Route Origin Authorization

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2391/AqItpemwHrdGpYoSwt2ev0E03ds.roa
File:                     AqItpemwHrdGpYoSwt2ev0E03ds.roa (raw, json)
Hash identifier:          Bu4el5p5H9Fu6qaJRNgnTrsig893zCfEWu5HoQuRAb8=
Subject key identifier:   02:A2:2D:A5:E9:B0:1E:B7:46:A5:8A:12:C2:DD:9E:BF:41:34:DD:DB
Certificate issuer:       /CN=07A608409B251BCB1A6C030A1C21BA41CDBCBF56
Certificate serial:       07E6
Authority key identifier: 07:A6:08:40:9B:25:1B:CB:1A:6C:03:0A:1C:21:BA:41:CD:BC:BF:56
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/B6YIQJslG8sabAMKHCG6Qc28v1Y.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2391/AqItpemwHrdGpYoSwt2ev0E03ds.roa
Signing time:             Tue 13 Jun 2023 16:24:01 +0000
ROA not before:           Tue 13 Jun 2023 16:24:01 +0000
ROA not after:            Fri 07 Jun 2024 02:16:11 +0000
asID:                     4842
IP address blocks:        43.250.116.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2022 (0x7e6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=07A608409B251BCB1A6C030A1C21BA41CDBCBF56
        Validity
            Not Before: Jun 13 16:24:01 2023 GMT
            Not After : Jun  7 02:16:11 2024 GMT
        Subject: CN=02A22DA5E9B01EB746A58A12C2DD9EBF4134DDDB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:35:51:41:fc:85:09:0f:5e:5a:58:44:95:22:
                    b1:f9:bc:a7:a4:94:ec:ca:8d:03:15:a1:a2:f7:c5:
                    0d:a4:e1:be:96:e3:8e:d2:bc:9b:2e:01:9a:03:33:
                    de:00:5e:7f:93:67:96:dc:f6:72:7b:1d:73:9f:69:
                    65:f4:8e:bc:db:2b:63:59:50:93:c6:07:3b:52:37:
                    c0:a2:e3:64:74:6b:20:53:a3:86:2b:b1:62:70:c1:
                    58:fa:af:64:7d:52:ae:d7:20:87:42:d3:39:0b:75:
                    8c:f6:ed:0b:2c:91:d4:5e:82:c5:59:7b:b2:7d:74:
                    15:42:35:85:20:de:44:59:54:e9:c0:97:84:fb:91:
                    bd:ec:c0:dd:9e:16:e1:59:f9:4d:85:6f:f2:90:2b:
                    b8:d0:81:78:b6:47:0f:09:06:9c:01:b9:69:33:f3:
                    05:3e:58:cd:db:6e:df:80:5f:47:06:b3:97:63:e8:
                    ba:2f:74:82:85:85:15:1a:77:99:69:ef:3f:2a:0a:
                    49:8d:77:75:09:97:08:39:0a:2c:78:83:cc:cb:86:
                    3c:c8:4f:0b:22:05:e8:d6:ce:ce:13:20:a7:29:09:
                    b6:12:63:cc:29:d4:bc:c5:57:35:ea:13:47:f9:f5:
                    10:65:b8:65:fd:85:56:71:fd:40:ea:56:e0:ba:b7:
                    e2:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:A2:2D:A5:E9:B0:1E:B7:46:A5:8A:12:C2:DD:9E:BF:41:34:DD:DB
            X509v3 Authority Key Identifier:
                keyid:07:A6:08:40:9B:25:1B:CB:1A:6C:03:0A:1C:21:BA:41:CD:BC:BF:56

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2391/B6YIQJslG8sabAMKHCG6Qc28v1Y.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/B6YIQJslG8sabAMKHCG6Qc28v1Y.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2391/AqItpemwHrdGpYoSwt2ev0E03ds.roa
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.250.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         15:95:3e:fa:50:5c:77:e7:ef:ec:dd:d2:ab:59:4b:37:93:21:
         35:3e:ec:89:18:65:6b:ed:1a:47:c9:7e:be:62:56:48:6a:bd:
         2b:56:03:1c:10:db:a9:d9:94:5d:ce:ca:eb:eb:d1:c8:d0:d0:
         99:85:b9:5e:b6:a4:59:33:57:25:26:53:3a:f9:73:b8:13:78:
         ff:6c:b1:c2:da:0b:87:e9:df:17:5c:be:1b:d3:bf:e4:b2:d1:
         9d:5a:c8:0d:82:99:96:8e:0f:6e:cd:33:36:ea:73:65:72:ea:
         ed:42:af:20:c6:12:d2:2f:16:5b:8b:8e:f3:60:4d:90:30:5a:
         4f:f5:25:f0:82:41:71:3b:32:bf:8a:28:5e:39:f0:6a:b5:9a:
         17:98:f3:97:68:3c:9f:57:29:c2:8a:7d:92:c9:09:d3:0c:f3:
         34:04:21:45:53:0b:b8:00:23:b2:30:73:e9:a4:39:75:12:b5:
         ca:09:88:cc:13:9e:22:40:e3:43:24:96:2d:01:c5:a3:72:79:
         b9:30:91:70:1c:b5:b4:c6:c9:aa:1c:ce:13:c8:a5:cd:00:02:
         07:b7:19:18:91:78:20:a1:01:75:eb:a6:5c:18:36:50:a9:79:
         f4:8c:a0:4b:bc:ab:3a:3b:75:83:d1:7e:d7:17:82:53:97:71:
         37:4d:93:c2
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICB+YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDdB
NjA4NDA5QjI1MUJDQjFBNkMwMzBBMUMyMUJBNDFDREJDQkY1NjAeFw0yMzA2MTMx
NjI0MDFaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKDAyQTIyREE1RTlCMDFF
Qjc0NkE1OEExMkMyREQ5RUJGNDEzNEREREIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvNVFB/IUJD15aWESVIrH5vKeklOzKjQMVoaL3xQ2k4b6W447S
vJsuAZoDM94AXn+TZ5bc9nJ7HXOfaWX0jrzbK2NZUJPGBztSN8Ci42R0ayBTo4Yr
sWJwwVj6r2R9Uq7XIIdC0zkLdYz27QsskdRegsVZe7J9dBVCNYUg3kRZVOnAl4T7
kb3swN2eFuFZ+U2Fb/KQK7jQgXi2Rw8JBpwBuWkz8wU+WM3bbt+AX0cGs5dj6Lov
dIKFhRUad5lp7z8qCkmNd3UJlwg5Cix4g8zLhjzITwsiBejWzs4TIKcpCbYSY8wp
1LzFVzXqE0f59RBluGX9hVZx/UDqVuC6t+LzAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUAqItpemwHrdGpYoSwt2ev0E03dswHwYDVR0jBBgwFoAUB6YIQJslG8sabAMK
HCG6Qc28v1YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjM5
MS9CNllJUUpzbEc4c2FiQU1LSENHNlFjMjh2MVkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0I2WUlRSnNsRzhzYWJBTUtIQ0c2UWMyOHYxWS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzOTEvQXFJdHBlbXdIcmRH
cFlvU3d0MmV2MEUwM2RzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAiv6dDANBgkqhkiG9w0BAQsFAAOCAQEAFZU++lBcd+fv7N3Sq1lLN5MhNT7s
iRhla+0aR8l+vmJWSGq9K1YDHBDbqdmUXc7K6+vRyNDQmYW5XrakWTNXJSZTOvlz
uBN4/2yxwtoLh+nfF1y+G9O/5LLRnVrIDYKZlo4Pbs0zNupzZXLq7UKvIMYS0i8W
W4uO82BNkDBaT/Ul8IJBcTsyv4ooXjnwarWaF5jzl2g8n1cpwop9kskJ0wzzNAQh
RVMLuAAjsjBz6aQ5dRK1ygmIzBOeIkDjQySWLQHFo3J5uTCRcBy1tMbJqhzOE8il
zQACB7cZGJF4IKEBdeumXBg2UKl59IygS7yrOjt1g9F+1xeCU5dxN02Twg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:25 2024 by rpki-client on console-ams.rpki-client.org