Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1587/POQdDgUhmMPwar4gW0k9gfehvA4.roa
File: POQdDgUhmMPwar4gW0k9gfehvA4.roa (raw, json)
Hash identifier: Lghx43sXJHTKaax1SbVGjeVI2+73Jz9sI3wVsWKs/rk=
Subject key identifier: 3C:E4:1D:0E:05:21:98:C3:F0:6A:BE:20:5B:49:3D:81:F7:A1:BC:0E
Certificate issuer: /CN=2DE14F2AC7F0238137052EAA315C5BD643134022
Certificate serial: 1054
Authority key identifier: 2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/POQdDgUhmMPwar4gW0k9gfehvA4.roa
Signing time: Wed 24 May 2023 03:53:39 +0000
ROA not before: Wed 24 May 2023 03:53:39 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 132168
IP address blocks: 2402:1440::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4180 (0x1054)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DE14F2AC7F0238137052EAA315C5BD643134022
Validity
Not Before: May 24 03:53:39 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=3CE41D0E052198C3F06ABE205B493D81F7A1BC0E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:8b:be:16:1a:25:07:bb:d6:6e:68:43:ac:4d:
b8:36:96:8c:38:3b:07:f4:b4:fd:ea:61:93:bd:bd:
b1:eb:05:e5:d7:d6:58:81:e8:05:b3:60:03:f4:49:
f7:e3:8a:df:6c:73:71:4b:3b:1b:94:92:61:66:f0:
24:c0:b5:37:0f:c4:7b:cd:4f:fe:37:b1:f5:8e:b4:
e4:cc:8d:fc:b4:da:1d:2e:d4:18:22:eb:bb:ca:15:
78:49:e8:c8:39:43:61:f8:5c:66:69:e4:87:28:87:
66:91:53:72:5b:d7:7a:bf:4d:72:d1:fe:87:83:9c:
f9:ad:f3:cb:4b:c4:04:aa:78:8b:d1:59:66:7d:22:
e3:32:04:56:1e:de:51:54:56:22:8c:35:92:9c:79:
47:0c:b4:00:8f:f5:eb:b1:9d:c0:f5:8b:47:26:73:
a3:6a:db:bb:db:1a:eb:e0:52:c6:3c:e9:c4:0d:f4:
8d:5a:1d:39:d9:84:e8:93:59:03:93:f9:79:78:ae:
5c:a7:46:69:20:43:41:a8:42:21:b8:37:37:de:74:
16:5c:e7:d6:84:ba:99:7e:45:1a:35:86:9b:26:6b:
f4:c6:8d:45:90:d6:3b:c2:72:a1:65:06:2b:21:3a:
18:17:6b:a3:d1:e0:21:ae:b5:1a:d8:f9:fa:f9:95:
ca:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:E4:1D:0E:05:21:98:C3:F0:6A:BE:20:5B:49:3D:81:F7:A1:BC:0E
X509v3 Authority Key Identifier:
keyid:2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/POQdDgUhmMPwar4gW0k9gfehvA4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:1440::/32
Signature Algorithm: sha256WithRSAEncryption
a2:b5:30:ad:e5:44:71:fe:d4:b2:d5:32:4d:d3:da:fe:04:4d:
0d:28:c7:7e:5f:b6:8e:6a:2e:f0:49:9d:d6:47:38:b1:a1:b2:
3d:53:c5:7e:59:69:b0:88:90:93:79:3c:61:5e:4b:fd:b0:1d:
e0:90:dd:23:fd:32:01:c1:20:b0:72:08:db:30:3f:5a:92:26:
43:e1:ab:19:7f:f8:b1:54:8a:12:68:0d:e1:49:cb:1e:57:1a:
e3:10:15:a4:71:d4:1a:e1:03:04:57:d0:57:d2:50:d3:de:95:
81:77:7c:66:88:de:97:6f:e4:aa:6b:6e:42:53:08:0f:a9:bf:
ac:75:58:44:f2:64:62:5b:e4:0f:b8:2b:eb:db:78:a5:f3:1f:
89:34:39:85:af:eb:22:6c:a6:57:27:14:e6:fd:ce:e5:41:3f:
3a:2e:f1:b1:f1:a0:11:a7:b0:7c:6e:3b:0e:ce:35:3c:f2:c3:
b8:96:82:68:28:03:71:49:92:a2:ab:ad:51:62:57:31:54:f7:
90:20:f7:c0:42:ce:52:4e:a0:ee:7c:f7:71:41:37:ca:da:39:
d0:12:3f:12:d3:e2:21:eb:69:28:c3:95:d2:fb:ca:7b:b8:eb:
9d:45:0b:90:ae:0a:93:24:2a:ec:f3:98:1b:6d:c7:da:a5:a8:
03:83:fe:05
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICEFQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRF
MTRGMkFDN0YwMjM4MTM3MDUyRUFBMzE1QzVCRDY0MzEzNDAyMjAeFw0yMzA1MjQw
MzUzMzlaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDNDRTQxRDBFMDUyMTk4
QzNGMDZBQkUyMDVCNDkzRDgxRjdBMUJDMEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQi74WGiUHu9ZuaEOsTbg2low4Owf0tP3qYZO9vbHrBeXX1liB
6AWzYAP0Sffjit9sc3FLOxuUkmFm8CTAtTcPxHvNT/43sfWOtOTMjfy02h0u1Bgi
67vKFXhJ6Mg5Q2H4XGZp5Icoh2aRU3Jb13q/TXLR/oeDnPmt88tLxASqeIvRWWZ9
IuMyBFYe3lFUViKMNZKceUcMtACP9euxncD1i0cmc6Nq27vbGuvgUsY86cQN9I1a
HTnZhOiTWQOT+Xl4rlynRmkgQ0GoQiG4NzfedBZc59aEupl+RRo1hpsma/TGjUWQ
1jvCcqFlBishOhgXa6PR4CGutRrY+fr5lcq1AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUPOQdDgUhmMPwar4gW0k9gfehvA4wHwYDVR0jBBgwFoAULeFPKsfwI4E3BS6q
MVxb1kMTQCIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTU4
Ny9MZUZQS3Nmd0k0RTNCUzZxTVZ4YjFrTVRRQ0kuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0xlRlBLc2Z3STRFM0JTNnFNVnhiMWtNVFFDSS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1ODcvUE9RZERnVWhtTVB3
YXI0Z1cwazlnZmVodkE0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw
BwMFACQCFEAwDQYJKoZIhvcNAQELBQADggEBAKK1MK3lRHH+1LLVMk3T2v4ETQ0o
x35fto5qLvBJndZHOLGhsj1TxX5ZabCIkJN5PGFeS/2wHeCQ3SP9MgHBILByCNsw
P1qSJkPhqxl/+LFUihJoDeFJyx5XGuMQFaRx1BrhAwRX0FfSUNPelYF3fGaI3pdv
5KprbkJTCA+pv6x1WETyZGJb5A+4K+vbeKXzH4k0OYWv6yJsplcnFOb9zuVBPzou
8bHxoBGnsHxuOw7ONTzyw7iWgmgoA3FJkqKrrVFiVzFU95Ag98BCzlJOoO5893FB
N8raOdASPxLT4iHraSjDldL7ynu4651FC5CuCpMkKuzzmBttx9qlqAOD/gU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:57 2024 by rpki-client on console-fra.rpki-client.org