Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/yCeqnaIST1aP1FxkEweFhwFuQuk.roa
File: yCeqnaIST1aP1FxkEweFhwFuQuk.roa (raw, json)
Hash identifier: d1E6z0w+3sMWgR5vr3tr6y6ZjcyoJf77hhKPcbdCnq4=
Subject key identifier: C8:27:AA:9D:A2:12:4F:56:8F:D4:5C:64:13:07:85:87:01:6E:42:E9
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 0CDE
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/yCeqnaIST1aP1FxkEweFhwFuQuk.roa
Signing time: Wed 13 Mar 2024 01:21:58 +0000
ROA not before: Wed 13 Mar 2024 01:21:58 +0000
ROA not after: Fri 07 Jun 2024 02:16:11 +0000
asID: 139259
IP address blocks: 45.252.8.0/22 maxlen: 24
45.252.12.0/22 maxlen: 24
45.252.16.0/22 maxlen: 24
45.252.20.0/22 maxlen: 24
45.252.24.0/22 maxlen: 24
45.252.28.0/22 maxlen: 24
45.252.32.0/22 maxlen: 24
45.252.36.0/22 maxlen: 24
45.252.40.0/22 maxlen: 24
45.252.44.0/22 maxlen: 24
45.252.48.0/22 maxlen: 24
45.252.100.0/22 maxlen: 24
45.252.144.0/22 maxlen: 24
103.6.108.0/24 maxlen: 24
103.220.248.0/22 maxlen: 24
103.220.252.0/22 maxlen: 24
103.221.0.0/22 maxlen: 24
103.221.4.0/22 maxlen: 24
103.221.8.0/22 maxlen: 24
103.221.12.0/22 maxlen: 24
103.221.16.0/22 maxlen: 24
103.221.20.0/22 maxlen: 24
103.221.24.0/22 maxlen: 24
103.221.28.0/22 maxlen: 24
103.221.32.0/22 maxlen: 24
103.221.36.0/22 maxlen: 24
103.221.40.0/22 maxlen: 24
103.221.44.0/22 maxlen: 24
103.221.48.0/22 maxlen: 24
103.221.92.0/22 maxlen: 24
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3294 (0xcde)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Mar 13 01:21:58 2024 GMT
Not After : Jun 7 02:16:11 2024 GMT
Subject: CN=C827AA9DA2124F568FD45C6413078587016E42E9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d7:53:ee:0f:3f:2e:2e:ba:9a:97:84:c5:6d:
e0:22:db:cf:02:3b:ef:7b:8b:c2:6c:3d:ec:8a:c9:
27:64:d0:e7:1f:46:2c:c7:f0:3d:f3:4e:97:70:7e:
79:48:5b:bb:90:cd:74:36:33:69:b8:c6:24:41:1c:
53:11:97:45:65:ca:a5:8a:f1:2c:fa:46:88:09:7c:
b7:9c:39:e0:60:78:19:54:db:66:ba:2e:b3:7e:f6:
d6:72:e6:69:ba:f3:94:61:88:6e:e6:0a:03:02:e9:
a8:27:57:a8:a2:09:f2:32:ac:e9:83:8d:cd:65:90:
81:89:83:70:37:85:32:dd:0f:5c:31:ea:79:e8:37:
b5:a0:07:4d:48:30:14:b5:2b:48:a6:48:0f:06:a3:
9a:41:c0:83:21:ac:8d:23:7e:38:8d:70:fc:8f:a9:
90:34:33:30:a2:81:4a:f8:85:c9:0a:1f:19:e4:60:
6b:aa:e7:be:07:51:74:61:54:56:b0:b0:36:d2:c7:
3c:70:ca:92:3a:51:6d:c4:02:66:13:12:f2:fd:fa:
f5:a0:6a:4a:77:0b:b5:7c:38:d8:7f:48:79:e7:6d:
d6:e2:22:52:e5:6c:61:9e:5e:71:34:66:a1:8a:c0:
a9:a4:7e:a4:90:d2:64:92:24:9a:4f:b1:07:23:82:
97:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:27:AA:9D:A2:12:4F:56:8F:D4:5C:64:13:07:85:87:01:6E:42:E9
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/yCeqnaIST1aP1FxkEweFhwFuQuk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.8.0-45.252.51.255
45.252.100.0/22
45.252.144.0/22
103.6.108.0/24
103.220.248.0-103.221.51.255
103.221.92.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:ea:2a:dc:b9:b3:77:f3:bc:ce:bb:5c:21:b3:5c:54:31:7b:
11:be:79:cb:50:32:2e:69:da:e1:06:38:dc:40:63:05:24:ff:
62:4b:79:b5:bf:da:26:40:35:b3:bf:62:04:09:30:6a:0e:52:
ee:9c:39:b8:74:5b:46:65:92:c6:eb:25:96:39:de:c3:60:ba:
f8:96:46:b7:bf:0a:ff:53:0b:6c:41:ac:23:1c:f6:4d:54:f8:
32:d9:49:71:78:36:92:b9:60:01:f0:48:99:1a:62:83:68:b0:
e6:f8:99:88:77:88:e3:de:1e:9a:d9:f2:33:93:32:ad:f7:59:
ed:36:e3:8f:f2:fd:83:b8:2c:9e:23:e4:41:c2:8a:a4:a3:5c:
5e:4e:5b:73:c4:89:0b:e5:18:55:ad:24:64:3b:e1:74:90:0d:
fc:d6:4c:74:bc:a5:32:29:dc:31:34:3d:7e:fb:5b:90:36:8c:
63:20:8a:37:f7:5d:fa:3c:24:3f:cc:4c:90:f0:f6:c9:74:c3:
d5:bf:31:bc:81:5a:ed:98:a5:fc:2e:28:bd:6a:8e:1f:02:6a:
cd:ef:c3:05:19:97:1d:ac:7b:3b:ce:ae:e7:4e:87:8a:08:b8:
a9:4e:21:f6:ce:04:c1:c0:6a:8d:95:10:a6:b2:54:0c:cf:68:
d0:f2:97:9d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgICDN4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDAzMTMw
MTIxNThaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKEM4MjdBQTlEQTIxMjRG
NTY4RkQ0NUM2NDEzMDc4NTg3MDE2RTQyRTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDD11PuDz8uLrqal4TFbeAi288CO+97i8JsPeyKySdk0OcfRizH
8D3zTpdwfnlIW7uQzXQ2M2m4xiRBHFMRl0VlyqWK8Sz6RogJfLecOeBgeBlU22a6
LrN+9tZy5mm685RhiG7mCgMC6agnV6iiCfIyrOmDjc1lkIGJg3A3hTLdD1wx6nno
N7WgB01IMBS1K0imSA8Go5pBwIMhrI0jfjiNcPyPqZA0MzCigUr4hckKHxnkYGuq
574HUXRhVFawsDbSxzxwypI6UW3EAmYTEvL9+vWgakp3C7V8ONh/SHnnbdbiIlLl
bGGeXnE0ZqGKwKmkfqSQ0mSSJJpPsQcjgpc3AgMBAAGjggIfMIICGzAdBgNVHQ4E
FgQUyCeqnaIST1aP1FxkEweFhwFuQukwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3lDZXFuYUlTVDFhUDFG
eGtFd2VGaHdGdVF1ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwTQYIKwYBBQUHAQcBAf8EPjA8MDoEAgABMDQw
DAMEAy38CAMEAi38MAMEAi38ZAMEAi38kAMEAGcGbDAMAwQDZ9z4AwQCZ90wAwQC
Z91cMA0GCSqGSIb3DQEBCwUAA4IBAQCp6ircubN387zOu1whs1xUMXsRvnnLUDIu
adrhBjjcQGMFJP9iS3m1v9omQDWzv2IECTBqDlLunDm4dFtGZZLG6yWWOd7DYLr4
lka3vwr/UwtsQawjHPZNVPgy2UlxeDaSuWAB8EiZGmKDaLDm+JmId4jj3h6a2fIz
kzKt91ntNuOP8v2DuCyeI+RBwoqko1xeTltzxIkL5RhVrSRkO+F0kA381kx0vKUy
KdwxND1++1uQNoxjIIo39136PCQ/zEyQ8PbJdMPVvzG8gVrtmKX8Lii9ao4fAmrN
78MFGZcdrHs7zq7nToeKCLipTiH2zgTBwGqNlRCmslQMz2jQ8ped
-----END CERTIFICATE-----
Generated at Fri Jun 7 04:05:12 2024 by rpki-client on console-ams.rpki-client.org