Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2309/PXTN4dSL2SZQK6nE3yj3gcNJwEs.roa
File: PXTN4dSL2SZQK6nE3yj3gcNJwEs.roa (raw, json)
Hash identifier: BQbAGON95ImA7h2M1Wc24+xatMrtcdvEmVaxUTXfTEg=
Subject key identifier: 3D:74:CD:E1:D4:8B:D9:26:50:2B:A9:C4:DF:28:F7:81:C3:49:C0:4B
Certificate issuer: /CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Certificate serial: 0544
Authority key identifier: 06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/PXTN4dSL2SZQK6nE3yj3gcNJwEs.roa
Signing time: Mon 06 Feb 2023 06:16:58 +0000
ROA not before: Mon 06 Feb 2023 06:16:58 +0000
ROA not after: Tue 16 Jan 2024 06:09:07 +0000
asID: 34549
IP address blocks: 114.66.212.0/22 maxlen: 24
218.98.80.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1348 (0x544)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Validity
Not Before: Feb 6 06:16:58 2023 GMT
Not After : Jan 16 06:09:07 2024 GMT
Subject: CN=3D74CDE1D48BD926502BA9C4DF28F781C349C04B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:df:90:c6:43:a1:cc:c3:b8:ca:54:2d:5d:7a:
6b:ac:3f:bb:ef:a7:be:6c:83:d2:fb:86:4b:02:18:
48:33:3e:37:40:99:0a:32:ab:59:5e:cd:76:96:00:
6c:48:53:1e:3e:71:9d:9d:f9:c3:b1:cd:56:a7:53:
83:ac:a8:94:48:5d:9c:18:98:09:15:d9:12:1c:b5:
0f:6b:d9:e1:fb:14:70:5c:75:0c:4d:1d:1a:d1:2a:
de:bf:77:60:07:19:ed:9d:71:a5:45:c3:a3:7e:19:
19:22:ed:8b:ae:99:48:12:48:e3:da:ba:c4:ff:8a:
f1:b5:40:69:4a:db:ce:e1:58:7e:08:42:22:e3:ed:
c7:83:5b:22:ce:c3:00:d5:32:d6:9a:5e:88:7e:47:
37:cd:9f:6b:a5:8b:7d:a4:cf:52:2b:45:7e:a1:47:
85:b6:c3:81:4a:0a:56:d9:d0:35:41:be:bc:4c:26:
d2:dc:04:b2:59:16:f6:5e:3b:b5:f2:b6:07:0f:df:
e1:aa:d3:74:0d:26:3c:5a:48:6f:69:f1:28:97:c3:
b2:1d:b6:3f:61:eb:fb:db:c5:84:a9:3b:fa:ce:4a:
2c:e9:df:57:b5:5d:9d:4f:61:18:b7:64:e9:b9:c9:
73:93:73:79:09:94:72:cb:01:14:64:42:39:50:90:
d8:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:74:CD:E1:D4:8B:D9:26:50:2B:A9:C4:DF:28:F7:81:C3:49:C0:4B
X509v3 Authority Key Identifier:
keyid:06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/BgwAvxelX9uFyvRXi-gzBW4Ci0M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/PXTN4dSL2SZQK6nE3yj3gcNJwEs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
114.66.212.0/22
218.98.80.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:01:b5:7a:47:ba:61:06:0f:4b:e0:bd:08:80:9d:cd:b2:ab:
c8:5e:2f:a6:ac:3a:2d:fc:94:3b:3f:55:19:c2:88:61:f3:9a:
89:b7:01:27:13:5e:1d:75:dd:fc:aa:19:d0:fe:ed:9e:0e:0b:
64:ae:2d:5a:42:70:5c:5b:81:42:31:2f:40:5b:db:22:76:ac:
5e:36:32:fc:e4:e2:31:03:8e:de:56:09:39:58:11:8e:fe:cc:
01:26:fe:dc:fc:e1:ef:86:2a:a9:c4:ce:1e:3c:40:4b:e0:ac:
7b:c2:b5:3e:c1:d4:2b:9a:ff:b3:13:9b:75:c7:b2:0f:7e:b3:
cf:d1:da:47:ef:2c:77:2f:99:db:a7:a5:b6:3b:cb:15:17:df:
33:43:31:41:0d:8c:a3:2b:25:3b:df:27:68:b7:7a:f8:d7:f0:
58:52:c0:fb:40:47:a9:67:d0:7b:2d:a3:3f:81:6d:f2:fb:3c:
48:7e:1a:23:fe:0e:5e:f3:00:a5:4e:b5:72:d5:fd:56:a2:88:
7c:a8:96:ba:9a:44:98:2c:2e:13:42:a4:69:75:d7:f9:3f:76:
cd:a3:d1:0c:2c:58:c3:d8:48:88:04:b1:f0:06:07:f5:cb:c0:
28:e1:fa:5a:54:48:bd:e8:6d:8a:3f:6a:b6:ab:4f:a5:11:66:
a0:be:e9:a0
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgICBUQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDYw
QzAwQkYxN0E1NUZEQjg1Q0FGNDU3OEJFODMzMDU2RTAyOEI0MzAeFw0yMzAyMDYw
NjE2NThaFw0yNDAxMTYwNjA5MDdaMDMxMTAvBgNVBAMTKDNENzRDREUxRDQ4QkQ5
MjY1MDJCQTlDNERGMjhGNzgxQzM0OUMwNEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDS35DGQ6HMw7jKVC1demusP7vvp75sg9L7hksCGEgzPjdAmQoy
q1lezXaWAGxIUx4+cZ2d+cOxzVanU4OsqJRIXZwYmAkV2RIctQ9r2eH7FHBcdQxN
HRrRKt6/d2AHGe2dcaVFw6N+GRki7YuumUgSSOPausT/ivG1QGlK287hWH4IQiLj
7ceDWyLOwwDVMtaaXoh+RzfNn2uli32kz1IrRX6hR4W2w4FKClbZ0DVBvrxMJtLc
BLJZFvZeO7XytgcP3+Gq03QNJjxaSG9p8SiXw7Idtj9h6/vbxYSpO/rOSizp31e1
XZ1PYRi3ZOm5yXOTc3kJlHLLARRkQjlQkNjXAgMBAAGjggH5MIIB9TAdBgNVHQ4E
FgQUPXTN4dSL2SZQK6nE3yj3gcNJwEswHwYDVR0jBBgwFoAUBgwAvxelX9uFyvRX
i+gzBW4Ci0MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMw
OS9CZ3dBdnhlbFg5dUZ5dlJYaS1nekJXNENpME0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0Jnd0F2eGVsWDl1Rnl2UlhpLWd6Qlc0Q2kwTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMDkvUFhUTjRkU0wyU1pR
SzZuRTN5ajNnY05Kd0VzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw
DAMEAnJC1AMEAtpiUDANBgkqhkiG9w0BAQsFAAOCAQEAXAG1eke6YQYPS+C9CICd
zbKryF4vpqw6LfyUOz9VGcKIYfOaibcBJxNeHXXd/KoZ0P7tng4LZK4tWkJwXFuB
QjEvQFvbInasXjYy/OTiMQOO3lYJOVgRjv7MASb+3Pzh74YqqcTOHjxAS+Cse8K1
PsHUK5r/sxObdceyD36zz9HaR+8sdy+Z26eltjvLFRffM0MxQQ2MoyslO98naLd6
+NfwWFLA+0BHqWfQey2jP4Ft8vs8SH4aI/4OXvMApU61ctX9VqKIfKiWuppEmCwu
E0KkaXXX+T92zaPRDCxYw9hIiASx8AYH9cvAKOH6WlRIvehtij9qtqtPpRFmoL7p
oA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:58 2024 by rpki-client on console-fra.rpki-client.org