Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2391/h6ZYtzwq0-d8HgDhw5bzOjxB1ig.roa
File: h6ZYtzwq0-d8HgDhw5bzOjxB1ig.roa (raw, json)
Hash identifier: SbWwI2w8qFIxfCvQGk8Kjy+xgYEXzmWtR4aYW6C/nys=
Subject key identifier: 87:A6:58:B7:3C:2A:D3:E7:7C:1E:00:E1:C3:96:F3:3A:3C:41:D6:28
Certificate issuer: /CN=07A608409B251BCB1A6C030A1C21BA41CDBCBF56
Certificate serial: 07B6
Authority key identifier: 07:A6:08:40:9B:25:1B:CB:1A:6C:03:0A:1C:21:BA:41:CD:BC:BF:56
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/B6YIQJslG8sabAMKHCG6Qc28v1Y.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2391/h6ZYtzwq0-d8HgDhw5bzOjxB1ig.roa
Signing time: Tue 13 Jun 2023 10:24:01 +0000
ROA not before: Tue 13 Jun 2023 10:24:01 +0000
ROA not after: Fri 07 Jun 2024 02:16:11 +0000
asID: 4842
IP address blocks: 43.250.116.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1974 (0x7b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07A608409B251BCB1A6C030A1C21BA41CDBCBF56
Validity
Not Before: Jun 13 10:24:01 2023 GMT
Not After : Jun 7 02:16:11 2024 GMT
Subject: CN=87A658B73C2AD3E77C1E00E1C396F33A3C41D628
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:30:33:e0:81:02:b0:ec:81:a2:de:8c:24:ee:
17:b8:ab:05:53:0d:b3:b9:11:08:73:bb:5f:b5:64:
d7:25:3e:62:27:25:cd:97:bc:29:a5:b5:e5:1f:a1:
7f:38:41:94:22:4d:36:9a:a4:db:84:fd:1a:b2:5a:
a7:72:25:15:5b:27:9f:09:e4:a9:bb:ef:ae:d8:02:
f8:00:a5:79:f6:95:be:92:40:e9:d4:48:9e:86:19:
e9:48:fb:03:aa:42:c7:16:a8:1f:53:06:b4:03:30:
0b:9e:c3:58:1a:b8:da:fe:cb:d9:d3:75:6f:6f:88:
c0:01:9e:93:e5:aa:c1:e7:cf:76:a0:da:96:3c:16:
3c:41:5a:cd:a3:97:4e:8f:c0:d1:af:54:89:1d:c8:
ce:e1:70:c5:6a:1b:b5:cc:3b:f8:88:3f:9e:1e:5d:
4a:53:b2:0b:35:1a:fd:a1:82:b3:df:ed:52:cb:35:
2d:61:0a:37:d4:40:ca:bb:ff:55:f2:e5:0e:64:83:
dc:0f:83:43:8a:17:b6:68:b3:0a:86:da:39:12:ed:
ce:ac:76:b0:6d:40:a8:5d:02:70:7c:47:54:8b:b1:
e6:da:af:81:e2:58:8d:2c:7d:ed:f0:08:18:3c:cc:
48:35:9e:fc:01:e2:fd:1b:05:dc:af:62:7c:bb:fd:
27:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:A6:58:B7:3C:2A:D3:E7:7C:1E:00:E1:C3:96:F3:3A:3C:41:D6:28
X509v3 Authority Key Identifier:
keyid:07:A6:08:40:9B:25:1B:CB:1A:6C:03:0A:1C:21:BA:41:CD:BC:BF:56
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2391/B6YIQJslG8sabAMKHCG6Qc28v1Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/B6YIQJslG8sabAMKHCG6Qc28v1Y.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2391/h6ZYtzwq0-d8HgDhw5bzOjxB1ig.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.116.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:40:d3:12:ca:7d:60:70:1f:0e:c7:1f:7d:65:ff:d2:1e:e8:
0a:27:77:e6:e9:1a:b1:49:f5:c3:c3:cd:e2:64:f7:26:a2:52:
80:e1:80:87:a1:2d:cb:7e:2b:2c:6c:cc:98:b7:e0:b9:85:ec:
c9:c0:dd:a9:b6:9b:04:26:e5:f2:b0:8b:b6:a0:d8:21:a4:d1:
ae:a0:f2:59:08:fb:5b:ee:34:94:b3:63:d6:b9:b5:6d:fb:ab:
3b:c7:4b:43:48:b3:a0:b7:1c:cd:31:9b:cd:25:17:61:c6:a1:
67:98:c8:1b:fb:ef:74:aa:e5:a3:43:1c:ce:04:48:a6:c0:da:
64:5e:56:48:f4:05:c4:e6:bf:ee:49:42:52:1c:ac:9c:ee:0f:
2d:85:34:79:df:6b:03:24:a0:00:68:e9:09:c2:a8:18:f4:6f:
c3:74:52:56:2e:95:23:af:f5:1c:b5:67:b5:39:0a:3d:75:b3:
62:6c:15:78:27:2e:ac:c0:16:53:50:a5:06:f8:25:3f:ad:d8:
4b:e1:e5:0c:d1:90:46:95:50:1f:0f:07:cc:b2:f1:22:63:6f:
9a:27:ee:e2:38:7b:6a:68:bb:03:30:33:73:b6:b2:01:4c:74:
65:b1:15:b0:f5:98:49:0e:bc:0b:66:99:4a:a2:28:36:4e:dd:
05:fd:9d:de
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICB7YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDdB
NjA4NDA5QjI1MUJDQjFBNkMwMzBBMUMyMUJBNDFDREJDQkY1NjAeFw0yMzA2MTMx
MDI0MDFaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKDg3QTY1OEI3M0MyQUQz
RTc3QzFFMDBFMUMzOTZGMzNBM0M0MUQ2MjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLMDPggQKw7IGi3owk7he4qwVTDbO5EQhzu1+1ZNclPmInJc2X
vCmlteUfoX84QZQiTTaapNuE/RqyWqdyJRVbJ58J5Km7767YAvgApXn2lb6SQOnU
SJ6GGelI+wOqQscWqB9TBrQDMAuew1gauNr+y9nTdW9viMABnpPlqsHnz3ag2pY8
FjxBWs2jl06PwNGvVIkdyM7hcMVqG7XMO/iIP54eXUpTsgs1Gv2hgrPf7VLLNS1h
CjfUQMq7/1Xy5Q5kg9wPg0OKF7ZoswqG2jkS7c6sdrBtQKhdAnB8R1SLsebar4Hi
WI0sfe3wCBg8zEg1nvwB4v0bBdyvYny7/SePAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUh6ZYtzwq0+d8HgDhw5bzOjxB1igwHwYDVR0jBBgwFoAUB6YIQJslG8sabAMK
HCG6Qc28v1YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjM5
MS9CNllJUUpzbEc4c2FiQU1LSENHNlFjMjh2MVkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0I2WUlRSnNsRzhzYWJBTUtIQ0c2UWMyOHYxWS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzOTEvaDZaWXR6d3EwLWQ4
SGdEaHc1YnpPanhCMWlnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAiv6dDANBgkqhkiG9w0BAQsFAAOCAQEAXEDTEsp9YHAfDscffWX/0h7oCid3
5ukasUn1w8PN4mT3JqJSgOGAh6Ety34rLGzMmLfguYXsycDdqbabBCbl8rCLtqDY
IaTRrqDyWQj7W+40lLNj1rm1bfurO8dLQ0izoLcczTGbzSUXYcahZ5jIG/vvdKrl
o0MczgRIpsDaZF5WSPQFxOa/7klCUhysnO4PLYU0ed9rAySgAGjpCcKoGPRvw3RS
Vi6VI6/1HLVntTkKPXWzYmwVeCcurMAWU1ClBvglP63YS+HlDNGQRpVQHw8HzLLx
ImNvmifu4jh7ami7AzAzc7ayAUx0ZbEVsPWYSQ68C2aZSqIoNk7dBf2d3g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:25 2024 by rpki-client on console-ams.rpki-client.org