Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/L9QfjWAUgHXPN4RiUoG00jvmZDA.roa
File: L9QfjWAUgHXPN4RiUoG00jvmZDA.roa (raw, json)
Hash identifier: vLOroiR5rCTnnWB0PXZ83z+GFk0vfpAlRYZXbQIYSkk=
Subject key identifier: 2F:D4:1F:8D:60:14:80:75:CF:37:84:62:52:81:B4:D2:3B:E6:64:30
Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Certificate serial: 141B
Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/L9QfjWAUgHXPN4RiUoG00jvmZDA.roa
Signing time: Fri 19 May 2023 05:54:08 +0000
ROA not before: Fri 19 May 2023 05:54:08 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 45839
IP address blocks: 223.29.252.0/24 maxlen: 24
223.29.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5147 (0x141b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Validity
Not Before: May 19 05:54:08 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=2FD41F8D60148075CF3784625281B4D23BE66430
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:32:c9:55:3f:b8:ff:cc:f7:62:8f:e6:c3:53:
00:9b:89:2f:45:4e:56:f7:e9:ba:21:ef:94:72:e1:
36:40:fe:35:ce:79:e3:f5:70:02:41:1b:16:9c:7f:
8b:a6:45:b7:d8:42:14:25:5b:49:cf:fc:1b:c2:b0:
de:a5:a4:ca:f4:de:77:86:4b:72:f3:19:5d:cc:e1:
ed:cd:50:d4:a3:98:e0:b7:dd:4f:1a:77:57:75:b4:
a1:c2:21:1f:46:45:70:05:50:38:bb:34:d5:55:16:
bc:b9:c1:c2:6b:d4:96:84:cd:6f:4a:66:ad:52:aa:
f8:07:40:e5:22:f8:8a:64:c9:43:2c:0b:e4:a6:ac:
d2:7d:5f:b8:72:e5:bb:2a:86:78:77:ca:e2:f7:8a:
ed:25:2c:a5:ea:e6:a1:d3:46:38:ec:57:e6:13:c3:
ea:7f:ae:88:5a:5a:27:77:cc:b1:a5:59:ad:dd:29:
68:a7:b9:25:a7:de:d4:0d:71:03:93:88:97:57:e0:
b9:92:b3:ab:71:37:a7:b1:cc:0d:ee:55:ea:09:d7:
e9:8e:0a:da:28:52:e5:a4:fb:d2:55:e4:72:05:9d:
db:7d:b4:4d:81:8c:a7:3e:a8:25:ba:a1:bf:2e:ff:
2e:7e:3b:2b:fa:19:6f:f9:88:36:e3:be:f4:7f:da:
77:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:D4:1F:8D:60:14:80:75:CF:37:84:62:52:81:B4:D2:3B:E6:64:30
X509v3 Authority Key Identifier:
keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/L9QfjWAUgHXPN4RiUoG00jvmZDA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.29.252.0/24
223.29.255.0/24
Signature Algorithm: sha256WithRSAEncryption
08:64:a3:65:95:b2:65:b5:e3:c9:bb:8b:b6:13:33:eb:a3:52:
f8:d8:15:a4:10:4a:a9:72:b9:d7:af:a7:01:0c:2f:76:77:93:
c1:41:9b:6c:89:5a:54:7f:9d:e3:81:d2:a3:3f:92:5d:73:93:
bf:09:29:04:d0:83:f6:f3:02:a4:31:3f:83:09:53:04:d7:0e:
9b:0f:24:a2:ae:94:20:3b:61:6c:f6:f3:73:df:16:af:54:3d:
4c:f0:e4:4e:58:a4:20:a7:68:f4:7e:2c:3d:ec:0f:05:2a:46:
d0:54:9c:ec:59:36:54:9b:31:92:1e:99:a9:7f:4c:6f:05:08:
ca:a7:1d:51:5f:1c:a1:8d:98:37:29:66:d4:96:fd:2a:10:17:
c5:d4:72:a5:f8:bf:25:fe:88:bb:37:9c:6f:96:7c:81:dc:8f:
85:9b:11:69:35:b0:3a:5e:99:9c:0f:8f:f4:f0:be:d6:a1:31:
d4:2d:d6:4c:e7:09:3c:e8:8d:56:d0:69:a5:8f:9e:d1:46:41:
b3:84:8b:a8:c5:8e:b6:41:01:80:e9:e9:4a:31:a5:cf:04:4d:
09:a1:e0:18:9b:cf:7d:35:3a:62:8e:70:c7:c5:3c:c5:7e:06:
85:0a:05:51:02:b9:f2:6a:fe:b3:0c:99:17:8f:fe:16:2b:c2:
4a:95:64:3f
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgICFBswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx
MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yMzA1MTkw
NTU0MDhaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDJGRDQxRjhENjAxNDgw
NzVDRjM3ODQ2MjUyODFCNEQyM0JFNjY0MzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDoMslVP7j/zPdij+bDUwCbiS9FTlb36boh75Ry4TZA/jXOeeP1
cAJBGxacf4umRbfYQhQlW0nP/BvCsN6lpMr03neGS3LzGV3M4e3NUNSjmOC33U8a
d1d1tKHCIR9GRXAFUDi7NNVVFry5wcJr1JaEzW9KZq1SqvgHQOUi+IpkyUMsC+Sm
rNJ9X7hy5bsqhnh3yuL3iu0lLKXq5qHTRjjsV+YTw+p/rohaWid3zLGlWa3dKWin
uSWn3tQNcQOTiJdX4LmSs6txN6exzA3uVeoJ1+mOCtooUuWk+9JV5HIFndt9tE2B
jKc+qCW6ob8u/y5+Oyv6GW/5iDbjvvR/2nf9AgMBAAGjggH5MIIB9TAdBgNVHQ4E
FgQUL9QfjWAUgHXPN4RiUoG00jvmZDAwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk
yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx
MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvTDlRZmpXQVVnSFhQ
TjRSaVVvRzAwanZtWkRBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw
DAMEAN8d/AMEAN8d/zANBgkqhkiG9w0BAQsFAAOCAQEACGSjZZWyZbXjybuLthMz
66NS+NgVpBBKqXK516+nAQwvdneTwUGbbIlaVH+d44HSoz+SXXOTvwkpBNCD9vMC
pDE/gwlTBNcOmw8koq6UIDthbPbzc98Wr1Q9TPDkTlikIKdo9H4sPewPBSpG0FSc
7Fk2VJsxkh6ZqX9MbwUIyqcdUV8coY2YNylm1Jb9KhAXxdRypfi/Jf6Iuzecb5Z8
gdyPhZsRaTWwOl6ZnA+P9PC+1qEx1C3WTOcJPOiNVtBppY+e0UZBs4SLqMWOtkEB
gOnpSjGlzwRNCaHgGJvPfTU6Yo5wx8U8xX4GhQoFUQK58mr+swyZF4/+FivCSpVk
Pw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:57 2024 by rpki-client on console-fra.rpki-client.org