Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1587/3SZWMP9KDPrXoVquPwXe5SdNf6Q.roa
File: 3SZWMP9KDPrXoVquPwXe5SdNf6Q.roa (raw, json)
Hash identifier: uke0wrH75NNHW+TXJdBXAqIsNfGGw91ZO9QXzK9KGm4=
Subject key identifier: DD:26:56:30:FF:4A:0C:FA:D7:A1:5A:AE:3F:05:DE:E5:27:4D:7F:A4
Certificate issuer: /CN=2DE14F2AC7F0238137052EAA315C5BD643134022
Certificate serial: 1053
Authority key identifier: 2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/3SZWMP9KDPrXoVquPwXe5SdNf6Q.roa
Signing time: Wed 24 May 2023 03:53:39 +0000
ROA not before: Wed 24 May 2023 03:53:39 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 132168
IP address blocks: 103.204.72.0/22 maxlen: 24
202.160.140.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4179 (0x1053)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DE14F2AC7F0238137052EAA315C5BD643134022
Validity
Not Before: May 24 03:53:39 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=DD265630FF4A0CFAD7A15AAE3F05DEE5274D7FA4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:04:bd:d9:33:82:98:4f:61:36:36:a3:e7:7e:
cf:7d:a6:53:39:d2:38:ca:4b:18:5c:89:70:0a:f5:
22:b1:61:c9:62:d4:06:42:cc:92:6f:2b:23:4d:42:
c5:08:69:db:cf:38:16:21:b6:b5:b4:5b:bb:99:b7:
77:7d:18:82:3e:9c:71:a5:95:ce:9e:2a:2c:ca:6b:
58:da:8b:76:6c:c4:e9:01:24:fa:ad:a9:c2:74:17:
da:cf:b3:1e:7e:fc:56:bc:33:0a:82:ec:7f:86:8d:
66:5c:5e:89:23:8a:83:ae:7b:49:69:80:b6:02:a2:
5b:47:96:cf:93:75:94:87:c4:b7:f0:d7:d2:a7:5c:
ea:48:44:67:5b:84:c1:02:d2:27:f0:da:e0:73:69:
83:b3:b8:71:8a:bd:a8:2a:02:d8:e6:4e:ff:1e:12:
04:c7:fd:ff:1b:20:8e:f3:69:72:e2:6f:a5:73:a4:
51:51:c9:8d:53:10:ba:ef:14:dc:ad:3c:f3:95:4e:
de:9c:56:35:2c:59:e4:3d:76:93:1e:47:4b:98:ee:
9b:1d:59:1f:f5:99:ab:f2:cc:43:e1:ce:d4:06:6a:
9f:f2:72:32:b8:a4:ef:2e:11:9f:6f:11:25:87:6e:
d2:b7:7e:a8:9b:0c:23:e9:3c:a6:a3:af:2c:97:37:
f3:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:26:56:30:FF:4A:0C:FA:D7:A1:5A:AE:3F:05:DE:E5:27:4D:7F:A4
X509v3 Authority Key Identifier:
keyid:2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/3SZWMP9KDPrXoVquPwXe5SdNf6Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.204.72.0/22
202.160.140.0/22
Signature Algorithm: sha256WithRSAEncryption
95:0c:6c:fd:0b:57:21:d8:b3:39:d5:0b:9f:ba:9a:5c:ca:be:
fa:ee:6a:de:56:46:b8:4d:cb:d5:dc:10:26:32:20:5b:9a:0d:
c8:d7:e5:be:50:93:66:f3:65:2b:b7:e4:b1:82:39:60:3e:d6:
ea:95:9c:7d:55:42:fb:60:c8:47:d7:cd:90:04:81:c4:7f:c9:
ef:44:22:3c:b6:f1:24:36:cb:61:f5:c9:2d:e3:55:52:5f:08:
8f:d0:fb:1d:1d:eb:e0:39:ed:34:cb:65:9a:fc:07:bd:78:85:
67:0f:2b:5a:4e:bb:2c:b1:ec:87:ca:d4:ca:a8:2e:c5:3d:5b:
2d:bd:29:90:fc:3b:48:23:60:5a:8c:30:c5:1e:0b:57:af:00:
ca:0b:61:43:d3:d3:2f:12:b4:a9:49:e4:f7:4a:f4:fb:99:ac:
db:29:78:07:30:5f:83:f3:02:3a:69:bc:6b:79:d1:d0:48:7e:
e8:be:d9:a8:3b:09:32:2f:71:c0:f7:83:53:2c:b4:da:0b:90:
a8:b9:55:28:1f:98:5c:fa:d9:f1:88:8f:3b:88:03:c4:4f:c8:
8d:4b:e3:09:ec:1e:e8:35:9d:eb:9b:a6:2a:e0:ad:f7:4c:02:
91:c7:f8:51:79:43:3f:7c:ef:22:6d:40:2a:d5:d6:4e:88:b9:
d4:f5:7c:4c
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgICEFMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRF
MTRGMkFDN0YwMjM4MTM3MDUyRUFBMzE1QzVCRDY0MzEzNDAyMjAeFw0yMzA1MjQw
MzUzMzlaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKEREMjY1NjMwRkY0QTBD
RkFEN0ExNUFBRTNGMDVERUU1Mjc0RDdGQTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLBL3ZM4KYT2E2NqPnfs99plM50jjKSxhciXAK9SKxYcli1AZC
zJJvKyNNQsUIadvPOBYhtrW0W7uZt3d9GII+nHGllc6eKizKa1jai3ZsxOkBJPqt
qcJ0F9rPsx5+/Fa8MwqC7H+GjWZcXokjioOue0lpgLYColtHls+TdZSHxLfw19Kn
XOpIRGdbhMEC0ifw2uBzaYOzuHGKvagqAtjmTv8eEgTH/f8bII7zaXLib6VzpFFR
yY1TELrvFNytPPOVTt6cVjUsWeQ9dpMeR0uY7psdWR/1mavyzEPhztQGap/ycjK4
pO8uEZ9vESWHbtK3fqibDCPpPKajryyXN/OtAgMBAAGjggH5MIIB9TAdBgNVHQ4E
FgQU3SZWMP9KDPrXoVquPwXe5SdNf6QwHwYDVR0jBBgwFoAULeFPKsfwI4E3BS6q
MVxb1kMTQCIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTU4
Ny9MZUZQS3Nmd0k0RTNCUzZxTVZ4YjFrTVRRQ0kuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0xlRlBLc2Z3STRFM0JTNnFNVnhiMWtNVFFDSS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1ODcvM1NaV01QOUtEUHJY
b1ZxdVB3WGU1U2ROZjZRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw
DAMEAmfMSAMEAsqgjDANBgkqhkiG9w0BAQsFAAOCAQEAlQxs/QtXIdizOdULn7qa
XMq++u5q3lZGuE3L1dwQJjIgW5oNyNflvlCTZvNlK7fksYI5YD7W6pWcfVVC+2DI
R9fNkASBxH/J70QiPLbxJDbLYfXJLeNVUl8Ij9D7HR3r4DntNMtlmvwHvXiFZw8r
Wk67LLHsh8rUyqguxT1bLb0pkPw7SCNgWowwxR4LV68AygthQ9PTLxK0qUnk90r0
+5ms2yl4BzBfg/MCOmm8a3nR0Eh+6L7ZqDsJMi9xwPeDUyy02guQqLlVKB+YXPrZ
8YiPO4gDxE/IjUvjCewe6DWd65umKuCt90wCkcf4UXlDP3zvIm1AKtXWToi51PV8
TA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:57 2024 by rpki-client on console-fra.rpki-client.org