Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2391/YZfwJtPUrSp9yCm5fH7HOmlPgLk.roa
File: YZfwJtPUrSp9yCm5fH7HOmlPgLk.roa (raw, json)
Hash identifier: qWkCaSsOWB4MCPvdiG0UGXvkOBSnSOyhcaDX0GPhRM8=
Subject key identifier: 61:97:F0:26:D3:D4:AD:2A:7D:C8:29:B9:7C:7E:C7:3A:69:4F:80:B9
Certificate issuer: /CN=07A608409B251BCB1A6C030A1C21BA41CDBCBF56
Certificate serial: 086E
Authority key identifier: 07:A6:08:40:9B:25:1B:CB:1A:6C:03:0A:1C:21:BA:41:CD:BC:BF:56
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/B6YIQJslG8sabAMKHCG6Qc28v1Y.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2391/YZfwJtPUrSp9yCm5fH7HOmlPgLk.roa
Signing time: Wed 14 Jun 2023 09:24:03 +0000
ROA not before: Wed 14 Jun 2023 09:24:03 +0000
ROA not after: Fri 07 Jun 2024 02:16:11 +0000
asID: 4842
IP address blocks: 43.250.116.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2158 (0x86e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07A608409B251BCB1A6C030A1C21BA41CDBCBF56
Validity
Not Before: Jun 14 09:24:03 2023 GMT
Not After : Jun 7 02:16:11 2024 GMT
Subject: CN=6197F026D3D4AD2A7DC829B97C7EC73A694F80B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:8e:81:da:6c:2e:ea:2f:14:47:be:7c:be:6f:
09:86:de:5a:cc:31:fe:51:2b:69:0c:ce:b3:61:e6:
cd:17:c3:f0:a7:d9:c4:23:b4:77:08:0b:c4:9e:14:
a5:49:53:07:3f:e3:f4:71:de:c6:c3:83:ac:1a:af:
99:bd:02:f9:ef:dc:d0:85:54:11:66:ee:a9:52:6c:
4b:c1:e7:65:ba:98:b6:e7:ac:cc:67:82:8a:25:0c:
fa:b1:58:8f:0a:f9:17:c2:ce:e5:96:0c:0a:74:86:
49:8a:b3:38:14:dc:89:58:20:95:5f:4a:ea:d2:11:
3c:8f:c8:59:9d:96:e1:4f:26:2b:ad:33:2f:74:25:
ab:31:a4:f0:49:70:0f:9e:8e:ea:02:01:df:db:a3:
c6:33:c0:fc:0b:31:af:a1:3a:7a:33:17:77:90:48:
c4:d6:ff:eb:b9:71:ee:c7:4d:21:59:a0:bc:14:34:
fc:d8:ea:bc:00:39:ca:51:bc:81:ba:a5:43:5c:37:
aa:2c:b3:75:00:3b:35:1b:a3:b2:8f:44:07:26:61:
f1:71:b7:1d:a7:72:dc:4a:06:57:61:ae:b8:ff:82:
c8:ef:0c:db:3b:c3:db:c6:87:2c:cb:95:a3:8b:e2:
d7:e2:ab:f7:74:32:33:b1:bf:a2:08:62:8a:d5:2c:
ca:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:97:F0:26:D3:D4:AD:2A:7D:C8:29:B9:7C:7E:C7:3A:69:4F:80:B9
X509v3 Authority Key Identifier:
keyid:07:A6:08:40:9B:25:1B:CB:1A:6C:03:0A:1C:21:BA:41:CD:BC:BF:56
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2391/B6YIQJslG8sabAMKHCG6Qc28v1Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/B6YIQJslG8sabAMKHCG6Qc28v1Y.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2391/YZfwJtPUrSp9yCm5fH7HOmlPgLk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.116.0/22
Signature Algorithm: sha256WithRSAEncryption
32:77:7a:36:78:4e:e5:23:4c:a5:a5:95:18:b6:81:93:6b:15:
4c:a1:7e:42:36:c6:56:83:a0:e5:95:2a:9d:7c:82:fa:db:b3:
ce:7b:ff:ab:f7:a1:88:ae:4d:0f:09:8a:07:09:4e:a3:29:38:
1e:35:a8:b6:8b:7f:56:83:c2:93:5f:07:b9:f4:3d:64:e3:7f:
ae:7f:c7:41:a0:74:bf:a5:80:47:e1:ee:93:a0:32:57:33:2b:
49:85:e8:ac:95:9f:82:32:13:c2:49:f0:37:9c:98:00:a4:45:
8b:3d:e9:2b:cd:28:3e:2d:58:95:f9:14:08:20:a1:d9:42:05:
2e:73:66:6e:e7:21:34:68:a6:97:59:bd:46:52:a7:0c:de:a6:
20:93:f8:3a:59:30:b6:60:10:d1:5c:4e:a7:5e:ad:dc:8b:a8:
d3:c2:56:cb:cb:91:2e:5f:80:a1:35:82:87:f4:45:33:33:17:
af:bc:18:75:b7:7e:55:db:da:e9:00:6d:c2:f7:64:d4:fe:09:
76:29:ab:18:b1:ef:14:77:9c:65:3c:57:ca:53:1d:6a:55:3e:
85:14:4d:21:91:35:b1:46:f4:df:93:f9:c8:1e:c4:8a:ea:da:
66:d9:d6:73:c6:5a:70:ce:83:fd:54:f4:9d:cf:c9:6a:0f:c3:
f4:75:ce:a5
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICCG4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDdB
NjA4NDA5QjI1MUJDQjFBNkMwMzBBMUMyMUJBNDFDREJDQkY1NjAeFw0yMzA2MTQw
OTI0MDNaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKDYxOTdGMDI2RDNENEFE
MkE3REM4MjlCOTdDN0VDNzNBNjk0RjgwQjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3joHabC7qLxRHvny+bwmG3lrMMf5RK2kMzrNh5s0Xw/Cn2cQj
tHcIC8SeFKVJUwc/4/Rx3sbDg6war5m9Avnv3NCFVBFm7qlSbEvB52W6mLbnrMxn
goolDPqxWI8K+RfCzuWWDAp0hkmKszgU3IlYIJVfSurSETyPyFmdluFPJiutMy90
JasxpPBJcA+ejuoCAd/bo8YzwPwLMa+hOnozF3eQSMTW/+u5ce7HTSFZoLwUNPzY
6rwAOcpRvIG6pUNcN6oss3UAOzUbo7KPRAcmYfFxtx2nctxKBldhrrj/gsjvDNs7
w9vGhyzLlaOL4tfiq/d0MjOxv6IIYorVLMrDAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUYZfwJtPUrSp9yCm5fH7HOmlPgLkwHwYDVR0jBBgwFoAUB6YIQJslG8sabAMK
HCG6Qc28v1YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjM5
MS9CNllJUUpzbEc4c2FiQU1LSENHNlFjMjh2MVkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0I2WUlRSnNsRzhzYWJBTUtIQ0c2UWMyOHYxWS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzOTEvWVpmd0p0UFVyU3A5
eUNtNWZIN0hPbWxQZ0xrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAiv6dDANBgkqhkiG9w0BAQsFAAOCAQEAMnd6NnhO5SNMpaWVGLaBk2sVTKF+
QjbGVoOg5ZUqnXyC+tuzznv/q/ehiK5NDwmKBwlOoyk4HjWotot/VoPCk18HufQ9
ZON/rn/HQaB0v6WAR+Huk6AyVzMrSYXorJWfgjITwknwN5yYAKRFiz3pK80oPi1Y
lfkUCCCh2UIFLnNmbuchNGiml1m9RlKnDN6mIJP4OlkwtmAQ0VxOp16t3Iuo08JW
y8uRLl+AoTWCh/RFMzMXr7wYdbd+Vdva6QBtwvdk1P4JdimrGLHvFHecZTxXylMd
alU+hRRNIZE1sUb035P5yB7EiuraZtnWc8ZacM6D/VT0nc/Jag/D9HXOpQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:59 2024 by rpki-client on console-fra.rpki-client.org