Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2391/onvrHKMtGJSffuUX7SQAQROks1Y.roa
File: onvrHKMtGJSffuUX7SQAQROks1Y.roa (raw, json)
Hash identifier: GeLF0BhemGrArfXjibsY8Zyc26/k8ZuZUr0NX0l3/7g=
Subject key identifier: A2:7B:EB:1C:A3:2D:18:94:9F:7E:E5:17:ED:24:00:41:13:A4:B3:56
Certificate issuer: /CN=07A608409B251BCB1A6C030A1C21BA41CDBCBF56
Certificate serial: 08B0
Authority key identifier: 07:A6:08:40:9B:25:1B:CB:1A:6C:03:0A:1C:21:BA:41:CD:BC:BF:56
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/B6YIQJslG8sabAMKHCG6Qc28v1Y.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2391/onvrHKMtGJSffuUX7SQAQROks1Y.roa
Signing time: Wed 14 Jun 2023 17:54:05 +0000
ROA not before: Wed 14 Jun 2023 17:54:05 +0000
ROA not after: Fri 07 Jun 2024 02:16:11 +0000
asID: 137443
IP address blocks: 219.234.8.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2224 (0x8b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07A608409B251BCB1A6C030A1C21BA41CDBCBF56
Validity
Not Before: Jun 14 17:54:05 2023 GMT
Not After : Jun 7 02:16:11 2024 GMT
Subject: CN=A27BEB1CA32D18949F7EE517ED24004113A4B356
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c4:e3:27:09:c7:33:b1:0e:05:e1:33:62:02:
31:8c:74:e6:b9:b4:dc:0d:59:46:13:7c:ea:e0:cc:
e9:37:db:6c:91:3d:1f:65:d0:01:d7:69:f3:2d:56:
71:0e:fd:29:2d:a4:a6:2c:17:b0:f6:a1:34:ff:b5:
e9:ca:e3:f0:e8:a1:31:c4:50:9c:09:bd:b1:b7:2f:
25:af:0b:cf:27:34:18:3c:00:63:d1:38:da:c7:dd:
c5:23:81:0a:03:70:0f:8a:0a:4b:11:de:4e:47:75:
5d:8f:22:ef:43:7b:c7:28:80:cc:4d:69:a1:df:30:
af:20:55:fb:4f:7e:72:b2:37:34:86:e7:c4:16:c7:
7d:8e:c3:3a:16:71:1b:d1:54:d3:98:2d:75:ed:4f:
4a:72:43:6f:f4:76:4d:93:3b:f3:43:78:5f:fd:cd:
81:29:6c:0f:df:ac:78:d0:54:e3:a2:43:b9:b3:3f:
90:df:5b:53:13:90:2a:6a:5a:f3:44:9d:b3:22:87:
69:43:26:45:7d:a6:7b:ad:77:f8:7e:f7:5a:7f:3b:
69:ce:f6:e2:11:e2:b7:90:4b:c6:99:18:72:c9:a0:
0c:e1:e5:cd:5e:e9:a9:8e:29:41:58:5f:7a:c4:b5:
00:b8:75:44:30:46:87:aa:36:00:fb:3e:eb:44:8d:
6d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:7B:EB:1C:A3:2D:18:94:9F:7E:E5:17:ED:24:00:41:13:A4:B3:56
X509v3 Authority Key Identifier:
keyid:07:A6:08:40:9B:25:1B:CB:1A:6C:03:0A:1C:21:BA:41:CD:BC:BF:56
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2391/B6YIQJslG8sabAMKHCG6Qc28v1Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/B6YIQJslG8sabAMKHCG6Qc28v1Y.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2391/onvrHKMtGJSffuUX7SQAQROks1Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
219.234.8.0/21
Signature Algorithm: sha256WithRSAEncryption
8a:74:c0:e5:da:f3:17:90:f5:e0:e6:54:37:ab:27:19:c8:1b:
f0:83:1a:e1:b9:da:00:e5:ca:bb:80:10:a6:f2:d4:8a:07:55:
1c:39:3e:96:48:ac:99:a0:ce:88:80:fd:e6:d9:8c:79:d9:4e:
57:d9:5c:58:31:eb:e6:29:12:38:b0:b5:32:7e:82:0f:29:59:
32:0f:b9:53:a8:77:b9:60:1c:95:f0:3c:e6:49:36:55:c7:ce:
1c:7c:8d:28:34:d9:9b:17:cc:e5:e5:75:b8:4a:f6:f7:e7:d6:
96:37:09:f8:09:d3:e5:88:cc:c1:2b:59:53:bd:b8:c0:0c:a0:
02:42:91:c4:a9:6a:5b:5d:fd:7b:26:14:b3:ee:0a:b2:61:21:
6f:a1:0f:3b:da:6e:25:5c:d7:e5:9d:cc:c4:94:53:2f:8f:81:
06:aa:a5:bd:45:76:be:1f:6b:f1:e0:d5:21:b2:16:c4:32:d5:
22:b1:35:5f:1b:cf:02:83:f7:db:6c:71:5b:fa:f7:6d:0c:3c:
33:b0:d1:4a:e3:15:45:95:19:68:6b:5b:82:b7:de:1b:1c:58:
06:13:8c:8f:da:4a:85:b5:2b:81:ad:eb:48:db:88:2a:ae:07:
1f:d6:23:4a:73:87:0a:4e:ee:07:ea:62:e4:bf:53:4a:80:be:
49:25:1c:ac
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICCLAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDdB
NjA4NDA5QjI1MUJDQjFBNkMwMzBBMUMyMUJBNDFDREJDQkY1NjAeFw0yMzA2MTQx
NzU0MDVaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKEEyN0JFQjFDQTMyRDE4
OTQ5RjdFRTUxN0VEMjQwMDQxMTNBNEIzNTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVxOMnCcczsQ4F4TNiAjGMdOa5tNwNWUYTfOrgzOk322yRPR9l
0AHXafMtVnEO/SktpKYsF7D2oTT/tenK4/DooTHEUJwJvbG3LyWvC88nNBg8AGPR
ONrH3cUjgQoDcA+KCksR3k5HdV2PIu9De8cogMxNaaHfMK8gVftPfnKyNzSG58QW
x32OwzoWcRvRVNOYLXXtT0pyQ2/0dk2TO/NDeF/9zYEpbA/frHjQVOOiQ7mzP5Df
W1MTkCpqWvNEnbMih2lDJkV9pnutd/h+91p/O2nO9uIR4reQS8aZGHLJoAzh5c1e
6amOKUFYX3rEtQC4dUQwRoeqNgD7PutEjW31AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUonvrHKMtGJSffuUX7SQAQROks1YwHwYDVR0jBBgwFoAUB6YIQJslG8sabAMK
HCG6Qc28v1YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjM5
MS9CNllJUUpzbEc4c2FiQU1LSENHNlFjMjh2MVkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0I2WUlRSnNsRzhzYWJBTUtIQ0c2UWMyOHYxWS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzOTEvb252ckhLTXRHSlNm
ZnVVWDdTUUFRUk9rczFZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEA9vqCDANBgkqhkiG9w0BAQsFAAOCAQEAinTA5drzF5D14OZUN6snGcgb8IMa
4bnaAOXKu4AQpvLUigdVHDk+lkismaDOiID95tmMedlOV9lcWDHr5ikSOLC1Mn6C
DylZMg+5U6h3uWAclfA85kk2VcfOHHyNKDTZmxfM5eV1uEr29+fWljcJ+AnT5YjM
wStZU724wAygAkKRxKlqW139eyYUs+4KsmEhb6EPO9puJVzX5Z3MxJRTL4+BBqql
vUV2vh9r8eDVIbIWxDLVIrE1XxvPAoP322xxW/r3bQw8M7DRSuMVRZUZaGtbgrfe
GxxYBhOMj9pKhbUrga3rSNuIKq4HH9YjSnOHCk7uB+pi5L9TSoC+SSUcrA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:25 2024 by rpki-client on console-ams.rpki-client.org