Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/190/1PmgutuJ4ZSTRuvEnOf3JXoGNJs.roa
File: 1PmgutuJ4ZSTRuvEnOf3JXoGNJs.roa (raw, json)
Hash identifier: KMt2bPWmRNCzJixJBc68uxyF8x6E2JME9TL0wtocJR0=
Subject key identifier: D4:F9:A0:BA:DB:89:E1:94:93:46:EB:C4:9C:E7:F7:25:7A:06:34:9B
Certificate issuer: /CN=E48FED76038496AD2AB1972D13468F4D3D403164
Certificate serial: 06D9
Authority key identifier: E4:8F:ED:76:03:84:96:AD:2A:B1:97:2D:13:46:8F:4D:3D:40:31:64
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5I_tdgOElq0qsZctE0aPTT1AMWQ.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/1PmgutuJ4ZSTRuvEnOf3JXoGNJs.roa
Signing time: Thu 08 Jun 2023 08:24:01 +0000
ROA not before: Thu 08 Jun 2023 08:24:01 +0000
ROA not after: Fri 07 Jun 2024 02:16:11 +0000
asID: 24427
IP address blocks: 202.170.216.0/24 maxlen: 32
202.170.217.0/24 maxlen: 32
202.170.218.0/24 maxlen: 32
202.170.219.0/24 maxlen: 32
202.170.220.0/24 maxlen: 32
202.170.221.0/24 maxlen: 32
202.170.222.0/24 maxlen: 32
202.170.223.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1753 (0x6d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E48FED76038496AD2AB1972D13468F4D3D403164
Validity
Not Before: Jun 8 08:24:01 2023 GMT
Not After : Jun 7 02:16:11 2024 GMT
Subject: CN=D4F9A0BADB89E1949346EBC49CE7F7257A06349B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:4e:41:a8:ea:5e:3c:95:75:7f:be:31:03:a8:
99:6f:29:82:55:7d:a0:a9:2e:66:97:42:53:7a:a8:
a2:b6:2d:67:ce:ad:e3:83:e1:e0:e5:d5:e1:49:f9:
62:c1:58:86:1c:48:3e:61:50:cf:ac:71:a3:7c:a7:
b6:05:87:4b:5b:2d:92:8a:db:87:01:ab:94:64:9e:
65:0a:83:b3:a4:ec:5d:de:1f:b8:37:a0:12:a8:fd:
be:64:c3:3c:82:6b:1e:48:78:4d:0e:ee:a2:9c:b5:
44:41:6f:5c:f7:73:04:15:a3:16:11:6c:c3:d1:4b:
c2:68:0b:2b:27:7d:fa:30:6f:fa:c9:da:82:79:57:
96:20:39:42:64:e2:11:49:0c:d4:48:3e:8a:18:c3:
4e:4a:ed:33:92:1b:ea:51:05:03:52:f1:5b:96:c6:
1c:3d:d9:b2:d6:e3:01:e2:77:37:e2:cf:32:c7:95:
33:d5:cd:7d:7f:e2:5d:85:34:a3:32:55:3a:f5:e5:
da:55:78:22:d1:89:03:01:44:19:1b:7d:b4:32:eb:
e2:0f:2b:d1:c9:63:d4:b8:b8:42:53:2a:b7:83:7a:
ea:a3:b1:7e:97:c2:88:0d:6a:db:59:a4:95:21:15:
fa:6a:8b:73:e2:67:9c:c2:ba:db:48:a3:0a:60:b7:
49:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:F9:A0:BA:DB:89:E1:94:93:46:EB:C4:9C:E7:F7:25:7A:06:34:9B
X509v3 Authority Key Identifier:
keyid:E4:8F:ED:76:03:84:96:AD:2A:B1:97:2D:13:46:8F:4D:3D:40:31:64
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/5I_tdgOElq0qsZctE0aPTT1AMWQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5I_tdgOElq0qsZctE0aPTT1AMWQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/1PmgutuJ4ZSTRuvEnOf3JXoGNJs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.170.216.0/21
Signature Algorithm: sha256WithRSAEncryption
18:cb:87:0b:82:05:a9:09:aa:75:91:53:c8:61:60:4d:ec:04:
6f:17:a1:af:b4:3a:e5:45:e4:10:51:e2:26:21:cf:32:fc:f1:
59:4f:49:65:7d:c5:54:5f:f9:04:55:ec:27:14:f1:a9:51:7e:
ca:d3:7f:0f:9c:d3:91:17:1e:f7:f5:b2:68:53:6d:a6:ae:3b:
f4:13:a3:67:e6:a1:58:af:cc:36:0f:ee:ba:ea:05:a8:ea:ef:
d6:d8:76:d6:3a:28:20:92:96:e7:64:9c:45:ac:02:b0:59:b8:
10:d3:2c:93:5f:78:6e:f6:35:89:ec:6b:bd:d0:a6:51:9f:4b:
26:05:fb:04:c3:91:ed:38:2a:d5:80:ec:48:ac:56:f1:9a:21:
40:8c:4a:d2:f9:42:20:45:be:c9:e7:ce:b6:0f:5c:3d:cc:e6:
44:4d:42:08:33:e4:73:bf:40:1c:db:71:14:e6:90:c1:9e:3a:
e0:6c:f7:92:ec:61:d9:74:7d:10:81:7b:d3:18:e0:b9:8f:e5:
4d:80:44:1f:9b:b9:66:38:0d:d4:d8:64:bc:2d:55:91:9e:ef:
67:5d:5a:7d:a0:24:ec:6e:18:bc:23:81:1f:4c:44:aa:21:cb:
10:3b:e7:ad:cd:2c:50:bb:8f:f8:2a:cf:8a:58:b1:22:96:47:
a3:f9:d2:b1
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICBtkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTQ4
RkVENzYwMzg0OTZBRDJBQjE5NzJEMTM0NjhGNEQzRDQwMzE2NDAeFw0yMzA2MDgw
ODI0MDFaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKEQ0RjlBMEJBREI4OUUx
OTQ5MzQ2RUJDNDlDRTdGNzI1N0EwNjM0OUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJTkGo6l48lXV/vjEDqJlvKYJVfaCpLmaXQlN6qKK2LWfOreOD
4eDl1eFJ+WLBWIYcSD5hUM+scaN8p7YFh0tbLZKK24cBq5RknmUKg7Ok7F3eH7g3
oBKo/b5kwzyCax5IeE0O7qKctURBb1z3cwQVoxYRbMPRS8JoCysnffowb/rJ2oJ5
V5YgOUJk4hFJDNRIPooYw05K7TOSG+pRBQNS8VuWxhw92bLW4wHidzfizzLHlTPV
zX1/4l2FNKMyVTr15dpVeCLRiQMBRBkbfbQy6+IPK9HJY9S4uEJTKreDeuqjsX6X
wogNattZpJUhFfpqi3PiZ5zCuttIowpgt0lxAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU1PmgutuJ4ZSTRuvEnOf3JXoGNJswHwYDVR0jBBgwFoAU5I/tdgOElq0qsZct
E0aPTT1AMWQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTkw
LzVJX3RkZ09FbHEwcXNaY3RFMGFQVFQxQU1XUS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNUlfdGRnT0VscTBxc1pjdEUwYVBUVDFBTVdRLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTkwLzFQbWd1dHVKNFpTVFJ1
dkVuT2YzSlhvR05Kcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAPKqtgwDQYJKoZIhvcNAQELBQADggEBABjLhwuCBakJqnWRU8hhYE3sBG8Xoa+0
OuVF5BBR4iYhzzL88VlPSWV9xVRf+QRV7CcU8alRfsrTfw+c05EXHvf1smhTbaau
O/QTo2fmoVivzDYP7rrqBajq79bYdtY6KCCSludknEWsArBZuBDTLJNfeG72NYns
a73QplGfSyYF+wTDke04KtWA7EisVvGaIUCMStL5QiBFvsnnzrYPXD3M5kRNQggz
5HO/QBzbcRTmkMGeOuBs95LsYdl0fRCBe9MY4LmP5U2ARB+buWY4DdTYZLwtVZGe
72ddWn2gJOxuGLwjgR9MRKohyxA7563NLFC7j/gqz4pYsSKWR6P50rE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:58 2024 by rpki-client on console-fra.rpki-client.org