Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/613/y1xDFjVP51KHyEQn4kStxaulBRA.roa
File: y1xDFjVP51KHyEQn4kStxaulBRA.roa (raw, json)
Hash identifier: E3rXgoOxW2WpB5XpzlQ2FC3G/TbdR7aIUUmXBe+dDUE=
Subject key identifier: CB:5C:43:16:35:4F:E7:52:87:C8:44:27:E2:44:AD:C5:AB:A5:05:10
Certificate issuer: /CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94
Certificate serial: 1BB6
Authority key identifier: 2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/y1xDFjVP51KHyEQn4kStxaulBRA.roa
Signing time: Thu 28 Nov 2024 14:39:20 +0000
ROA not before: Thu 28 Nov 2024 14:39:20 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 2914
IP address blocks: 45.126.100.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7094 (0x1bb6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94
Validity
Not Before: Nov 28 14:39:20 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=CB5C4316354FE75287C84427E244ADC5ABA50510
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c7:42:d1:4d:ce:a5:55:3b:ee:6f:77:17:54:
cd:df:8d:a4:6c:82:de:cf:8f:11:a2:eb:19:0d:22:
a0:bd:73:d3:15:81:15:74:8d:a8:fa:4a:96:b1:60:
85:64:2e:1f:c0:c3:cf:b5:4e:2a:bb:b8:96:6e:cc:
f4:d9:3d:53:06:82:4b:5b:e1:c7:cc:13:bd:65:bd:
40:90:ed:2a:1c:63:a6:84:d6:08:59:b1:e8:1a:29:
4a:cb:52:22:6b:bf:8d:d1:52:e7:5e:00:70:78:c4:
ab:57:cf:e9:14:14:8f:82:d3:ca:8e:75:8f:7a:bd:
27:3a:79:a7:03:9a:29:c2:56:4a:ac:f3:91:7f:47:
65:b6:e6:2c:dc:c1:d3:08:64:49:9d:ef:8c:ed:a2:
c5:b8:41:76:9b:b3:72:c8:bd:5d:0a:10:3b:2d:72:
95:02:fc:06:b2:c8:b4:e9:b8:28:62:41:3c:18:86:
07:3b:6a:d2:f6:76:9d:49:b8:a5:bb:ca:4a:d8:fe:
f5:0b:78:e7:d8:b0:ea:a4:96:91:ad:d7:76:b7:9c:
94:b9:cd:81:e7:2b:e0:28:7c:d9:bc:e3:ff:16:d7:
b5:6d:bb:a7:94:cf:77:c4:9e:46:16:3a:41:39:b6:
b6:05:02:37:d6:2e:20:4e:a6:97:50:19:31:03:f1:
31:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:5C:43:16:35:4F:E7:52:87:C8:44:27:E2:44:AD:C5:AB:A5:05:10
X509v3 Authority Key Identifier:
keyid:2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/y1xDFjVP51KHyEQn4kStxaulBRA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.126.100.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:33:4c:e2:aa:5f:3a:d7:96:5a:17:38:01:a5:a6:9e:1a:49:
be:8d:18:7d:09:ab:5d:0c:3d:3f:22:cc:0d:f8:07:f8:c8:c9:
f6:f7:4a:31:6c:c5:37:80:92:91:b3:09:7d:7d:72:25:e0:63:
ac:42:9e:6d:32:17:61:88:fd:53:0f:3f:b0:39:b3:b0:3e:0b:
b3:a2:58:8b:1e:40:58:9b:af:84:e8:52:2e:17:f2:a7:80:37:
9b:f7:f1:62:2c:6b:90:cd:5f:d8:8d:10:3d:da:67:8f:ea:f3:
31:41:fa:7c:55:5e:c5:ec:d9:02:b2:d0:01:6d:c2:b5:ab:58:
f7:f9:3a:13:a3:39:ee:1c:c5:5c:94:5a:99:b4:c3:e3:f3:df:
dd:1d:95:ea:8b:6a:46:9d:10:c9:cc:82:8e:af:28:8a:77:9f:
b3:33:f2:ab:e1:ee:9d:b3:2e:92:14:e7:f8:cf:a7:f5:4f:e7:
80:04:89:5a:ee:2c:6d:89:4b:f7:1b:fc:90:24:5c:fc:dc:7f:
d4:f8:bc:0c:c2:14:72:c8:52:59:cd:82:be:cd:10:df:c8:e6:
49:6b:e7:4e:ec:2a:59:45:00:35:97:3a:1d:fa:47:3e:d2:ae:
d9:da:6c:d1:f2:e9:d9:a5:50:3c:b5:3f:fd:dd:d8:79:72:15:
17:9c:6c:f5
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICG7YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4
M0VCMEUxQ0I3QjRBNzYxN0EwNEFEN0E4MjYyOUQ5OEI5NUI5NDAeFw0yNDExMjgx
NDM5MjBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKENCNUM0MzE2MzU0RkU3
NTI4N0M4NDQyN0UyNDRBREM1QUJBNTA1MTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5x0LRTc6lVTvub3cXVM3fjaRsgt7PjxGi6xkNIqC9c9MVgRV0
jaj6SpaxYIVkLh/Aw8+1Tiq7uJZuzPTZPVMGgktb4cfME71lvUCQ7SocY6aE1ghZ
segaKUrLUiJrv43RUudeAHB4xKtXz+kUFI+C08qOdY96vSc6eacDminCVkqs85F/
R2W25izcwdMIZEmd74ztosW4QXabs3LIvV0KEDstcpUC/AayyLTpuChiQTwYhgc7
atL2dp1JuKW7ykrY/vULeOfYsOqklpGt13a3nJS5zYHnK+AofNm84/8W17Vtu6eU
z3fEnkYWOkE5trYFAjfWLiBOppdQGTED8THtAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUy1xDFjVP51KHyEQn4kStxaulBRAwHwYDVR0jBBgwFoAULoPrDhy3tKdhegSt
eoJinZi5W5QwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEz
L0xvUHJEaHkzdEtkaGVnU3Rlb0ppblppNVc1US5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvTG9QckRoeTN0S2RoZWdTdGVvSmluWmk1VzVRLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEzL3kxeERGalZQNTFLSHlF
UW40a1N0eGF1bEJSQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAItfmQwDQYJKoZIhvcNAQELBQADggEBAF4zTOKqXzrXlloXOAGlpp4aSb6NGH0J
q10MPT8izA34B/jIyfb3SjFsxTeAkpGzCX19ciXgY6xCnm0yF2GI/VMPP7A5s7A+
C7OiWIseQFibr4ToUi4X8qeAN5v38WIsa5DNX9iNED3aZ4/q8zFB+nxVXsXs2QKy
0AFtwrWrWPf5OhOjOe4cxVyUWpm0w+Pz390dleqLakadEMnMgo6vKIp3n7Mz8qvh
7p2zLpIU5/jPp/VP54AEiVruLG2JS/cb/JAkXPzcf9T4vAzCFHLIUlnNgr7NEN/I
5klr507sKllFADWXOh36Rz7SrtnabNHy6dmlUDy1P/3d2HlyFRecbPU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:24:41 2025 by rpki-client