADggEBAFt5+PTesLRxPsmFdBGqQs1syFBnZyto
H7yR2qSxbwGiC2G7WZuw/SBDODov7hf4HseNJyoZqgXdcscS24J0sfyHShkzktpN
72WCm1kINkU3+YcMScYRxbDzOZ5HwTf1Q7g88nPSczq9K15t88OpNESJyIIbiAOT
3xg0BW/7KH82vaLofcIJqx0732jpGa6wWsNttolaaL4kYpMb66jItxam7Xek4SPP
Y/g9ZIsBq2swmcY67uQ0Xi5qMqj2mSC4qRxpIKWbAfWOY/+nJf0jziAp8SA+chg+
DG56S9dYKrq5kqKtfa7bDChqPqaZ/VJhLY3/CjjnroDWrXiJ2xEi7yo=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:33:50 2025 by rpki-client