Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/KHN28uZyvgfC6qWxTN4iqAo8KLY.roa
File: KHN28uZyvgfC6qWxTN4iqAo8KLY.roa (raw, json)
Hash identifier: sacyf4IXlxAD6Ws8mehJwygm2QO4+dOlRoI9v3DUtxc=
Subject key identifier: 28:73:76:F2:E6:72:BE:07:C2:EA:A5:B1:4C:DE:22:A8:0A:3C:28:B6
Certificate issuer: /CN=02605E38FE471260DDE7ACE69743E2F3D4F2F0C6
Certificate serial: 0A
Authority key identifier: 02:60:5E:38:FE:47:12:60:DD:E7:AC:E6:97:43:E2:F3:D4:F2:F0:C6
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AmBeOP5HEmDd56zml0Pi89Ty8MY.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/KHN28uZyvgfC6qWxTN4iqAo8KLY.roa
Signing time: Thu 27 May 2021 05:05:32 +0000
ROA not before: Thu 27 May 2021 05:05:32 +0000
ROA not after: Fri 27 May 2022 04:59:52 +0000
asID: 134762
IP address blocks: 43.226.144.0/20 maxlen: 20
103.45.176.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10 (0xa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02605E38FE471260DDE7ACE69743E2F3D4F2F0C6
Validity
Not Before: May 27 05:05:32 2021 GMT
Not After : May 27 04:59:52 2022 GMT
Subject: CN=287376F2E672BE07C2EAA5B14CDE22A80A3C28B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7e:f6:1a:6a:93:7f:e8:bc:15:2c:9f:6a:1f:
2f:e9:3a:36:d0:5c:ca:73:dd:07:6d:cc:dd:d9:f5:
a8:a6:8b:05:db:44:aa:3d:ef:68:87:0f:bd:d6:6d:
72:60:8b:7d:74:83:2b:3e:8c:60:47:d0:e4:23:ce:
c3:12:f2:a5:c7:dc:f4:d8:b5:d6:d9:95:20:eb:ef:
f8:4a:d9:1f:78:84:9a:ce:65:43:5d:55:a5:1a:96:
a8:8f:9d:98:a6:e1:d7:27:cc:4e:0a:02:a1:68:14:
bc:4c:63:47:3b:10:71:0b:d8:d2:50:33:4b:75:24:
28:60:cd:7f:8a:29:72:64:b5:5d:43:b7:58:6b:52:
d5:35:11:b6:5e:31:17:b8:7c:fa:9d:2e:19:de:f5:
f3:32:cc:c5:df:7d:0e:6d:ec:83:97:66:ba:16:de:
75:b5:21:70:62:e9:2a:72:98:dc:89:8e:42:77:1a:
90:16:52:12:3b:b3:2e:90:3c:37:c1:5f:57:0b:1c:
10:9d:80:37:fb:01:b0:c0:c6:ec:96:fe:e0:45:98:
d5:29:6f:ea:2e:84:72:46:93:a3:0e:5c:74:28:ad:
53:47:f1:ec:ff:20:d8:56:e9:02:ed:ad:3c:f1:a0:
68:68:9a:7f:06:6a:14:b5:2a:43:93:1e:a1:36:a4:
af:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:73:76:F2:E6:72:BE:07:C2:EA:A5:B1:4C:DE:22:A8:0A:3C:28:B6
X509v3 Authority Key Identifier:
keyid:02:60:5E:38:FE:47:12:60:DD:E7:AC:E6:97:43:E2:F3:D4:F2:F0:C6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/AmBeOP5HEmDd56zml0Pi89Ty8MY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AmBeOP5HEmDd56zml0Pi89Ty8MY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/KHN28uZyvgfC6qWxTN4iqAo8KLY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.226.144.0/20
103.45.176.0/20
Signature Algorithm: sha256WithRSAEncryption
0b:db:15:40:32:ce:8e:d8:07:2b:30:09:79:51:06:0b:c8:92:
2a:6f:ce:e1:45:7f:0c:b5:a3:99:4a:34:b5:11:82:9a:bd:40:
d7:68:78:36:67:ec:42:f4:5d:d6:f3:b3:f4:c5:26:bf:b8:02:
cd:5b:fe:93:6a:ed:0e:00:79:1f:ea:9e:39:c6:4f:f9:19:97:
ce:b9:83:1b:c6:19:8d:aa:31:86:bc:7e:11:7f:5b:6e:45:78:
1e:a6:28:79:1b:a1:00:64:4b:98:52:1d:22:65:b7:a5:dd:c1:
2b:3a:f2:a8:0b:fd:8b:4c:22:d4:14:f0:b9:d8:c0:07:89:7d:
09:1c:a9:03:ab:82:f1:40:d4:64:c3:6c:13:a8:42:69:35:94:
43:b7:7d:b0:ca:49:61:5b:39:49:21:be:f7:46:6a:16:6d:37:
8d:c5:8f:31:6a:d9:f5:91:cb:93:17:55:9a:20:1d:2c:fe:7f:
e6:85:fc:e4:e7:a9:95:aa:14:1f:49:4e:c1:d8:0a:a6:3d:7b:
14:8a:53:60:17:01:92:1a:1a:ad:7e:fc:30:40:5a:0b:97:38:
42:54:46:4d:63:29:c6:40:2b:aa:96:d4:04:6a:1a:72:8b:1d:
10:b1:38:1c:50:4b:fb:1a:05:4a:6c:f4:fd:b8:d4:4d:75:76:
19:5d:c9:5c
-----BEGIN CERTIFICATE-----
MIIE3DCCA8SgAwIBAgIBCjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygwMjYw
NUUzOEZFNDcxMjYwRERFN0FDRTY5NzQzRTJGM0Q0RjJGMEM2MB4XDTIxMDUyNzA1
MDUzMloXDTIyMDUyNzA0NTk1MlowMzExMC8GA1UEAxMoMjg3Mzc2RjJFNjcyQkUw
N0MyRUFBNUIxNENERTIyQTgwQTNDMjhCNjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKN+9hpqk3/ovBUsn2ofL+k6NtBcynPdB23M3dn1qKaLBdtEqj3v
aIcPvdZtcmCLfXSDKz6MYEfQ5CPOwxLypcfc9Ni11tmVIOvv+ErZH3iEms5lQ11V
pRqWqI+dmKbh1yfMTgoCoWgUvExjRzsQcQvY0lAzS3UkKGDNf4opcmS1XUO3WGtS
1TURtl4xF7h8+p0uGd718zLMxd99Dm3sg5dmuhbedbUhcGLpKnKY3ImOQncakBZS
EjuzLpA8N8FfVwscEJ2AN/sBsMDG7Jb+4EWY1Slv6i6EckaTow5cdCitU0fx7P8g
2FbpAu2tPPGgaGiafwZqFLUqQ5MeoTakr5sCAwEAAaOCAfkwggH1MB0GA1UdDgQW
BBQoc3by5nK+B8LqpbFM3iKoCjwotjAfBgNVHSMEGDAWgBQCYF44/kcSYN3nrOaX
Q+Lz1PLwxjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xNjYz
L0FtQmVPUDVIRW1EZDU2em1sMFBpODlUeThNWS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvQW1CZU9QNUhFbURkNTZ6bWwwUGk4OVR5OE1ZLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2My9LSE4yOHVaeXZnZkM2
cVd4VE40aXFBbzhLTFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAM
AwQEK+KQAwQEZy2wMA0GCSqGSIb3DQEBCwUAA4IBAQAL2xVAMs6O2AcrMAl5UQYL
yJIqb87hRX8MtaOZSjS1EYKavUDXaHg2Z+xC9F3W87P0xSa/uALNW/6Tau0OAHkf
6p45xk/5GZfOuYMbxhmNqjGGvH4Rf1tuRXgepih5G6EAZEuYUh0iZbel3cErOvKo
C/2LTCLUFPC52MAHiX0JHKkDq4LxQNRkw2wTqEJpNZRDt32wyklhWzlJIb73RmoW
bTeNxY8xatn1kcuTF1WaIB0s/n/mhfzk56mVqhQfSU7B2AqmPXsUilNgFwGSGhqt
fvwwQFoLlzhCVEZNYynGQCuqltQEahpyix0QsTgcUEv7GgVKbPT9uNRNdXYZXclc
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:07 2023 by rpki-client on console-ams.rpki-client.org