Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2122/BkYhHrcLFUVhqsRdoxFDM3FWZPQ.roa
File: BkYhHrcLFUVhqsRdoxFDM3FWZPQ.roa (raw, json)
Hash identifier: m/PVmCK/IiPiBKGKMgOvxywyMIJQ095bln5VHHzqvYE=
Subject key identifier: 06:46:21:1E:B7:0B:15:45:61:AA:C4:5D:A3:11:43:33:71:56:64:F4
Certificate issuer: /CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97
Certificate serial: 095E
Authority key identifier: 88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/BkYhHrcLFUVhqsRdoxFDM3FWZPQ.roa
Signing time: Tue 07 Jun 2022 02:12:46 +0000
ROA not before: Tue 07 Jun 2022 02:12:46 +0000
ROA not after: Fri 02 Jun 2023 05:30:26 +0000
asID: 38814
IP address blocks: 123.49.245.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2398 (0x95e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97
Validity
Not Before: Jun 7 02:12:46 2022 GMT
Not After : Jun 2 05:30:26 2023 GMT
Subject: CN=0646211EB70B154561AAC45DA3114333715664F4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:5c:c1:f3:b6:89:65:2b:cb:91:8b:e4:4a:ea:
d7:af:8a:4b:ba:82:be:9f:16:ec:05:49:02:cb:2d:
2f:cd:28:f5:e3:46:6d:7f:28:86:32:9e:05:9c:ed:
4e:71:3c:1e:5f:81:e9:1f:50:b7:6b:d6:50:d2:fb:
7a:37:10:58:02:d0:28:13:86:21:d8:72:7c:06:1d:
15:fb:0b:cf:40:c8:ac:ce:ba:c4:99:a1:db:83:e2:
4c:50:84:d8:ed:a9:e4:b4:1a:09:76:e5:0b:93:8e:
a1:43:df:ec:d3:2a:10:bc:23:21:24:1f:1c:bf:a6:
ea:f9:6f:16:89:f9:e9:5a:22:b5:fa:dd:e3:b3:d0:
f5:0a:64:c3:1f:6b:c5:91:46:0c:b2:90:c7:8f:70:
88:46:c5:d9:bf:fe:7f:07:1b:97:92:29:bf:bd:35:
41:5d:4a:c9:31:f7:ae:74:03:4c:b8:ad:14:8e:74:
06:26:3b:c7:2c:4a:6e:3d:d1:c6:fa:98:e3:f7:ad:
a6:dc:03:8c:dc:72:ed:4b:12:46:39:70:02:dc:51:
ad:5d:15:a5:a3:da:db:8a:36:3f:be:55:dc:4f:b5:
11:4e:4f:eb:34:68:e9:ce:90:55:52:16:19:df:74:
dc:ce:5b:2e:48:8a:0d:83:cc:2a:05:3d:9d:47:6d:
b1:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:46:21:1E:B7:0B:15:45:61:AA:C4:5D:A3:11:43:33:71:56:64:F4
X509v3 Authority Key Identifier:
keyid:88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/BkYhHrcLFUVhqsRdoxFDM3FWZPQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.49.245.0/24
Signature Algorithm: sha256WithRSAEncryption
86:19:2f:1d:76:12:b0:a1:96:c7:ff:ed:96:bb:ad:b5:38:72:
5e:34:76:6a:4e:15:67:a3:55:fe:a9:1f:80:74:ad:a4:94:26:
b0:a4:1b:ff:6c:23:51:7f:7f:1c:df:58:ec:1d:38:49:b5:b4:
02:51:16:bd:99:86:b1:f8:6f:b0:a8:7f:70:b9:ee:3a:13:b0:
78:9d:f4:55:ac:c4:92:9a:56:c4:7d:5a:42:6b:da:19:10:76:
ff:94:4f:24:bb:f2:2c:c9:f0:35:24:2a:1c:92:6e:24:4a:5b:
e0:d5:c8:c8:eb:ba:7c:c5:90:2c:0a:fd:a2:51:5e:3d:45:7a:
e4:79:69:6f:8b:99:01:73:33:fd:0b:40:39:99:95:89:bc:aa:
76:46:f5:ea:69:97:d0:88:5c:dd:31:2c:1e:ea:63:2c:76:a9:
1e:16:52:bf:04:d6:31:15:ae:5d:8d:1d:f2:d8:ff:ec:a2:81:
d4:4d:de:bc:5d:31:bb:92:67:87:5f:70:32:48:7e:a1:d2:92:
b6:31:08:b2:18:85:ac:b9:8d:52:bb:e4:9e:ba:73:2b:ba:6e:
ec:0c:c6:b9:47:b4:1b:f7:01:e3:ed:ec:fe:01:3f:03:da:be:
6c:a4:b5:4e:86:a6:78:76:72:96:fe:75:0c:6e:78:ff:b2:54:
df:6d:b4:25
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICCV4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODg4
ODRENEQ0QTc1RjE3RjA4REQ0NENCQTk1OTJGRTcwRjUzOUQ5NzAeFw0yMjA2MDcw
MjEyNDZaFw0yMzA2MDIwNTMwMjZaMDMxMTAvBgNVBAMTKDA2NDYyMTFFQjcwQjE1
NDU2MUFBQzQ1REEzMTE0MzMzNzE1NjY0RjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmXMHztollK8uRi+RK6teviku6gr6fFuwFSQLLLS/NKPXjRm1/
KIYyngWc7U5xPB5fgekfULdr1lDS+3o3EFgC0CgThiHYcnwGHRX7C89AyKzOusSZ
oduD4kxQhNjtqeS0Ggl25QuTjqFD3+zTKhC8IyEkHxy/pur5bxaJ+elaIrX63eOz
0PUKZMMfa8WRRgyykMePcIhGxdm//n8HG5eSKb+9NUFdSskx9650A0y4rRSOdAYm
O8csSm490cb6mOP3rabcA4zccu1LEkY5cALcUa1dFaWj2tuKNj++VdxPtRFOT+s0
aOnOkFVSFhnfdNzOWy5Iig2DzCoFPZ1HbbENAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUBkYhHrcLFUVhqsRdoxFDM3FWZPQwHwYDVR0jBBgwFoAUiIhNTUp18X8I3UTL
qVkv5w9TnZcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjEy
Mi9pSWhOVFVwMThYOEkzVVRMcVZrdjV3OVRuWmMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2lJaE5UVXAxOFg4STNVVExxVmt2NXc5VG5aYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIxMjIvQmtZaEhyY0xGVVZo
cXNSZG94RkRNM0ZXWlBRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAHsx9TANBgkqhkiG9w0BAQsFAAOCAQEAhhkvHXYSsKGWx//tlruttThyXjR2
ak4VZ6NV/qkfgHStpJQmsKQb/2wjUX9/HN9Y7B04SbW0AlEWvZmGsfhvsKh/cLnu
OhOweJ30VazEkppWxH1aQmvaGRB2/5RPJLvyLMnwNSQqHJJuJEpb4NXIyOu6fMWQ
LAr9olFePUV65Hlpb4uZAXMz/QtAOZmVibyqdkb16mmX0Ihc3TEsHupjLHapHhZS
vwTWMRWuXY0d8tj/7KKB1E3evF0xu5Jnh19wMkh+odKStjEIshiFrLmNUrvknrpz
K7pu7AzGuUe0G/cB4+3s/gE/A9q+bKS1ToameHZylv51DG54/7JU3220JQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:58 2024 by rpki-client on console-fra.rpki-client.org