Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2048/nD-2rKyd2T0Zvh_GpKu_EHU8X9k.roa
File: nD-2rKyd2T0Zvh_GpKu_EHU8X9k.roa (raw, json)
Hash identifier: 0QB0tPv1hllc1i5InzwSD7G0Cf273vjKD4quMFgUzFI=
Subject key identifier: 9C:3F:B6:AC:AC:9D:D9:3D:19:BE:1F:C6:A4:AB:BF:10:75:3C:5F:D9
Certificate issuer: /CN=4E25934FE8D89959425D1018EB121981DA250985
Certificate serial: 19
Authority key identifier: 4E:25:93:4F:E8:D8:99:59:42:5D:10:18:EB:12:19:81:DA:25:09:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TiWTT-jYmVlCXRAY6xIZgdolCYU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/nD-2rKyd2T0Zvh_GpKu_EHU8X9k.roa
Signing time: Sat 02 Mar 2024 02:45:00 +0000
ROA not before: Sat 02 Mar 2024 02:45:00 +0000
ROA not after: Sun 02 Mar 2025 02:27:12 +0000
asID: 151296
IP address blocks: 103.71.68.0/22 maxlen: 24
180.210.212.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25 (0x19)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4E25934FE8D89959425D1018EB121981DA250985
Validity
Not Before: Mar 2 02:45:00 2024 GMT
Not After : Mar 2 02:27:12 2025 GMT
Subject: CN=9C3FB6ACAC9DD93D19BE1FC6A4ABBF10753C5FD9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:66:d2:be:e5:0a:10:48:ca:d0:0c:b1:77:e1:
b5:e4:2d:db:a0:1f:cf:8c:ab:a0:30:b8:6e:9a:66:
78:8c:d8:9f:8c:3e:be:c3:e8:1e:87:fa:11:63:1d:
46:41:2d:dd:2e:ad:b7:72:7c:08:89:34:b6:bf:eb:
14:35:c4:a3:36:d5:9e:e5:47:6b:31:8b:22:71:8b:
ba:de:66:93:6d:3c:56:4a:4a:bb:80:0a:c2:cb:b0:
6d:17:43:7c:fd:0c:35:10:7c:e8:34:fd:92:03:97:
9c:35:7e:05:a9:1c:d4:27:c0:f8:10:49:2e:2a:03:
6a:2b:06:7b:c5:2d:5e:16:f1:dc:8a:63:a4:10:74:
1a:a6:f3:40:af:7d:cb:12:d9:30:f9:0c:4d:3c:85:
23:fb:c9:38:68:06:69:4f:c1:83:7c:25:d8:d5:8c:
71:ca:a2:82:02:1f:ed:54:7b:e2:2f:32:0d:16:b3:
62:78:6d:d8:17:0a:77:5a:cf:4c:1a:af:c0:0e:74:
93:44:c7:79:bb:7f:c8:cc:0f:a6:a7:dc:0f:9e:0c:
e0:e1:00:cf:01:e2:7e:e5:b7:33:5f:21:19:57:41:
be:1c:47:cd:01:26:9f:97:38:a5:e5:2f:d0:a5:28:
3c:08:d2:f0:91:2a:35:38:27:46:33:75:f3:45:29:
d7:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:3F:B6:AC:AC:9D:D9:3D:19:BE:1F:C6:A4:AB:BF:10:75:3C:5F:D9
X509v3 Authority Key Identifier:
keyid:4E:25:93:4F:E8:D8:99:59:42:5D:10:18:EB:12:19:81:DA:25:09:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/TiWTT-jYmVlCXRAY6xIZgdolCYU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TiWTT-jYmVlCXRAY6xIZgdolCYU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/nD-2rKyd2T0Zvh_GpKu_EHU8X9k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.71.68.0/22
180.210.212.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:4a:85:f4:24:09:89:00:b0:67:83:60:ce:bd:a8:d7:cf:9f:
9f:1e:8d:6e:96:33:53:22:0e:0f:c4:99:15:39:b0:99:c9:90:
80:02:c4:b1:69:1f:6d:75:a0:86:84:4d:e5:9b:8b:98:6a:0b:
26:78:c1:41:ae:52:d2:00:76:ca:14:57:a0:2e:fa:9d:bb:9d:
67:4b:5a:34:1b:11:7f:78:f7:7d:26:a1:81:67:d9:7a:2d:88:
3b:06:63:18:a7:26:1f:e7:e3:1f:cc:37:d6:c3:11:2c:58:ac:
ce:33:d2:3e:02:e2:5f:0b:07:c1:53:0a:59:81:b3:0a:29:46:
18:2e:be:af:3a:81:0d:65:70:1e:43:aa:ad:1f:19:a7:b6:8c:
17:e2:62:4c:2b:37:df:cb:26:e8:9d:be:93:78:b5:ef:6d:50:
21:45:07:9a:ea:68:66:40:79:45:77:9a:4c:70:1e:cd:4a:8b:
ba:a0:a2:a6:ec:f6:4d:e4:d4:43:fc:f5:c5:1d:11:4e:d7:68:
58:65:17:fb:67:48:f9:ad:fc:fb:c8:28:85:b4:98:85:9b:34:
21:f4:c4:2e:e1:79:a3:7e:66:84:ce:fc:4e:25:ca:56:e5:5c:
d6:78:5a:7b:e4:04:f3:67:82:e6:00:76:81:5a:b0:98:d7:c2:
8f:b4:1d:04
-----BEGIN CERTIFICATE-----
MIIE3DCCA8SgAwIBAgIBGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0RTI1
OTM0RkU4RDg5OTU5NDI1RDEwMThFQjEyMTk4MURBMjUwOTg1MB4XDTI0MDMwMjAy
NDUwMFoXDTI1MDMwMjAyMjcxMlowMzExMC8GA1UEAxMoOUMzRkI2QUNBQzlERDkz
RDE5QkUxRkM2QTRBQkJGMTA3NTNDNUZEOTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANxm0r7lChBIytAMsXfhteQt26Afz4yroDC4bppmeIzYn4w+vsPo
Hof6EWMdRkEt3S6tt3J8CIk0tr/rFDXEozbVnuVHazGLInGLut5mk208VkpKu4AK
wsuwbRdDfP0MNRB86DT9kgOXnDV+Bakc1CfA+BBJLioDaisGe8UtXhbx3IpjpBB0
GqbzQK99yxLZMPkMTTyFI/vJOGgGaU/Bg3wl2NWMccqiggIf7VR74i8yDRazYnht
2BcKd1rPTBqvwA50k0THebt/yMwPpqfcD54M4OEAzwHifuW3M18hGVdBvhxHzQEm
n5c4peUv0KUoPAjS8JEqNTgnRjN180Up18sCAwEAAaOCAfkwggH1MB0GA1UdDgQW
BBScP7asrJ3ZPRm+H8akq78QdTxf2TAfBgNVHSMEGDAWgBROJZNP6NiZWUJdEBjr
EhmB2iUJhTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yMDQ4
L1RpV1RULWpZbVZsQ1hSQVk2eElaZ2RvbENZVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvVGlXVFQtalltVmxDWFJBWTZ4SVpnZG9sQ1lVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjA0OC9uRC0yckt5ZDJUMFp2
aF9HcEt1X0VIVThYOWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAM
AwQCZ0dEAwQCtNLUMA0GCSqGSIb3DQEBCwUAA4IBAQCgSoX0JAmJALBng2DOvajX
z5+fHo1uljNTIg4PxJkVObCZyZCAAsSxaR9tdaCGhE3lm4uYagsmeMFBrlLSAHbK
FFegLvqdu51nS1o0GxF/ePd9JqGBZ9l6LYg7BmMYpyYf5+MfzDfWwxEsWKzOM9I+
AuJfCwfBUwpZgbMKKUYYLr6vOoENZXAeQ6qtHxmntowX4mJMKzffyybonb6TeLXv
bVAhRQea6mhmQHlFd5pMcB7NSou6oKKm7PZN5NRD/PXFHRFO12hYZRf7Z0j5rfz7
yCiFtJiFmzQh9MQu4XmjfmaEzvxOJcpW5VzWeFp75ATzZ4LmAHaBWrCY18KPtB0E
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:58 2024 by rpki-client on console-fra.rpki-client.org