Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2522/KQHkJqpjyfoWm1bmaTGLE7zfGBo.roa
File: KQHkJqpjyfoWm1bmaTGLE7zfGBo.roa (raw, json)
Hash identifier: dHwTF0RfQJUTqTIgs2l0KEiaQ6SxyJta7Rv0jrzf0l4=
Subject key identifier: 29:01:E4:26:AA:63:C9:FA:16:9B:56:E6:69:31:8B:13:BC:DF:18:1A
Certificate issuer: /CN=4087DAB67172836B082075CE18BE5E5FA45D5E95
Certificate serial: 100C
Authority key identifier: 40:87:DA:B6:71:72:83:6B:08:20:75:CE:18:BE:5E:5F:A4:5D:5E:95
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/QIfatnFyg2sIIHXOGL5eX6RdXpU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/KQHkJqpjyfoWm1bmaTGLE7zfGBo.roa
Signing time: Fri 19 May 2023 05:53:11 +0000
ROA not before: Fri 19 May 2023 05:53:11 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 131567
IP address blocks: 103.96.8.0/22 maxlen: 24
103.96.8.0/24 maxlen: 24
103.96.9.0/24 maxlen: 24
103.96.10.0/24 maxlen: 24
103.96.11.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4108 (0x100c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4087DAB67172836B082075CE18BE5E5FA45D5E95
Validity
Not Before: May 19 05:53:11 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=2901E426AA63C9FA169B56E669318B13BCDF181A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:1d:0e:00:f7:0c:d1:fc:18:b2:22:f7:b8:b1:
1e:64:8d:47:75:e0:ba:f3:83:99:61:c7:a7:49:eb:
ab:0a:6f:9a:66:7e:4a:2f:d7:e0:02:7c:47:83:b6:
4b:7a:9d:11:8e:1d:a0:be:fa:88:60:48:af:c6:99:
aa:7d:cd:2f:c7:fa:a6:9f:b2:46:6b:c1:d4:3b:76:
43:08:04:ef:3b:c5:7c:1f:12:aa:6f:80:65:47:e2:
68:ed:9c:53:ef:8a:8c:32:85:7d:a8:b3:ca:f7:3e:
fe:5e:e2:d1:75:f1:de:f1:5a:50:b7:92:46:51:8b:
dc:cc:9e:83:d8:98:ca:c8:9e:c2:80:df:2b:43:ad:
61:64:fc:c1:e0:a9:f7:53:f9:25:74:c0:d1:ee:a3:
bb:5b:09:10:36:37:86:56:30:62:2e:76:b4:73:77:
f5:41:33:f0:8d:c7:f9:6f:30:09:7e:21:d8:47:d1:
d4:78:f3:ba:c6:4d:f4:07:ee:57:0c:19:93:ad:5c:
35:f2:02:db:e7:79:74:d8:51:b2:b3:23:60:28:53:
a1:92:88:1f:e7:ee:71:bc:5a:28:e6:62:91:4f:2e:
4f:7e:97:e6:7e:90:f9:8d:4e:b1:93:8d:ab:a5:46:
16:c2:54:56:af:ec:65:2f:64:2e:cc:cc:cc:98:47:
f5:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:01:E4:26:AA:63:C9:FA:16:9B:56:E6:69:31:8B:13:BC:DF:18:1A
X509v3 Authority Key Identifier:
keyid:40:87:DA:B6:71:72:83:6B:08:20:75:CE:18:BE:5E:5F:A4:5D:5E:95
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/QIfatnFyg2sIIHXOGL5eX6RdXpU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/QIfatnFyg2sIIHXOGL5eX6RdXpU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/KQHkJqpjyfoWm1bmaTGLE7zfGBo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.96.8.0/22
Signature Algorithm: sha256WithRSAEncryption
48:c7:aa:7e:1d:6f:11:a2:bc:79:c4:3f:7d:70:a3:63:64:29:
ba:a3:d0:66:06:33:87:bd:7e:8e:1d:ec:73:79:18:21:10:60:
52:7a:77:27:54:74:e7:23:4c:7b:74:32:91:c2:7c:7f:27:fb:
2f:29:a6:d8:3d:25:3e:e0:27:10:8c:bf:ac:26:24:77:c9:9a:
28:97:25:08:41:e9:91:ef:90:85:ec:62:2c:bd:9f:ab:10:ed:
4f:e9:dd:06:56:c1:97:bd:aa:0a:4e:1b:82:8e:0c:c3:32:9c:
c0:67:65:8e:28:f2:68:0f:e3:f1:33:c1:c8:84:03:79:39:fd:
93:3e:c9:9b:07:37:84:55:74:c7:56:3d:61:fc:22:84:28:e5:
10:83:29:ed:a3:15:32:a2:ab:8f:14:78:8c:3f:c1:09:bb:60:
4f:4a:06:41:88:2b:a8:20:e8:51:4f:70:06:09:2c:b9:49:4d:
fd:69:f8:bd:ee:33:e0:fd:97:aa:0b:c0:29:1e:c1:9a:ee:77:
b2:4d:0c:11:a8:37:43:36:30:fd:f9:1c:b9:08:6f:df:f2:da:
c4:5b:e9:1e:2f:b4:a3:1b:24:a4:b4:82:52:49:20:b2:f8:52:
b6:a9:ff:11:1f:ac:a6:f6:0f:d1:0e:f9:67:bf:79:39:6d:4f:
9c:f2:1f:c8
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICEAwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDA4
N0RBQjY3MTcyODM2QjA4MjA3NUNFMThCRTVFNUZBNDVENUU5NTAeFw0yMzA1MTkw
NTUzMTFaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDI5MDFFNDI2QUE2M0M5
RkExNjlCNTZFNjY5MzE4QjEzQkNERjE4MUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDvHQ4A9wzR/BiyIve4sR5kjUd14Lrzg5lhx6dJ66sKb5pmfkov
1+ACfEeDtkt6nRGOHaC++ohgSK/Gmap9zS/H+qafskZrwdQ7dkMIBO87xXwfEqpv
gGVH4mjtnFPviowyhX2os8r3Pv5e4tF18d7xWlC3kkZRi9zMnoPYmMrInsKA3ytD
rWFk/MHgqfdT+SV0wNHuo7tbCRA2N4ZWMGIudrRzd/VBM/CNx/lvMAl+IdhH0dR4
87rGTfQH7lcMGZOtXDXyAtvneXTYUbKzI2AoU6GSiB/n7nG8WijmYpFPLk9+l+Z+
kPmNTrGTjaulRhbCVFav7GUvZC7MzMyYR/W/AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUKQHkJqpjyfoWm1bmaTGLE7zfGBowHwYDVR0jBBgwFoAUQIfatnFyg2sIIHXO
GL5eX6RdXpUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjUy
Mi9RSWZhdG5GeWcyc0lJSFhPR0w1ZVg2UmRYcFUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1FJZmF0bkZ5ZzJzSUlIWE9HTDVlWDZSZFhwVS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1MjIvS1FIa0pxcGp5Zm9X
bTFibWFUR0xFN3pmR0JvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmdgCDANBgkqhkiG9w0BAQsFAAOCAQEASMeqfh1vEaK8ecQ/fXCjY2QpuqPQ
ZgYzh71+jh3sc3kYIRBgUnp3J1R05yNMe3QykcJ8fyf7Lymm2D0lPuAnEIy/rCYk
d8maKJclCEHpke+QhexiLL2fqxDtT+ndBlbBl72qCk4bgo4MwzKcwGdljijyaA/j
8TPByIQDeTn9kz7Jmwc3hFV0x1Y9YfwihCjlEIMp7aMVMqKrjxR4jD/BCbtgT0oG
QYgrqCDoUU9wBgksuUlN/Wn4ve4z4P2XqgvAKR7Bmu53sk0MEag3QzYw/fkcuQhv
3/LaxFvpHi+0oxskpLSCUkkgsvhStqn/ER+spvYP0Q75Z795OW1PnPIfyA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:25 2024 by rpki-client on console-ams.rpki-client.org