Route Origin Authorization

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/TwmoHWYJM-tTU1XeVXielrT3yxQ.roa
File:                     TwmoHWYJM-tTU1XeVXielrT3yxQ.roa (raw, json)
Hash identifier:          wgcxEhFeb5Z85L5xKoEf9OgmPQ6VpxnvTloZ7iglcdM=
Subject key identifier:   4F:09:A8:1D:66:09:33:EB:53:53:55:DE:55:78:9E:96:B4:F7:CB:14
Certificate issuer:       /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Certificate serial:       096C
Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/TwmoHWYJM-tTU1XeVXielrT3yxQ.roa
Signing time:             Tue 07 Jun 2022 10:06:44 +0000
ROA not before:           Tue 07 Jun 2022 10:06:44 +0000
ROA not after:            Wed 07 Jun 2023 03:34:43 +0000
asID:                     4816
IP address blocks:        103.39.232.0/22 maxlen: 22
                          103.44.236.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2412 (0x96c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
        Validity
            Not Before: Jun  7 10:06:44 2022 GMT
            Not After : Jun  7 03:34:43 2023 GMT
        Subject: CN=4F09A81D660933EB535355DE55789E96B4F7CB14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:68:ac:56:72:39:fb:b5:1f:55:ec:5b:65:74:
                    c0:dc:7a:2f:c1:cc:0e:d4:74:ab:b0:d2:4b:ea:f9:
                    ed:90:ee:a9:28:2b:1a:b0:38:fc:58:da:60:8e:81:
                    86:40:83:6e:01:26:a4:5e:e3:eb:6a:fe:d2:58:92:
                    d7:af:cb:03:72:fe:35:4e:a1:8f:6e:2d:4b:6c:53:
                    cd:40:bf:6e:1b:f9:bc:b6:bb:fc:da:37:1a:a4:18:
                    97:a5:01:2a:3a:97:6e:cd:20:dc:56:e8:91:28:0d:
                    1b:e1:5d:fb:bc:b8:2f:35:fe:df:a0:6d:bb:86:10:
                    a9:c2:54:6c:f0:20:55:33:f0:c3:c7:8b:cf:b8:2d:
                    01:15:31:a6:e7:83:66:60:a1:d1:37:44:01:c3:0c:
                    c6:8e:2e:c9:f1:9a:2e:d1:b5:0d:ff:23:57:2d:ab:
                    df:21:27:9f:3a:aa:e4:c9:e3:18:06:f7:8a:97:c4:
                    04:c0:65:04:77:94:50:4b:b0:95:7c:cf:13:37:10:
                    76:26:e4:ba:09:28:11:b3:09:8d:1a:ba:d7:12:68:
                    1d:c6:70:b2:ab:41:48:ab:fe:35:b6:d0:b6:1a:c3:
                    ab:c3:79:a8:ac:ca:cf:1c:89:6f:ea:5c:cf:d3:5e:
                    c7:5b:ef:cc:56:fa:8f:9e:aa:ec:ac:54:8d:76:51:
                    5d:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:09:A8:1D:66:09:33:EB:53:53:55:DE:55:78:9E:96:B4:F7:CB:14
            X509v3 Authority Key Identifier:
                keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/TwmoHWYJM-tTU1XeVXielrT3yxQ.roa
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.39.232.0/22
                  103.44.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         73:78:f9:a9:07:7a:f0:e1:3e:50:91:32:d4:31:7d:d4:cf:c7:
         d7:a7:12:79:2c:92:32:dd:af:b1:0d:46:d8:69:8c:5f:ea:49:
         91:7c:28:81:b0:57:8f:6c:ee:ab:8c:4d:c1:7a:75:3f:1a:d1:
         bf:dc:a6:2c:11:f7:6d:66:5f:26:28:95:49:2f:e9:55:be:f1:
         b3:c9:15:63:1c:25:01:d1:48:d3:8e:21:e8:16:a2:17:fd:1a:
         94:fa:69:25:79:d8:6c:2b:ea:05:1b:14:b2:bf:a5:36:aa:a9:
         9e:ba:46:25:09:fb:f9:27:0d:6d:71:6c:34:d5:05:3e:2c:7f:
         20:d1:26:43:89:9d:ae:f3:dd:17:b3:3f:95:17:52:a6:e6:d3:
         ef:38:b7:b8:eb:ab:76:cf:4d:c5:6c:d3:72:2a:1c:db:af:c0:
         ef:f3:7a:9f:17:cc:f8:24:df:90:f9:79:76:f8:ea:2b:4c:9b:
         1f:79:e6:c1:22:cc:9c:54:fb:8d:6e:e9:2e:7f:5b:6e:1c:49:
         38:e7:1e:a3:b4:ae:1f:27:71:22:4f:b7:99:8e:09:df:d3:d7:
         de:b3:1b:da:24:30:16:4b:a4:53:44:f8:6f:64:20:31:b6:86:
         2a:92:e3:84:0a:d8:c0:e1:8a:12:1a:c5:43:fb:a0:20:ed:3c:
         6f:9a:60:46
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgICCWwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF
NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yMjA2MDcx
MDA2NDRaFw0yMzA2MDcwMzM0NDNaMDMxMTAvBgNVBAMTKDRGMDlBODFENjYwOTMz
RUI1MzUzNTVERTU1Nzg5RTk2QjRGN0NCMTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6aKxWcjn7tR9V7FtldMDcei/BzA7UdKuw0kvq+e2Q7qkoKxqw
OPxY2mCOgYZAg24BJqRe4+tq/tJYktevywNy/jVOoY9uLUtsU81Av24b+by2u/za
NxqkGJelASo6l27NINxW6JEoDRvhXfu8uC81/t+gbbuGEKnCVGzwIFUz8MPHi8+4
LQEVMabng2ZgodE3RAHDDMaOLsnxmi7RtQ3/I1ctq98hJ586quTJ4xgG94qXxATA
ZQR3lFBLsJV8zxM3EHYm5LoJKBGzCY0autcSaB3GcLKrQUir/jW20LYaw6vDeais
ys8ciW/qXM/TXsdb78xW+o+equysVI12UV3hAgMBAAGjggH5MIIB9TAdBgNVHQ4E
FgQUTwmoHWYJM+tTU1XeVXielrT3yxQwHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y
5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2
My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvVHdtb0hXWUpNLXRU
VTFYZVZYaWVsclQzeXhRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw
DAMEAmcn6AMEAmcs7DANBgkqhkiG9w0BAQsFAAOCAQEAc3j5qQd68OE+UJEy1DF9
1M/H16cSeSySMt2vsQ1G2GmMX+pJkXwogbBXj2zuq4xNwXp1PxrRv9ymLBH3bWZf
JiiVSS/pVb7xs8kVYxwlAdFI044h6BaiF/0alPppJXnYbCvqBRsUsr+lNqqpnrpG
JQn7+ScNbXFsNNUFPix/INEmQ4mdrvPdF7M/lRdSpubT7zi3uOurds9NxWzTcioc
26/A7/N6nxfM+CTfkPl5dvjqK0ybH3nmwSLMnFT7jW7pLn9bbhxJOOceo7SuHydx
Ik+3mY4J39PX3rMb2iQwFkukU0T4b2QgMbaGKpLjhArYwOGKEhrFQ/ugIO08b5pg
Rg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:58 2024 by rpki-client on console-fra.rpki-client.org