Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2620/YNsiHCDWHW7nfF5u-0fKMk0VIMo.roa
File: YNsiHCDWHW7nfF5u-0fKMk0VIMo.roa (raw, json)
Hash identifier: ypA3GEI67RcP9LufQ/wlkCNir8y6DmZx4sB04sOeHwU=
Subject key identifier: 60:DB:22:1C:20:D6:1D:6E:E7:7C:5E:6E:FB:47:CA:32:4D:15:20:CA
Certificate issuer: /CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF
Certificate serial: 0DDA
Authority key identifier: 21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/YNsiHCDWHW7nfF5u-0fKMk0VIMo.roa
Signing time: Mon 13 May 2024 03:19:02 +0000
ROA not before: Mon 13 May 2024 03:19:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 58593
IP address blocks: 40.162.0.0/17 maxlen: 17
40.162.128.0/17 maxlen: 17
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3546 (0xdda)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF
Validity
Not Before: May 13 03:19:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=60DB221C20D61D6EE77C5E6EFB47CA324D1520CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:d0:d7:e9:42:db:79:dc:01:a4:1d:ea:5b:e9:
98:62:fa:15:f1:ac:6f:b2:62:b8:c7:65:19:e3:4f:
ee:29:63:4f:35:ec:5d:08:c9:64:67:4f:0a:09:b6:
c2:b9:ca:d2:a6:f2:e6:84:83:63:65:be:9f:e5:6c:
01:f9:1c:a0:34:24:fe:1a:ea:4d:c7:59:fd:88:79:
51:ea:0f:90:6f:4c:96:be:19:13:e5:f6:fe:11:2f:
83:a4:d0:8c:0e:53:6d:4b:0a:90:e4:46:a0:87:3c:
fc:a4:67:b1:2f:8c:bb:f6:ac:88:06:77:49:c7:f0:
83:4f:89:bf:c1:f9:6d:88:fb:1a:44:dd:e9:96:b2:
79:76:e8:c4:17:80:4e:8f:bd:f6:24:95:53:99:cc:
2b:4c:84:b8:62:d0:cd:98:8e:1d:6e:07:02:0e:6d:
b4:a3:4f:39:e8:84:ba:85:06:00:69:b2:4b:bb:71:
bd:bf:85:df:9b:d7:6c:27:b2:c6:0a:db:f8:9c:46:
b0:9a:34:34:25:ab:87:dd:66:8f:91:1a:df:89:9b:
ba:fb:13:59:d7:c4:ef:b7:95:71:be:d8:0d:68:bd:
18:93:c4:06:14:4c:67:2f:61:10:bf:5a:81:7f:7b:
ed:ca:17:74:a8:06:65:93:43:b9:5a:6e:64:77:e2:
01:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:DB:22:1C:20:D6:1D:6E:E7:7C:5E:6E:FB:47:CA:32:4D:15:20:CA
X509v3 Authority Key Identifier:
keyid:21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/YNsiHCDWHW7nfF5u-0fKMk0VIMo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
40.162.0.0/16
Signature Algorithm: sha256WithRSAEncryption
02:d9:f1:1f:80:2a:e2:c1:da:2e:8d:48:eb:83:bf:56:cd:83:
5e:dc:bf:7f:ed:82:b8:22:e8:aa:c4:dc:2c:01:85:73:63:14:
74:dc:2e:4d:e8:5a:7c:18:64:ce:e2:ed:23:24:bb:97:78:a3:
dd:b6:7c:4b:83:c6:48:a6:2e:47:41:46:7f:3b:1c:d8:18:d4:
b4:fa:68:68:5e:85:04:34:01:86:4f:15:af:08:72:3d:84:fe:
f0:c5:4d:f0:0f:0b:42:94:0f:2f:82:0f:21:da:92:b9:be:97:
86:08:73:b3:83:0b:ba:f1:93:68:72:d0:44:ff:35:5d:f5:8c:
dc:6a:76:b3:05:90:3b:71:de:dd:85:f5:b0:98:19:83:19:9c:
19:eb:95:ab:62:ba:06:f1:7e:9a:5f:68:c9:f1:44:b8:4c:69:
ac:a0:4f:29:a6:11:ef:a8:b4:24:47:51:23:bf:5f:08:d2:48:
e8:b8:29:0b:be:11:71:2e:7b:cf:a4:17:ca:2e:9f:1d:5a:c1:
51:8f:89:84:dc:ec:d0:e3:12:76:0b:f9:10:58:47:49:bf:a6:
c9:00:57:6f:77:df:6e:08:e7:39:73:0c:f6:84:09:b7:1a:ae:
bc:ef:5c:ba:ad:d7:1a:a4:af:31:88:70:39:9e:6b:c1:83:b2:
23:3e:bb:4d
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICDdowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjFE
Qzg3NTk2NUMyQkE2MUQxREFDQkI0OERFRTE0MDU1NEFBNUFFRjAeFw0yNDA1MTMw
MzE5MDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYwREIyMjFDMjBENjFE
NkVFNzdDNUU2RUZCNDdDQTMyNEQxNTIwQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDk0NfpQtt53AGkHepb6Zhi+hXxrG+yYrjHZRnjT+4pY0817F0I
yWRnTwoJtsK5ytKm8uaEg2Nlvp/lbAH5HKA0JP4a6k3HWf2IeVHqD5BvTJa+GRPl
9v4RL4Ok0IwOU21LCpDkRqCHPPykZ7EvjLv2rIgGd0nH8INPib/B+W2I+xpE3emW
snl26MQXgE6PvfYklVOZzCtMhLhi0M2Yjh1uBwIObbSjTznohLqFBgBpsku7cb2/
hd+b12wnssYK2/icRrCaNDQlq4fdZo+RGt+Jm7r7E1nXxO+3lXG+2A1ovRiTxAYU
TGcvYRC/WoF/e+3KF3SoBmWTQ7labmR34gHVAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUYNsiHCDWHW7nfF5u+0fKMk0VIMowHwYDVR0jBBgwFoAUIdyHWWXCumHR2su0
je4UBVSqWu8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYy
MC9JZHlIV1dYQ3VtSFIyc3UwamU0VUJWU3FXdTguY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0lkeUhXV1hDdW1IUjJzdTBqZTRVQlZTcVd1OC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MjAvWU5zaUhDRFdIVzdu
ZkY1dS0wZktNazBWSU1vLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEw
BQMDACiiMA0GCSqGSIb3DQEBCwUAA4IBAQAC2fEfgCriwdoujUjrg79WzYNe3L9/
7YK4IuiqxNwsAYVzYxR03C5N6Fp8GGTO4u0jJLuXeKPdtnxLg8ZIpi5HQUZ/OxzY
GNS0+mhoXoUENAGGTxWvCHI9hP7wxU3wDwtClA8vgg8h2pK5vpeGCHOzgwu68ZNo
ctBE/zVd9YzcanazBZA7cd7dhfWwmBmDGZwZ65WrYroG8X6aX2jJ8US4TGmsoE8p
phHvqLQkR1Ejv18I0kjouCkLvhFxLnvPpBfKLp8dWsFRj4mE3OzQ4xJ2C/kQWEdJ
v6bJAFdvd99uCOc5cwz2hAm3Gq6871y6rdcapK8xiHA5nmvBg7IjPrtN
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:25 2024 by rpki-client on console-ams.rpki-client.org