Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2391/3u9Tm2xy6LQ3Zb_4luUruUe5aXo.roa
File: 3u9Tm2xy6LQ3Zb_4luUruUe5aXo.roa (raw, json)
Hash identifier: HwnrsZtG7Kz5Dmg2yOvgTAcJSneag0aJrPfxtIn7cW0=
Subject key identifier: DE:EF:53:9B:6C:72:E8:B4:37:65:BF:F8:96:E5:2B:B9:47:B9:69:7A
Certificate issuer: /CN=07A608409B251BCB1A6C030A1C21BA41CDBCBF56
Certificate serial: 08A6
Authority key identifier: 07:A6:08:40:9B:25:1B:CB:1A:6C:03:0A:1C:21:BA:41:CD:BC:BF:56
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/B6YIQJslG8sabAMKHCG6Qc28v1Y.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2391/3u9Tm2xy6LQ3Zb_4luUruUe5aXo.roa
Signing time: Wed 14 Jun 2023 16:24:11 +0000
ROA not before: Wed 14 Jun 2023 16:24:11 +0000
ROA not after: Fri 07 Jun 2024 02:16:11 +0000
asID: 4842
IP address blocks: 43.250.116.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2214 (0x8a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07A608409B251BCB1A6C030A1C21BA41CDBCBF56
Validity
Not Before: Jun 14 16:24:11 2023 GMT
Not After : Jun 7 02:16:11 2024 GMT
Subject: CN=DEEF539B6C72E8B43765BFF896E52BB947B9697A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:48:d2:c4:8c:8b:5a:28:33:86:d1:e2:8e:cc:
94:60:a2:fa:0a:4d:77:4b:68:40:a8:68:c1:fb:85:
79:a9:b4:ed:6c:3d:df:53:dc:89:cd:26:30:26:ee:
1c:75:0d:ca:56:5d:d3:6b:f7:02:03:2d:89:24:93:
46:1e:77:54:c6:aa:55:8b:34:49:28:74:1c:cb:04:
97:73:a7:4d:46:20:d8:6d:03:dd:8b:10:85:6d:af:
a5:32:fa:da:96:49:f1:7a:31:92:f4:fe:5a:3e:e4:
bc:c5:b2:81:52:75:c5:ab:5a:06:58:cd:b5:9d:32:
1f:55:ec:a1:22:1b:35:0f:ca:5d:e4:5f:40:5b:d2:
d1:09:a1:f3:18:bb:c6:bb:96:19:ba:8e:07:0f:ea:
92:52:cb:83:67:b5:d4:d4:d6:e9:6c:83:1e:6e:b4:
84:b0:50:fd:08:21:73:74:d2:41:3b:d7:d7:2c:d8:
c9:bf:78:44:62:8f:86:b1:36:e0:8a:e3:de:17:d3:
c0:9a:36:f3:7c:bc:b6:0f:2e:2d:99:4a:65:41:c5:
ae:35:8d:90:3e:c2:de:5e:5a:8e:0d:08:f0:be:a7:
12:31:ae:5b:29:d0:af:3a:2d:af:11:d2:61:c5:79:
97:5b:cc:dc:fe:ae:b5:04:cf:35:0d:f2:22:d4:dc:
ff:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:EF:53:9B:6C:72:E8:B4:37:65:BF:F8:96:E5:2B:B9:47:B9:69:7A
X509v3 Authority Key Identifier:
keyid:07:A6:08:40:9B:25:1B:CB:1A:6C:03:0A:1C:21:BA:41:CD:BC:BF:56
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2391/B6YIQJslG8sabAMKHCG6Qc28v1Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/B6YIQJslG8sabAMKHCG6Qc28v1Y.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2391/3u9Tm2xy6LQ3Zb_4luUruUe5aXo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.116.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:1a:8e:bb:20:fd:7e:b2:77:a4:49:ba:7d:50:0e:90:2b:6b:
93:ed:7f:14:8b:89:5c:5e:07:ce:06:d2:31:17:7c:ef:74:48:
82:9e:7a:68:d8:25:13:40:1c:66:01:7e:f7:e4:c2:43:c0:25:
bb:9d:4c:f4:13:9a:16:65:7b:b0:ef:1b:0c:42:04:05:79:b2:
19:30:5d:1a:b0:0a:76:bc:e0:88:15:6c:f1:6c:25:f6:83:8a:
68:d6:5f:64:7b:5d:2b:ff:20:ba:ff:c3:5c:86:84:7a:7a:96:
aa:e4:67:4c:34:ca:9c:23:f9:a6:71:aa:70:12:c6:b2:d8:91:
a8:ba:8c:b1:33:62:70:c9:9a:36:26:68:c0:01:18:dc:d0:9f:
61:45:04:77:c9:41:00:a3:9b:e1:7f:76:fa:86:bd:29:05:b8:
16:c6:37:80:9e:99:7f:83:83:54:ee:c4:b1:85:29:9a:5f:e8:
31:3c:85:c9:99:99:4b:c3:ea:2a:01:a5:b9:76:1a:2a:e0:ae:
99:64:1e:cf:4b:9d:3b:42:e4:fa:e0:6a:fa:89:c4:1e:3a:08:
a7:76:05:f9:86:c3:ae:26:1f:32:4f:22:5b:90:22:3a:28:39:
0d:47:cd:56:f3:a9:4b:b0:90:81:d8:40:81:af:ac:b1:d7:7c:
cc:e7:41:47
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICCKYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDdB
NjA4NDA5QjI1MUJDQjFBNkMwMzBBMUMyMUJBNDFDREJDQkY1NjAeFw0yMzA2MTQx
NjI0MTFaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKERFRUY1MzlCNkM3MkU4
QjQzNzY1QkZGODk2RTUyQkI5NDdCOTY5N0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxSNLEjItaKDOG0eKOzJRgovoKTXdLaECoaMH7hXmptO1sPd9T
3InNJjAm7hx1DcpWXdNr9wIDLYkkk0Yed1TGqlWLNEkodBzLBJdzp01GINhtA92L
EIVtr6Uy+tqWSfF6MZL0/lo+5LzFsoFSdcWrWgZYzbWdMh9V7KEiGzUPyl3kX0Bb
0tEJofMYu8a7lhm6jgcP6pJSy4NntdTU1ulsgx5utISwUP0IIXN00kE719cs2Mm/
eERij4axNuCK494X08CaNvN8vLYPLi2ZSmVBxa41jZA+wt5eWo4NCPC+pxIxrlsp
0K86La8R0mHFeZdbzNz+rrUEzzUN8iLU3P9PAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU3u9Tm2xy6LQ3Zb/4luUruUe5aXowHwYDVR0jBBgwFoAUB6YIQJslG8sabAMK
HCG6Qc28v1YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjM5
MS9CNllJUUpzbEc4c2FiQU1LSENHNlFjMjh2MVkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0I2WUlRSnNsRzhzYWJBTUtIQ0c2UWMyOHYxWS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzOTEvM3U5VG0yeHk2TFEz
WmJfNGx1VXJ1VWU1YVhvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAiv6dDANBgkqhkiG9w0BAQsFAAOCAQEAshqOuyD9frJ3pEm6fVAOkCtrk+1/
FIuJXF4HzgbSMRd873RIgp56aNglE0AcZgF+9+TCQ8Alu51M9BOaFmV7sO8bDEIE
BXmyGTBdGrAKdrzgiBVs8Wwl9oOKaNZfZHtdK/8guv/DXIaEenqWquRnTDTKnCP5
pnGqcBLGstiRqLqMsTNicMmaNiZowAEY3NCfYUUEd8lBAKOb4X92+oa9KQW4FsY3
gJ6Zf4ODVO7EsYUpml/oMTyFyZmZS8PqKgGluXYaKuCumWQez0udO0Lk+uBq+onE
HjoIp3YF+YbDriYfMk8iW5AiOig5DUfNVvOpS7CQgdhAga+ssdd8zOdBRw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:59 2024 by rpki-client on console-fra.rpki-client.org