Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/613/FAYi_kAQGKfkG-QfRcphdvnJotY.roa
File: FAYi_kAQGKfkG-QfRcphdvnJotY.roa (raw, json)
Hash identifier: v+AeNWHIo+HqvMJREtdiEskbwpFGn7yfPK+nv8tT8nk=
Subject key identifier: 14:06:22:FE:40:10:18:A7:E4:1B:E4:1F:45:CA:61:76:F9:C9:A2:D6
Certificate issuer: /CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94
Certificate serial: 0B40
Authority key identifier: 2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/FAYi_kAQGKfkG-QfRcphdvnJotY.roa
Signing time: Mon 29 Aug 2022 12:57:25 +0000
ROA not before: Mon 29 Aug 2022 12:57:25 +0000
ROA not after: Mon 28 Aug 2023 04:15:34 +0000
asID: 996
IP address blocks: 43.254.128.0/22 maxlen: 24
45.126.100.0/22 maxlen: 24
101.49.20.0/22 maxlen: 24
101.49.28.0/22 maxlen: 24
101.49.44.0/22 maxlen: 24
101.49.128.0/19 maxlen: 24
101.49.160.0/19 maxlen: 24
101.49.240.0/20 maxlen: 24
103.73.244.0/22 maxlen: 24
103.73.248.0/22 maxlen: 24
103.203.100.0/22 maxlen: 24
103.236.232.0/22 maxlen: 24
103.249.12.0/22 maxlen: 24
103.249.192.0/22 maxlen: 24
115.31.68.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2880 (0xb40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94
Validity
Not Before: Aug 29 12:57:25 2022 GMT
Not After : Aug 28 04:15:34 2023 GMT
Subject: CN=140622FE401018A7E41BE41F45CA6176F9C9A2D6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2b:9d:07:f3:81:df:5c:e5:56:cd:82:20:3d:
51:37:19:95:53:da:4c:1e:d3:2a:01:6b:8b:29:7e:
05:1b:0f:08:ab:4e:6d:72:a6:1c:82:2b:d3:a2:db:
f3:17:b6:85:29:be:97:da:a1:d0:b5:a3:38:c9:00:
c2:1e:6a:e5:91:86:6d:ea:7d:b3:f1:2a:bb:f9:70:
8b:09:6f:ee:f2:96:7d:71:04:20:ea:88:27:df:6d:
17:af:85:b7:b5:31:04:67:12:ae:55:eb:d7:a9:0e:
4b:b5:84:27:77:41:17:f3:12:e5:c3:2b:42:f5:cd:
7f:5d:06:c1:81:16:27:6f:ee:e5:32:e6:ba:a6:88:
d9:c2:cb:a4:32:46:9b:ca:93:b3:95:fb:e6:09:42:
9a:e6:a6:d5:8f:17:2a:f5:d0:a6:1b:90:4e:75:49:
68:52:5b:f0:c5:4a:29:00:15:e0:92:a2:0e:59:e8:
3e:3c:a6:80:0f:05:68:67:bc:4e:18:03:2d:b3:27:
9f:53:54:89:91:ed:38:a8:de:e7:2f:91:ca:7e:22:
e0:f7:8d:9a:12:55:9c:7b:c1:31:09:c7:9f:eb:01:
63:2e:8a:c2:3c:96:05:73:dd:a9:4c:bf:e1:f3:68:
65:1c:59:65:fb:08:09:9c:cd:3c:49:ac:f5:14:30:
2f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:06:22:FE:40:10:18:A7:E4:1B:E4:1F:45:CA:61:76:F9:C9:A2:D6
X509v3 Authority Key Identifier:
keyid:2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/FAYi_kAQGKfkG-QfRcphdvnJotY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.128.0/22
45.126.100.0/22
101.49.20.0/22
101.49.28.0/22
101.49.44.0/22
101.49.128.0/18
101.49.240.0/20
103.73.244.0-103.73.251.255
103.203.100.0/22
103.236.232.0/22
103.249.12.0/22
103.249.192.0/22
115.31.68.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:25:ff:64:77:95:3a:fa:d6:b3:59:88:2a:12:01:77:ac:4f:
9f:e3:e4:a7:c7:56:c7:a4:33:f2:0f:14:eb:ad:aa:0d:f3:05:
c0:2a:af:e6:e8:95:b4:3f:57:5a:3d:c7:07:57:e4:4b:e3:c6:
52:60:60:c8:96:a3:6f:fa:95:c2:fb:91:f2:3a:cf:e1:9e:c1:
f2:26:90:37:8a:08:e1:d0:fc:df:18:19:48:6c:78:11:9b:f8:
ed:c0:61:7e:33:bd:59:06:a1:43:73:d6:ee:dc:7c:3f:d4:62:
4f:66:c5:56:ff:a9:37:30:dd:24:7d:1c:b3:bc:cd:a1:b4:6b:
da:7c:fe:7b:64:c1:42:b9:0e:d9:74:55:6d:42:aa:a1:18:b3:
7e:60:83:5e:e5:c2:d4:ee:1f:74:31:f8:a7:e0:73:be:29:34:
b1:0e:5a:cf:d8:c1:5d:fc:0d:28:9d:c7:4d:73:59:64:3a:52:
67:c0:95:48:4b:a7:b3:aa:80:3e:c3:52:3d:67:b0:54:32:f6:
c1:b5:d7:5c:56:3b:73:94:6a:17:43:25:9e:68:ad:7e:63:eb:
83:2c:8c:7a:02:6e:b6:45:97:48:9b:40:c3:62:c8:d3:e2:ca:
a2:c5:7f:51:b8:5e:91:f8:8e:c1:61:e8:28:53:5e:a4:89:63:
80:fa:9f:26
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgICC0AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4
M0VCMEUxQ0I3QjRBNzYxN0EwNEFEN0E4MjYyOUQ5OEI5NUI5NDAeFw0yMjA4Mjkx
MjU3MjVaFw0yMzA4MjgwNDE1MzRaMDMxMTAvBgNVBAMTKDE0MDYyMkZFNDAxMDE4
QTdFNDFCRTQxRjQ1Q0E2MTc2RjlDOUEyRDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqK50H84HfXOVWzYIgPVE3GZVT2kwe0yoBa4spfgUbDwirTm1y
phyCK9Oi2/MXtoUpvpfaodC1ozjJAMIeauWRhm3qfbPxKrv5cIsJb+7yln1xBCDq
iCffbRevhbe1MQRnEq5V69epDku1hCd3QRfzEuXDK0L1zX9dBsGBFidv7uUy5rqm
iNnCy6QyRpvKk7OV++YJQprmptWPFyr10KYbkE51SWhSW/DFSikAFeCSog5Z6D48
poAPBWhnvE4YAy2zJ59TVImR7Tio3ucvkcp+IuD3jZoSVZx7wTEJx5/rAWMuisI8
lgVz3alMv+HzaGUcWWX7CAmczTxJrPUUMC8hAgMBAAGjggJBMIICPTAdBgNVHQ4E
FgQUFAYi/kAQGKfkG+QfRcphdvnJotYwHwYDVR0jBBgwFoAULoPrDhy3tKdhegSt
eoJinZi5W5QwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEz
L0xvUHJEaHkzdEtkaGVnU3Rlb0ppblppNVc1US5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvTG9QckRoeTN0S2RoZWdTdGVvSmluWmk1VzVRLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEzL0ZBWWlfa0FRR0tma0ct
UWZSY3BoZHZuSm90WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwbwYIKwYBBQUHAQcBAf8EYDBeMFwEAgABMFYD
BAIr/oADBAItfmQDBAJlMRQDBAJlMRwDBAJlMSwDBAZlMYADBARlMfAwDAMEAmdJ
9AMEAmdJ+AMEAmfLZAMEAmfs6AMEAmf5DAMEAmf5wAMEAnMfRDANBgkqhkiG9w0B
AQsFAAOCAQEAuCX/ZHeVOvrWs1mIKhIBd6xPn+Pkp8dWx6Qz8g8U662qDfMFwCqv
5uiVtD9XWj3HB1fkS+PGUmBgyJajb/qVwvuR8jrP4Z7B8iaQN4oI4dD83xgZSGx4
EZv47cBhfjO9WQahQ3PW7tx8P9RiT2bFVv+pNzDdJH0cs7zNobRr2nz+e2TBQrkO
2XRVbUKqoRizfmCDXuXC1O4fdDH4p+Bzvik0sQ5az9jBXfwNKJ3HTXNZZDpSZ8CV
SEuns6qAPsNSPWewVDL2wbXXXFY7c5RqF0MlnmitfmPrgyyMegJutkWXSJtAw2LI
0+LKosV/UbhekfiOwWHoKFNepIljgPqfJg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:19 2023 by rpki-client on console-ams.rpki-client.org