Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/613/DkebV0ASXZaR3aW9yyCJYYUDNy8.roa
File: DkebV0ASXZaR3aW9yyCJYYUDNy8.roa (raw, json)
Hash identifier: jFLiyq08bXK+tuXzIndqRfbWJVlgYYobQlPa3kij7ZU=
Subject key identifier: 0E:47:9B:57:40:12:5D:96:91:DD:A5:BD:CB:20:89:61:85:03:37:2F
Certificate issuer: /CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94
Certificate serial: 1847
Authority key identifier: 2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/DkebV0ASXZaR3aW9yyCJYYUDNy8.roa
Signing time: Mon 10 Jun 2024 09:04:22 +0000
ROA not before: Mon 10 Jun 2024 09:04:22 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 2914
IP address blocks: 43.254.128.0/22 maxlen: 24
45.126.100.0/22 maxlen: 24
103.73.244.0/22 maxlen: 24
103.73.248.0/22 maxlen: 24
103.203.100.0/22 maxlen: 24
103.236.232.0/22 maxlen: 24
103.249.12.0/22 maxlen: 24
103.249.192.0/22 maxlen: 24
115.31.68.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6215 (0x1847)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94
Validity
Not Before: Jun 10 09:04:22 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0E479B5740125D9691DDA5BDCB2089618503372F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:40:6e:3f:35:04:ce:a9:78:af:d3:b8:21:db:
8e:f8:8c:65:f8:e3:1c:e8:73:da:4f:78:35:b6:74:
f3:1d:a0:3c:d9:69:f2:79:bb:3b:1d:b1:b9:d9:b1:
cb:71:11:a5:90:86:e6:3e:7b:c5:8c:6f:e1:76:6e:
f8:a1:9b:38:1f:3f:53:4b:15:bd:6d:62:72:c8:39:
b5:4e:5e:61:5d:5b:5d:ba:a3:82:eb:63:1a:9b:89:
2e:0e:8f:d1:b2:ac:e9:bd:78:38:c4:56:56:94:cd:
47:19:1b:fe:13:45:02:0a:78:94:4f:26:29:fc:0a:
b5:9e:2b:22:c1:08:3b:6e:39:46:47:44:f9:9d:e9:
ed:17:f1:86:e3:6c:23:7f:79:f4:33:88:a1:52:5e:
22:3c:9b:4a:03:18:48:d3:eb:a9:76:69:cc:d3:7e:
ff:bb:95:85:28:3c:33:02:e5:e4:57:f7:98:0a:76:
c4:7a:d1:46:0f:84:cb:89:98:a1:f9:45:df:59:de:
73:fc:12:d8:fa:0c:aa:92:52:29:7d:1e:63:5d:3e:
fe:70:0d:e7:7f:fc:67:90:d4:52:75:c9:88:29:ae:
62:5c:28:f5:9e:f4:57:10:e4:02:60:3a:16:04:2b:
61:41:cc:d7:10:bf:f0:93:cd:c9:02:2a:09:b4:4a:
31:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:47:9B:57:40:12:5D:96:91:DD:A5:BD:CB:20:89:61:85:03:37:2F
X509v3 Authority Key Identifier:
keyid:2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/DkebV0ASXZaR3aW9yyCJYYUDNy8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.128.0/22
45.126.100.0/22
103.73.244.0-103.73.251.255
103.203.100.0/22
103.236.232.0/22
103.249.12.0/22
103.249.192.0/22
115.31.68.0/22
Signature Algorithm: sha256WithRSAEncryption
41:f0:a0:d5:b7:19:87:d0:fd:cd:b7:ca:e7:4d:d3:78:a5:d4:
a8:a8:36:a4:d1:96:67:c2:fd:af:ca:93:58:1c:aa:fd:1d:13:
0a:c8:e9:34:e4:77:cd:93:e9:5d:75:c1:65:bf:41:29:a7:aa:
5b:3f:a4:e4:3c:b1:77:12:ff:a5:1f:66:2b:51:f3:fd:6a:3e:
48:d0:7a:ed:d2:b3:e9:47:3c:d3:18:c8:e5:75:c2:37:00:b8:
bd:71:38:6a:ff:88:8f:fe:bb:33:19:59:54:6e:fb:fe:bf:6a:
2d:7a:e8:31:29:58:47:ae:9f:41:c6:61:fc:94:8e:6d:19:c6:
32:32:50:c8:9e:83:bf:ee:c8:13:15:91:08:be:ff:b9:2e:4b:
95:67:6b:f1:85:8c:7a:38:55:d8:ef:a5:f3:9c:85:b0:56:1c:
99:bd:cb:89:e0:2b:b5:3e:8b:07:f0:a5:51:1e:83:fe:19:35:
80:2c:fa:5d:5a:e9:d7:24:7d:84:97:17:d0:26:a2:a0:7d:40:
66:e6:58:86:a6:0c:9e:4e:b6:fe:e7:52:27:75:ab:e2:a8:f3:
d2:81:f0:0c:7a:06:ac:1c:f3:15:df:81:33:69:37:66:85:db:
4b:25:1d:1b:bf:b4:2d:c6:e7:3e:ef:85:74:0d:9e:53:67:84:
20:76:ff:3e
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgICGEcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4
M0VCMEUxQ0I3QjRBNzYxN0EwNEFEN0E4MjYyOUQ5OEI5NUI5NDAeFw0yNDA2MTAw
OTA0MjJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBFNDc5QjU3NDAxMjVE
OTY5MUREQTVCRENCMjA4OTYxODUwMzM3MkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsQG4/NQTOqXiv07gh2474jGX44xzoc9pPeDW2dPMdoDzZafJ5
uzsdsbnZsctxEaWQhuY+e8WMb+F2bvihmzgfP1NLFb1tYnLIObVOXmFdW126o4Lr
YxqbiS4Oj9GyrOm9eDjEVlaUzUcZG/4TRQIKeJRPJin8CrWeKyLBCDtuOUZHRPmd
6e0X8YbjbCN/efQziKFSXiI8m0oDGEjT66l2aczTfv+7lYUoPDMC5eRX95gKdsR6
0UYPhMuJmKH5Rd9Z3nP8Etj6DKqSUil9HmNdPv5wDed//GeQ1FJ1yYgprmJcKPWe
9FcQ5AJgOhYEK2FBzNcQv/CTzckCKgm0SjFvAgMBAAGjggIjMIICHzAdBgNVHQ4E
FgQUDkebV0ASXZaR3aW9yyCJYYUDNy8wHwYDVR0jBBgwFoAULoPrDhy3tKdhegSt
eoJinZi5W5QwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEz
L0xvUHJEaHkzdEtkaGVnU3Rlb0ppblppNVc1US5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvTG9QckRoeTN0S2RoZWdTdGVvSmluWmk1VzVRLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEzL0RrZWJWMEFTWFphUjNh
Vzl5eUNKWVlVRE55OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwUQYIKwYBBQUHAQcBAf8EQjBAMD4EAgABMDgD
BAIr/oADBAItfmQwDAMEAmdJ9AMEAmdJ+AMEAmfLZAMEAmfs6AMEAmf5DAMEAmf5
wAMEAnMfRDANBgkqhkiG9w0BAQsFAAOCAQEAQfCg1bcZh9D9zbfK503TeKXUqKg2
pNGWZ8L9r8qTWByq/R0TCsjpNOR3zZPpXXXBZb9BKaeqWz+k5DyxdxL/pR9mK1Hz
/Wo+SNB67dKz6Uc80xjI5XXCNwC4vXE4av+Ij/67MxlZVG77/r9qLXroMSlYR66f
QcZh/JSObRnGMjJQyJ6Dv+7IExWRCL7/uS5LlWdr8YWMejhV2O+l85yFsFYcmb3L
ieArtT6LB/ClUR6D/hk1gCz6XVrp1yR9hJcX0CaioH1AZuZYhqYMnk62/udSJ3Wr
4qjz0oHwDHoGrBzzFd+BM2k3ZoXbSyUdG7+0LcbnPu+FdA2eU2eEIHb/Pg==
-----END CERTIFICATE-----
Generated at Wed Jun 12 14:31:33 2024 by rpki-client on console-ams.rpki-client.org