Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2391/8Q2-xnD5p8YG-y0OgIkcv6YwdAA.roa
File: 8Q2-xnD5p8YG-y0OgIkcv6YwdAA.roa (raw, json)
Hash identifier: lLwfs83gYhSUxgCHpcLjBgbgYONFknhNgVvI0/yG2Q4=
Subject key identifier: F1:0D:BE:C6:70:F9:A7:C6:06:FB:2D:0E:80:89:1C:BF:A6:30:74:00
Certificate issuer: /CN=07A608409B251BCB1A6C030A1C21BA41CDBCBF56
Certificate serial: 07C2
Authority key identifier: 07:A6:08:40:9B:25:1B:CB:1A:6C:03:0A:1C:21:BA:41:CD:BC:BF:56
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/B6YIQJslG8sabAMKHCG6Qc28v1Y.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2391/8Q2-xnD5p8YG-y0OgIkcv6YwdAA.roa
Signing time: Tue 13 Jun 2023 11:54:02 +0000
ROA not before: Tue 13 Jun 2023 11:54:02 +0000
ROA not after: Fri 07 Jun 2024 02:16:11 +0000
asID: 4842
IP address blocks: 43.250.116.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1986 (0x7c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07A608409B251BCB1A6C030A1C21BA41CDBCBF56
Validity
Not Before: Jun 13 11:54:02 2023 GMT
Not After : Jun 7 02:16:11 2024 GMT
Subject: CN=F10DBEC670F9A7C606FB2D0E80891CBFA6307400
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:5b:21:4c:e8:da:53:9e:dd:a8:1b:4e:f7:7c:
eb:12:f5:52:fc:7a:db:92:cf:7a:0a:ce:46:54:3c:
67:86:2d:75:6d:56:11:86:14:65:60:10:71:60:20:
8b:ee:5d:96:41:ce:f0:86:e1:ae:53:04:0a:62:77:
79:9d:48:7c:1e:7a:91:67:44:f6:62:e0:94:33:cb:
42:8b:fa:60:f9:91:4e:e8:8e:84:33:e3:6f:65:50:
81:b6:88:9a:ab:d6:de:cd:bc:02:c7:bb:b5:e0:87:
91:bd:02:65:89:49:51:00:9f:9c:5e:73:7e:4a:33:
f9:44:2c:e0:d0:90:4b:ae:a1:48:8c:d9:b7:2b:d0:
ec:62:eb:db:55:6c:71:2b:25:02:5a:3f:64:64:a5:
e9:4d:95:9d:eb:5f:b9:9b:d0:dc:bc:60:8a:c6:c5:
6e:b1:12:c7:3a:bc:a8:d1:b5:e6:7e:ea:05:1b:db:
ea:0d:88:e9:78:b7:ee:a3:74:60:8a:45:28:c2:71:
e0:55:59:b2:27:d8:7b:ee:cf:b0:20:94:88:45:8e:
00:27:9d:d8:28:35:67:17:dc:bd:e2:ec:81:cf:8f:
e5:fc:f3:7c:9d:1d:ba:c7:7f:10:87:2e:09:61:89:
7d:3f:48:e2:73:eb:dd:98:0a:3c:e2:55:22:63:a4:
f4:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:0D:BE:C6:70:F9:A7:C6:06:FB:2D:0E:80:89:1C:BF:A6:30:74:00
X509v3 Authority Key Identifier:
keyid:07:A6:08:40:9B:25:1B:CB:1A:6C:03:0A:1C:21:BA:41:CD:BC:BF:56
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2391/B6YIQJslG8sabAMKHCG6Qc28v1Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/B6YIQJslG8sabAMKHCG6Qc28v1Y.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2391/8Q2-xnD5p8YG-y0OgIkcv6YwdAA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.116.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:1c:c4:ac:7a:44:7d:0a:d7:0a:e6:cb:1b:f3:cc:27:97:4c:
e2:df:79:77:fe:4a:57:b4:9e:c6:0e:41:81:a1:0c:82:91:ed:
d5:f5:05:a6:e3:68:37:a2:9f:14:98:77:07:5b:9b:a6:5c:15:
9f:f9:b0:1d:c8:f0:7d:e7:b1:85:de:3f:05:90:86:8f:c6:cf:
20:1f:9e:ab:ad:01:e5:c0:1f:5b:7a:ed:ae:b8:4e:fc:6a:fd:
28:e5:8b:b4:e4:f4:08:af:88:ca:cc:f1:25:a2:2d:14:4a:f6:
53:e4:e8:26:76:8d:00:33:27:6d:1e:82:e3:bb:21:01:d0:d1:
cc:f9:66:f2:3a:32:39:30:de:aa:0f:d9:a2:a7:42:9d:c6:cf:
e0:5a:49:cf:81:ae:f0:7c:21:36:ec:fa:60:e2:9c:21:55:06:
4d:20:08:8d:a3:e3:73:93:e3:74:89:2e:db:5d:27:74:18:ae:
b6:a5:2f:6e:4e:db:ea:74:b5:55:64:dd:1d:de:f5:ed:bd:9f:
71:82:2b:25:b0:27:ab:7b:72:ff:ba:b4:9a:2b:54:66:65:7b:
44:f4:97:99:91:60:b6:6e:8e:91:b4:a5:d5:f2:3c:ac:54:6a:
10:52:a2:75:be:6f:6a:e5:1c:7a:14:e2:0a:ea:85:64:94:f6:
89:9e:26:c7
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICB8IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDdB
NjA4NDA5QjI1MUJDQjFBNkMwMzBBMUMyMUJBNDFDREJDQkY1NjAeFw0yMzA2MTMx
MTU0MDJaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKEYxMERCRUM2NzBGOUE3
QzYwNkZCMkQwRTgwODkxQ0JGQTYzMDc0MDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDvWyFM6NpTnt2oG073fOsS9VL8etuSz3oKzkZUPGeGLXVtVhGG
FGVgEHFgIIvuXZZBzvCG4a5TBApid3mdSHweepFnRPZi4JQzy0KL+mD5kU7ojoQz
429lUIG2iJqr1t7NvALHu7Xgh5G9AmWJSVEAn5xec35KM/lELODQkEuuoUiM2bcr
0Oxi69tVbHErJQJaP2RkpelNlZ3rX7mb0Ny8YIrGxW6xEsc6vKjRteZ+6gUb2+oN
iOl4t+6jdGCKRSjCceBVWbIn2Hvuz7AglIhFjgAnndgoNWcX3L3i7IHPj+X883yd
HbrHfxCHLglhiX0/SOJz692YCjziVSJjpPTnAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQU8Q2+xnD5p8YG+y0OgIkcv6YwdAAwHwYDVR0jBBgwFoAUB6YIQJslG8sabAMK
HCG6Qc28v1YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjM5
MS9CNllJUUpzbEc4c2FiQU1LSENHNlFjMjh2MVkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0I2WUlRSnNsRzhzYWJBTUtIQ0c2UWMyOHYxWS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzOTEvOFEyLXhuRDVwOFlH
LXkwT2dJa2N2Nll3ZEFBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAiv6dDANBgkqhkiG9w0BAQsFAAOCAQEAbBzErHpEfQrXCubLG/PMJ5dM4t95
d/5KV7Sexg5BgaEMgpHt1fUFpuNoN6KfFJh3B1ubplwVn/mwHcjwfeexhd4/BZCG
j8bPIB+eq60B5cAfW3rtrrhO/Gr9KOWLtOT0CK+IyszxJaItFEr2U+ToJnaNADMn
bR6C47shAdDRzPlm8joyOTDeqg/ZoqdCncbP4FpJz4Gu8HwhNuz6YOKcIVUGTSAI
jaPjc5PjdIku210ndBiutqUvbk7b6nS1VWTdHd717b2fcYIrJbAnq3ty/7q0mitU
ZmV7RPSXmZFgtm6OkbSl1fI8rFRqEFKidb5vauUcehTiCuqFZJT2iZ4mxw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:59 2024 by rpki-client on console-fra.rpki-client.org