Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2578/RrZl-Ekq5_VRDqbvPrDhF9WeR3U.roa
File: RrZl-Ekq5_VRDqbvPrDhF9WeR3U.roa (raw, json)
Hash identifier: Db0ZAfWKqyEDY8qBNsOq6Ycv3gH0el0HNyxI/JTd6Sc=
Subject key identifier: 46:B6:65:F8:49:2A:E7:F5:51:0E:A6:EF:3E:B0:E1:17:D5:9E:47:75
Certificate issuer: /CN=1817D1D97E8A11B6D73F1C165EEAAE97483DFDE9
Certificate serial: 03
Authority key identifier: 18:17:D1:D9:7E:8A:11:B6:D7:3F:1C:16:5E:EA:AE:97:48:3D:FD:E9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GBfR2X6KEbbXPxwWXuqul0g9_ek.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/RrZl-Ekq5_VRDqbvPrDhF9WeR3U.roa
Signing time: Wed 30 Mar 2022 05:31:56 +0000
ROA not before: Wed 30 Mar 2022 05:31:56 +0000
ROA not after: Thu 30 Mar 2023 05:28:49 +0000
asID: 41717
IP address blocks: 103.99.76.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1817D1D97E8A11B6D73F1C165EEAAE97483DFDE9
Validity
Not Before: Mar 30 05:31:56 2022 GMT
Not After : Mar 30 05:28:49 2023 GMT
Subject: CN=46B665F8492AE7F5510EA6EF3EB0E117D59E4775
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:97:da:b1:61:44:3c:ab:43:2d:70:b1:0d:38:
57:a3:af:e0:89:6b:65:31:cc:67:2b:e5:f3:8e:aa:
c9:00:98:79:46:ff:c4:71:43:08:33:fd:36:7a:48:
06:a8:aa:1c:48:58:2f:42:75:6f:fb:03:46:f4:5f:
3b:66:4e:d5:db:32:88:91:1f:12:23:40:84:95:e2:
32:7f:cc:b3:2e:0b:fa:66:85:f7:f5:24:4f:45:7c:
da:93:e6:9a:76:4b:7c:57:e7:ad:53:98:6e:f1:e0:
36:1e:e6:83:60:98:56:83:0c:8f:c0:be:da:a2:7c:
21:3e:a1:76:61:5f:59:e7:9f:bf:d9:58:53:97:a0:
69:5f:99:4a:a3:5b:7e:55:2b:40:fb:a0:98:8b:54:
fb:3a:24:42:51:67:f9:a5:a9:51:ee:51:b4:2d:c4:
bc:ea:ab:15:79:f9:67:50:86:9c:f6:22:76:69:4b:
98:6e:8e:93:67:e9:12:50:34:7b:10:92:e7:a8:20:
b7:21:5a:0c:51:ff:1f:e8:2f:0c:e6:8b:a8:45:71:
74:ce:b6:aa:91:6f:66:f4:c9:81:74:e1:b8:14:15:
c0:f1:d0:d0:68:f9:ea:b8:ed:89:15:1d:23:42:0b:
a6:a3:46:28:3f:59:4c:be:ff:a6:55:63:76:20:0f:
fe:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:B6:65:F8:49:2A:E7:F5:51:0E:A6:EF:3E:B0:E1:17:D5:9E:47:75
X509v3 Authority Key Identifier:
keyid:18:17:D1:D9:7E:8A:11:B6:D7:3F:1C:16:5E:EA:AE:97:48:3D:FD:E9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/GBfR2X6KEbbXPxwWXuqul0g9_ek.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GBfR2X6KEbbXPxwWXuqul0g9_ek.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/RrZl-Ekq5_VRDqbvPrDhF9WeR3U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.99.76.0/22
Signature Algorithm: sha256WithRSAEncryption
b9:ba:34:b7:3f:44:d7:4f:7f:bd:d6:80:c0:21:73:38:fb:39:
65:33:76:98:b3:81:66:f0:b0:84:67:de:bf:9e:69:ec:08:75:
e4:05:88:a1:e9:95:71:b5:d6:7e:90:7b:c2:3a:8a:37:af:24:
aa:c3:6c:28:b9:b9:14:2e:93:99:86:cf:ff:0a:c4:ae:a5:67:
a8:d8:0e:39:05:8f:a6:e0:7c:a8:a0:e5:1c:9c:40:4b:8b:87:
25:9d:4a:14:df:ac:a1:1e:da:6e:4b:44:4b:b1:68:ef:23:e5:
32:4c:e9:0b:f8:37:01:33:80:c7:45:35:8a:f5:94:b5:e0:44:
71:9a:97:10:7b:f5:f4:fd:78:c2:33:4e:6a:ab:0b:bd:00:b6:
d0:a5:a1:0a:90:e9:a3:34:2c:61:06:be:ad:a8:fc:73:2a:92:
53:85:72:5c:cb:1e:ab:3d:2b:53:0e:7e:a8:72:24:bb:a4:6e:
58:ed:be:7e:d9:3b:bb:f9:d1:59:ce:ea:77:da:02:a4:c9:0d:
54:bb:cb:12:ab:8a:8f:3f:24:51:8b:f1:1d:fc:0e:4d:a1:e5:
b9:b2:c4:b2:f1:6f:f3:eb:d4:fc:86:1e:16:33:51:62:5b:1c:
5e:a9:6c:9f:cd:18:60:1a:c9:05:60:ec:59:bb:72:4a:d6:9d:
f7:ad:c1:70
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgIBAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygxODE3
RDFEOTdFOEExMUI2RDczRjFDMTY1RUVBQUU5NzQ4M0RGREU5MB4XDTIyMDMzMDA1
MzE1NloXDTIzMDMzMDA1Mjg0OVowMzExMC8GA1UEAxMoNDZCNjY1Rjg0OTJBRTdG
NTUxMEVBNkVGM0VCMEUxMTdENTlFNDc3NTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMiX2rFhRDyrQy1wsQ04V6Ov4IlrZTHMZyvl846qyQCYeUb/xHFD
CDP9NnpIBqiqHEhYL0J1b/sDRvRfO2ZO1dsyiJEfEiNAhJXiMn/Msy4L+maF9/Uk
T0V82pPmmnZLfFfnrVOYbvHgNh7mg2CYVoMMj8C+2qJ8IT6hdmFfWeefv9lYU5eg
aV+ZSqNbflUrQPugmItU+zokQlFn+aWpUe5RtC3EvOqrFXn5Z1CGnPYidmlLmG6O
k2fpElA0exCS56ggtyFaDFH/H+gvDOaLqEVxdM62qpFvZvTJgXThuBQVwPHQ0Gj5
6rjtiRUdI0ILpqNGKD9ZTL7/plVjdiAP/qECAwEAAaOCAfMwggHvMB0GA1UdDgQW
BBRGtmX4SSrn9VEOpu8+sOEX1Z5HdTAfBgNVHSMEGDAWgBQYF9HZfooRttc/HBZe
6q6XSD396TAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNTc4
L0dCZlIyWDZLRWJiWFB4d1dYdXF1bDBnOV9lay5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvR0JmUjJYNktFYmJYUHh3V1h1cXVsMGc5X2VrLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjU3OC9SclpsLUVrcTVfVlJE
cWJ2UHJEaEY5V2VSM1Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQCZ2NMMA0GCSqGSIb3DQEBCwUAA4IBAQC5ujS3P0TXT3+91oDAIXM4+zllM3aY
s4Fm8LCEZ96/nmnsCHXkBYih6ZVxtdZ+kHvCOoo3rySqw2woubkULpOZhs//CsSu
pWeo2A45BY+m4HyooOUcnEBLi4clnUoU36yhHtpuS0RLsWjvI+UyTOkL+DcBM4DH
RTWK9ZS14ERxmpcQe/X0/XjCM05qqwu9ALbQpaEKkOmjNCxhBr6tqPxzKpJThXJc
yx6rPStTDn6ociS7pG5Y7b5+2Tu7+dFZzup32gKkyQ1Uu8sSq4qPPyRRi/Ed/A5N
oeW5ssSy8W/z69T8hh4WM1FiWxxeqWyfzRhgGskFYOxZu3JK1p33rcFw
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:19 2023 by rpki-client on console-fra.rpki-client.org