Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/cdKB-PXPilfXMZleLPOEhz3dL2I.roa
File: cdKB-PXPilfXMZleLPOEhz3dL2I.roa (raw, json)
Hash identifier: icU/P92rtg/X3udchoIT3GvLePhnARHsXIIXymAWZfo=
Subject key identifier: 71:D2:81:F8:F5:CF:8A:57:D7:31:99:5E:2C:F3:84:87:3D:DD:2F:62
Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Certificate serial: 1422
Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/cdKB-PXPilfXMZleLPOEhz3dL2I.roa
Signing time: Fri 19 May 2023 05:54:10 +0000
ROA not before: Fri 19 May 2023 05:54:10 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 61317
IP address blocks: 49.128.4.0/22 maxlen: 24
103.244.116.0/22 maxlen: 24
223.29.252.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5154 (0x1422)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267
Validity
Not Before: May 19 05:54:10 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=71D281F8F5CF8A57D731995E2CF384873DDD2F62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:55:c9:4d:3b:bc:ef:10:43:19:90:7c:44:00:
ae:a3:a0:76:f8:34:cd:c1:43:69:ca:d2:ca:75:e5:
3f:ad:81:10:c6:4a:ca:15:80:f0:b5:4c:c7:d2:6f:
a4:ee:6d:3e:dc:a8:fc:ae:af:6f:0c:29:a6:17:c9:
c7:5e:8b:09:c3:ed:6e:d6:a8:59:9a:73:3b:fc:0f:
6b:5e:43:90:3d:b5:a5:9b:16:ab:09:46:74:1c:c0:
82:99:38:aa:bf:ec:66:1d:8f:c1:40:03:04:55:69:
88:38:b0:e9:16:3c:73:9a:11:ff:6f:e3:1c:3c:11:
53:61:2c:9c:1a:4a:9f:e6:ac:ad:a5:13:c9:1e:51:
4f:0f:f8:9c:11:be:e9:04:e8:05:61:3c:2d:41:45:
4d:93:ad:1c:5b:65:77:ca:bd:bc:f5:f2:5f:46:2a:
7a:ac:7e:f0:14:f5:59:5d:af:d7:aa:58:d2:3d:ae:
72:9e:1f:8d:97:00:7e:1f:4e:ac:d2:de:5f:e6:8d:
77:26:f4:06:17:fc:51:25:fb:a3:b7:67:7d:b2:d6:
87:8f:57:82:6e:0e:74:0a:1d:de:df:48:47:1f:b3:
f3:46:5c:2c:eb:e8:d5:4e:79:b7:dc:c4:37:2e:d3:
0e:04:29:f6:c9:c3:1b:7d:16:39:43:de:fa:f6:84:
d9:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:D2:81:F8:F5:CF:8A:57:D7:31:99:5E:2C:F3:84:87:3D:DD:2F:62
X509v3 Authority Key Identifier:
keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/cdKB-PXPilfXMZleLPOEhz3dL2I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
49.128.4.0/22
103.244.116.0/22
223.29.252.0/22
Signature Algorithm: sha256WithRSAEncryption
31:70:1e:69:66:6f:57:d8:ce:e6:00:51:06:ae:66:6b:4a:60:
9b:05:ee:1e:21:83:b3:a6:5e:50:25:e8:4f:43:c9:bc:55:ec:
fb:1f:cb:13:cb:40:f4:3d:88:42:de:25:88:a8:df:a9:76:3a:
92:ef:47:77:67:58:ae:6e:31:34:8e:8c:45:d5:cc:07:b8:ca:
69:41:52:ed:d1:ee:81:3c:84:ae:27:2c:f1:d5:a7:2d:9d:db:
ee:99:01:24:e4:c7:37:fd:c0:46:b4:80:60:1b:dd:c2:05:d5:
db:f1:93:f4:d9:6c:33:64:d0:50:2c:91:72:6d:57:b2:0f:a2:
ca:3c:aa:db:8b:69:42:4e:7d:f1:5a:eb:1f:4a:62:60:7a:ea:
98:13:01:4d:77:85:e0:a3:3f:6e:56:42:d1:5b:ef:63:52:4c:
af:d3:12:ff:24:fd:39:d4:b9:91:ca:73:79:b0:8c:e4:60:38:
5a:c9:1d:de:5e:b5:ec:d6:28:1e:6c:df:af:dc:8d:12:65:86:
34:21:a0:68:d6:0e:6b:af:83:ed:e1:2c:3a:b3:ec:ae:2e:9e:
3e:92:d4:d1:4a:83:4a:33:bf:db:c1:5e:2e:76:20:a8:10:5f:
74:53:ea:ee:0d:e9:c1:8c:6f:1d:a6:da:ef:01:33:75:d1:86:
aa:eb:19:cc
-----BEGIN CERTIFICATE-----
MIIE4zCCA8ugAwIBAgICFCIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx
MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yMzA1MTkw
NTU0MTBaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDcxRDI4MUY4RjVDRjhB
NTdENzMxOTk1RTJDRjM4NDg3M0RERDJGNjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhVclNO7zvEEMZkHxEAK6joHb4NM3BQ2nK0sp15T+tgRDGSsoV
gPC1TMfSb6TubT7cqPyur28MKaYXycdeiwnD7W7WqFmaczv8D2teQ5A9taWbFqsJ
RnQcwIKZOKq/7GYdj8FAAwRVaYg4sOkWPHOaEf9v4xw8EVNhLJwaSp/mrK2lE8ke
UU8P+JwRvukE6AVhPC1BRU2TrRxbZXfKvbz18l9GKnqsfvAU9Vldr9eqWNI9rnKe
H42XAH4fTqzS3l/mjXcm9AYX/FEl+6O3Z32y1oePV4JuDnQKHd7fSEcfs/NGXCzr
6NVOebfcxDcu0w4EKfbJwxt9FjlD3vr2hNk/AgMBAAGjggH/MIIB+zAdBgNVHQ4E
FgQUcdKB+PXPilfXMZleLPOEhz3dL2IwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk
yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx
MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvY2RLQi1QWFBpbGZY
TVpsZUxQT0VoejNkTDJJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEw
EgMEAjGABAMEAmf0dAMEAt8d/DANBgkqhkiG9w0BAQsFAAOCAQEAMXAeaWZvV9jO
5gBRBq5ma0pgmwXuHiGDs6ZeUCXoT0PJvFXs+x/LE8tA9D2IQt4liKjfqXY6ku9H
d2dYrm4xNI6MRdXMB7jKaUFS7dHugTyErics8dWnLZ3b7pkBJOTHN/3ARrSAYBvd
wgXV2/GT9NlsM2TQUCyRcm1Xsg+iyjyq24tpQk598VrrH0piYHrqmBMBTXeF4KM/
blZC0VvvY1JMr9MS/yT9OdS5kcpzebCM5GA4Wskd3l617NYoHmzfr9yNEmWGNCGg
aNYOa6+D7eEsOrPsri6ePpLU0UqDSjO/28FeLnYgqBBfdFPq7g3pwYxvHaba7wEz
ddGGqusZzA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:22 2024 by rpki-client on console-ams.rpki-client.org