Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/wHUVGDqAYQSWi_Hkn8pCsedhyyM.roa
File: wHUVGDqAYQSWi_Hkn8pCsedhyyM.roa (raw, json)
Hash identifier: RPg1zJMVn2Sn4vfbwiU1Zy73svOUxv6C0hLy4KRsDng=
Subject key identifier: C0:75:15:18:3A:80:61:04:96:8B:F1:E4:9F:CA:42:B1:E7:61:CB:23
Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Certificate serial: 18C1
Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/wHUVGDqAYQSWi_Hkn8pCsedhyyM.roa
Signing time: Wed 24 May 2023 03:54:04 +0000
ROA not before: Wed 24 May 2023 03:54:04 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 4816
IP address blocks: 103.39.232.0/22 maxlen: 22
103.44.236.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6337 (0x18c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Validity
Not Before: May 24 03:54:04 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=C07515183A806104968BF1E49FCA42B1E761CB23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:cf:8a:db:79:3f:56:1a:c3:dd:a9:c5:c3:61:
6b:5d:dc:51:6e:7f:34:ef:df:c6:9f:ef:3d:58:18:
2d:28:53:bb:60:13:7d:39:d4:44:50:b8:77:a4:ab:
71:7f:de:49:e7:00:15:dd:32:84:9d:42:66:0c:fd:
1b:eb:d9:fe:7d:6e:28:db:4e:9f:6b:5c:df:fc:64:
98:77:dd:04:fb:be:a7:1f:f0:4e:7a:24:20:8d:42:
ef:f6:4a:61:28:b9:8c:17:68:6d:55:fe:36:95:02:
3b:5b:27:eb:16:f7:44:67:14:dd:ab:2e:81:e0:34:
3e:2e:0c:7e:c3:03:27:b5:40:63:7e:3e:69:b7:3a:
c5:e0:ca:5c:59:ab:b6:92:03:a8:f1:8b:a9:eb:51:
cd:93:aa:c7:cd:46:9a:45:e6:63:5c:77:05:c1:38:
0e:e3:b3:87:69:eb:47:25:96:dc:a5:50:4f:ca:b8:
56:fe:a4:8b:98:ab:50:54:4d:d4:ca:c1:ef:3c:06:
79:01:02:15:04:b9:53:a7:e5:6e:54:bc:3e:b7:44:
bf:e5:f3:62:d3:68:54:ac:5a:da:c4:9b:50:b2:aa:
47:83:d2:5e:38:f7:79:51:33:c9:da:9a:9f:4b:04:
39:1c:09:75:02:b2:c6:46:b9:5b:d1:59:b6:a3:6a:
f7:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:75:15:18:3A:80:61:04:96:8B:F1:E4:9F:CA:42:B1:E7:61:CB:23
X509v3 Authority Key Identifier:
keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/wHUVGDqAYQSWi_Hkn8pCsedhyyM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.39.232.0/22
103.44.236.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:b0:56:4a:d4:fc:99:a9:41:44:6a:25:b9:44:f5:f0:dd:cb:
19:30:9d:05:30:ef:46:85:b2:ce:2e:0d:01:ba:14:63:c9:39:
da:b0:eb:94:35:fc:29:0c:20:70:22:00:0b:79:bf:82:9f:cf:
f3:cc:f0:d8:61:5f:bc:13:44:60:f1:57:a4:d8:62:03:18:88:
0f:08:22:f6:0c:39:4f:c7:bc:ed:85:65:4e:7f:3e:19:2e:44:
2e:37:85:8d:9b:39:90:aa:e6:52:22:62:3d:50:7c:59:ff:7d:
a1:dd:b2:e0:66:d8:9e:cd:1f:fa:aa:c1:27:be:dc:e0:78:e7:
f1:2b:11:49:cf:8b:e3:37:dd:88:6c:ef:eb:0c:9d:04:10:ea:
32:e7:bf:74:5f:38:5a:88:f2:a4:2f:7b:37:1f:07:bf:25:a3:
a5:75:22:c3:d9:d4:a9:d0:0a:d3:a3:51:a1:c1:28:af:15:0f:
c9:55:64:77:c8:5a:cf:0d:38:8e:0b:69:8e:8d:a8:b4:e2:b4:
44:0f:71:3d:ab:78:ae:f2:65:fc:6a:4f:7e:76:ae:0c:ea:86:
0c:47:3b:a7:66:3f:e3:5b:8f:ca:db:6a:49:eb:9f:97:f6:93:
2c:9a:31:af:9f:a3:e6:21:6b:a9:66:ef:85:be:d6:54:07:d0:
d4:f7:3d:79
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgICGMEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF
NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yMzA1MjQw
MzU0MDRaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKEMwNzUxNTE4M0E4MDYx
MDQ5NjhCRjFFNDlGQ0E0MkIxRTc2MUNCMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtz4rbeT9WGsPdqcXDYWtd3FFufzTv38af7z1YGC0oU7tgE305
1ERQuHekq3F/3knnABXdMoSdQmYM/Rvr2f59bijbTp9rXN/8ZJh33QT7vqcf8E56
JCCNQu/2SmEouYwXaG1V/jaVAjtbJ+sW90RnFN2rLoHgND4uDH7DAye1QGN+Pmm3
OsXgylxZq7aSA6jxi6nrUc2TqsfNRppF5mNcdwXBOA7js4dp60clltylUE/KuFb+
pIuYq1BUTdTKwe88BnkBAhUEuVOn5W5UvD63RL/l82LTaFSsWtrEm1CyqkeD0l44
93lRM8namp9LBDkcCXUCssZGuVvRWbajavcBAgMBAAGjggH5MIIB9TAdBgNVHQ4E
FgQUwHUVGDqAYQSWi/Hkn8pCsedhyyMwHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y
5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2
My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvd0hVVkdEcUFZUVNX
aV9Ia244cENzZWRoeXlNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw
DAMEAmcn6AMEAmcs7DANBgkqhkiG9w0BAQsFAAOCAQEAXrBWStT8malBRGoluUT1
8N3LGTCdBTDvRoWyzi4NAboUY8k52rDrlDX8KQwgcCIAC3m/gp/P88zw2GFfvBNE
YPFXpNhiAxiIDwgi9gw5T8e87YVlTn8+GS5ELjeFjZs5kKrmUiJiPVB8Wf99od2y
4GbYns0f+qrBJ77c4Hjn8SsRSc+L4zfdiGzv6wydBBDqMue/dF84WojypC97Nx8H
vyWjpXUiw9nUqdAK06NRocEorxUPyVVkd8hazw04jgtpjo2otOK0RA9xPat4rvJl
/GpPfnauDOqGDEc7p2Y/41uPyttqSeufl/aTLJoxr5+j5iFrqWbvhb7WVAfQ1Pc9
eQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:58 2024 by rpki-client on console-fra.rpki-client.org