Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2391/2isr1Gssq2E4GeMLFC5rodt0vCw.roa
File: 2isr1Gssq2E4GeMLFC5rodt0vCw.roa (raw, json)
Hash identifier: oh+rhRaEXutJhzp43n9jEGAPpGUQcooXPb0TDQ2Lpvc=
Subject key identifier: DA:2B:2B:D4:6B:2C:AB:61:38:19:E3:0B:14:2E:6B:A1:DB:74:BC:2C
Certificate issuer: /CN=07A608409B251BCB1A6C030A1C21BA41CDBCBF56
Certificate serial: 0856
Authority key identifier: 07:A6:08:40:9B:25:1B:CB:1A:6C:03:0A:1C:21:BA:41:CD:BC:BF:56
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/B6YIQJslG8sabAMKHCG6Qc28v1Y.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2391/2isr1Gssq2E4GeMLFC5rodt0vCw.roa
Signing time: Wed 14 Jun 2023 06:24:13 +0000
ROA not before: Wed 14 Jun 2023 06:24:13 +0000
ROA not after: Fri 07 Jun 2024 02:16:11 +0000
asID: 4842
IP address blocks: 43.250.116.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2134 (0x856)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07A608409B251BCB1A6C030A1C21BA41CDBCBF56
Validity
Not Before: Jun 14 06:24:13 2023 GMT
Not After : Jun 7 02:16:11 2024 GMT
Subject: CN=DA2B2BD46B2CAB613819E30B142E6BA1DB74BC2C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:7e:e4:d1:41:2e:0b:78:9e:82:42:58:1b:36:
ab:e9:5c:8a:f8:84:5c:63:36:85:c3:08:cb:c8:06:
ff:e0:be:27:b0:0c:ab:09:68:37:f2:8d:85:37:dc:
37:95:fa:50:b3:ae:46:09:93:91:56:05:e1:46:15:
2f:0b:24:cb:bf:45:b7:00:b2:ab:a8:66:fb:17:b1:
d0:6f:5d:cc:d8:53:e2:e3:ac:58:3f:c1:ea:bd:53:
c3:5f:3e:1a:a2:e9:00:20:4b:1d:cb:eb:f1:6e:94:
9a:b0:77:94:97:d9:ba:c0:b9:67:a5:9a:55:0c:47:
fb:52:97:8d:b5:8c:e7:70:62:eb:71:35:15:97:1d:
7e:8e:d7:f2:18:c3:db:19:6d:17:6d:d6:cf:54:a0:
b7:49:33:65:80:39:dc:7e:e4:c5:f0:a3:7f:53:af:
ef:bc:00:f5:6c:f3:ed:ad:04:41:1d:f6:05:79:0e:
58:37:7c:c3:5d:4d:5e:89:1e:46:30:cb:60:2c:23:
f6:e9:5a:c9:8c:cf:12:e3:20:e3:25:ea:f6:f6:4f:
97:b0:f9:59:e4:bc:4b:5a:25:a9:70:ca:c9:2e:ed:
0b:04:79:01:6b:43:06:cb:2a:72:75:71:17:f7:ec:
d2:5f:26:e2:cc:f2:a0:ae:02:f3:b9:8e:06:cc:7b:
54:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:2B:2B:D4:6B:2C:AB:61:38:19:E3:0B:14:2E:6B:A1:DB:74:BC:2C
X509v3 Authority Key Identifier:
keyid:07:A6:08:40:9B:25:1B:CB:1A:6C:03:0A:1C:21:BA:41:CD:BC:BF:56
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2391/B6YIQJslG8sabAMKHCG6Qc28v1Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/B6YIQJslG8sabAMKHCG6Qc28v1Y.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2391/2isr1Gssq2E4GeMLFC5rodt0vCw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.116.0/22
Signature Algorithm: sha256WithRSAEncryption
72:5d:e4:62:14:fd:77:b0:36:86:b8:69:48:69:d7:6c:5c:43:
a7:06:f3:52:71:be:bd:bf:01:a2:4e:ae:29:b7:d5:61:ba:a2:
60:98:84:1c:b4:3a:2d:d0:a6:9d:8a:d6:8c:7f:78:b0:96:37:
e4:5e:0c:68:f3:93:7e:be:45:0e:83:89:22:74:63:46:8c:3b:
fc:6f:68:69:09:f8:d1:6a:84:9f:9a:60:79:cb:39:60:96:53:
cf:5c:e8:d5:31:4e:32:ce:ac:60:19:e9:c8:6a:1c:c8:31:c8:
af:f4:db:03:06:2f:4a:84:12:e7:ad:5f:d0:cd:b3:db:82:db:
ca:a1:47:21:39:6b:52:19:c5:eb:c0:75:66:e5:d0:14:84:8c:
c8:4f:5c:8b:45:b2:0c:f8:e4:28:a1:f7:a6:1c:d2:06:63:e8:
dc:35:b1:d5:53:3a:d3:c8:ff:ac:6a:65:d5:07:e5:1b:2f:b4:
91:ee:e9:88:59:61:3f:49:2c:9e:e7:c8:73:3a:28:0c:57:60:
5d:52:c1:ab:8b:23:c3:36:3e:2c:44:fc:8b:09:aa:3c:3b:72:
ac:87:a4:87:1a:93:b0:a3:6b:6a:57:c3:68:d4:00:e2:51:bf:
ed:82:59:45:12:2e:26:b2:38:94:98:fe:0a:da:86:d4:40:b9:
b5:3f:66:ae
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICCFYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDdB
NjA4NDA5QjI1MUJDQjFBNkMwMzBBMUMyMUJBNDFDREJDQkY1NjAeFw0yMzA2MTQw
NjI0MTNaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKERBMkIyQkQ0NkIyQ0FC
NjEzODE5RTMwQjE0MkU2QkExREI3NEJDMkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbfuTRQS4LeJ6CQlgbNqvpXIr4hFxjNoXDCMvIBv/gviewDKsJ
aDfyjYU33DeV+lCzrkYJk5FWBeFGFS8LJMu/RbcAsquoZvsXsdBvXczYU+LjrFg/
weq9U8NfPhqi6QAgSx3L6/FulJqwd5SX2brAuWelmlUMR/tSl421jOdwYutxNRWX
HX6O1/IYw9sZbRdt1s9UoLdJM2WAOdx+5MXwo39Tr++8APVs8+2tBEEd9gV5Dlg3
fMNdTV6JHkYwy2AsI/bpWsmMzxLjIOMl6vb2T5ew+VnkvEtaJalwysku7QsEeQFr
QwbLKnJ1cRf37NJfJuLM8qCuAvO5jgbMe1TLAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU2isr1Gssq2E4GeMLFC5rodt0vCwwHwYDVR0jBBgwFoAUB6YIQJslG8sabAMK
HCG6Qc28v1YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjM5
MS9CNllJUUpzbEc4c2FiQU1LSENHNlFjMjh2MVkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0I2WUlRSnNsRzhzYWJBTUtIQ0c2UWMyOHYxWS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzOTEvMmlzcjFHc3NxMkU0
R2VNTEZDNXJvZHQwdkN3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAiv6dDANBgkqhkiG9w0BAQsFAAOCAQEAcl3kYhT9d7A2hrhpSGnXbFxDpwbz
UnG+vb8Bok6uKbfVYbqiYJiEHLQ6LdCmnYrWjH94sJY35F4MaPOTfr5FDoOJInRj
Row7/G9oaQn40WqEn5pgecs5YJZTz1zo1TFOMs6sYBnpyGocyDHIr/TbAwYvSoQS
561f0M2z24LbyqFHITlrUhnF68B1ZuXQFISMyE9ci0WyDPjkKKH3phzSBmPo3DWx
1VM608j/rGpl1QflGy+0ke7piFlhP0ksnufIczooDFdgXVLBq4sjwzY+LET8iwmq
PDtyrIekhxqTsKNralfDaNQA4lG/7YJZRRIuJrI4lJj+CtqG1EC5tT9mrg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:24 2024 by rpki-client on console-ams.rpki-client.org