Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/50waoC77Qk0oeuZJSYsToaupT3k.roa
File: 50waoC77Qk0oeuZJSYsToaupT3k.roa (raw, json)
Hash identifier: GHksu7n7Ub9APxgv5XbQLGSq2nRjo5hclySUzubVpYg=
Subject key identifier: E7:4C:1A:A0:2E:FB:42:4D:28:7A:E6:49:49:8B:13:A1:AB:A9:4F:79
Certificate issuer: /CN=194ACC313935AF5433C2B9456D742682F961EABB
Certificate serial: 0351
Authority key identifier: 19:4A:CC:31:39:35:AF:54:33:C2:B9:45:6D:74:26:82:F9:61:EA:BB
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GUrMMTk1r1QzwrlFbXQmgvlh6rs.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/50waoC77Qk0oeuZJSYsToaupT3k.roa
Signing time: Mon 01 Nov 2021 01:21:40 +0000
ROA not before: Mon 01 Nov 2021 01:21:40 +0000
ROA not after: Fri 27 May 2022 04:59:52 +0000
asID: 24373
IP address blocks: 45.252.100.0/22 maxlen: 24
103.220.248.0/22 maxlen: 24
103.220.252.0/22 maxlen: 24
103.221.0.0/22 maxlen: 24
103.221.4.0/22 maxlen: 24
103.221.8.0/22 maxlen: 24
103.221.12.0/22 maxlen: 24
103.221.16.0/22 maxlen: 24
103.221.20.0/22 maxlen: 24
103.221.24.0/22 maxlen: 24
103.221.28.0/22 maxlen: 24
103.221.32.0/22 maxlen: 24
103.221.36.0/22 maxlen: 24
103.221.40.0/22 maxlen: 24
103.221.44.0/22 maxlen: 24
103.221.48.0/22 maxlen: 24
103.221.48.0/24 maxlen: 24
103.221.49.0/24 maxlen: 24
103.221.50.0/24 maxlen: 24
103.221.51.0/24 maxlen: 24
103.221.92.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 849 (0x351)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=194ACC313935AF5433C2B9456D742682F961EABB
Validity
Not Before: Nov 1 01:21:40 2021 GMT
Not After : May 27 04:59:52 2022 GMT
Subject: CN=E74C1AA02EFB424D287AE649498B13A1ABA94F79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:3e:b7:11:b2:af:4c:e3:0a:8d:00:4f:9c:fb:
56:d5:bc:82:3a:87:c6:e9:69:ea:a9:86:3c:7c:85:
5a:84:93:2e:25:71:72:d6:71:97:7e:04:5c:31:05:
ae:23:28:c6:10:ee:8c:09:41:c4:f2:89:78:22:9b:
ee:9b:08:9f:3e:bb:b1:8e:9f:21:26:10:8c:78:15:
f2:f7:c9:26:51:17:64:b4:f9:e2:8c:5f:d6:4e:54:
c2:24:91:d1:9e:2d:07:66:f4:53:a2:09:cf:b2:8f:
ff:77:7f:64:51:a5:2a:de:20:ba:1a:da:cd:35:00:
2c:91:89:9d:fc:d0:15:e2:f2:9f:a3:86:ac:1a:48:
1d:a5:f0:8e:61:11:1a:6f:0f:80:92:ac:ed:26:c5:
35:61:6b:8a:df:74:b9:bc:45:ed:27:ec:8d:63:c8:
09:a8:fa:89:9f:38:64:e1:f6:9e:27:65:da:81:33:
9e:b7:2d:5d:30:2c:dc:f3:97:74:34:0e:bb:a4:13:
0b:cf:f6:e9:39:a8:ad:58:ad:5d:7b:17:8c:f6:35:
b6:a4:61:67:47:3a:5b:c2:4f:7a:b3:e9:1e:45:5c:
0d:b3:ff:e1:d8:01:11:f8:24:22:55:8b:30:8d:95:
71:cd:7d:c2:d8:a3:db:d9:1b:bc:0c:25:a9:c2:d5:
ea:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:4C:1A:A0:2E:FB:42:4D:28:7A:E6:49:49:8B:13:A1:AB:A9:4F:79
X509v3 Authority Key Identifier:
keyid:19:4A:CC:31:39:35:AF:54:33:C2:B9:45:6D:74:26:82:F9:61:EA:BB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/GUrMMTk1r1QzwrlFbXQmgvlh6rs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GUrMMTk1r1QzwrlFbXQmgvlh6rs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/50waoC77Qk0oeuZJSYsToaupT3k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.100.0/22
103.220.248.0-103.221.51.255
103.221.92.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:48:57:9a:3e:a0:37:69:98:e2:98:16:7d:42:1b:de:93:51:
9e:b7:d9:68:24:5b:6e:88:76:1f:ee:2b:a1:5e:19:2a:e8:45:
53:30:68:ab:2b:08:96:a3:af:c4:0e:0f:62:fb:7b:a0:fd:26:
14:fb:b2:3b:37:51:96:1a:ed:75:85:24:19:23:42:b4:82:49:
a3:63:e3:de:44:00:dd:99:81:e5:3c:de:1b:39:00:bb:a2:9e:
2b:87:44:dd:f2:8b:a6:66:dc:83:74:76:30:01:7c:3a:24:4b:
11:49:5b:13:62:d3:a2:22:64:e2:c9:39:9b:00:b8:ac:0b:9f:
8e:ad:c2:6d:0a:91:dc:b0:b0:55:ce:88:28:22:02:7b:a3:1e:
cb:4b:ea:77:e9:10:86:c0:69:5c:29:1b:c7:09:f5:4d:76:86:
e9:2c:07:c5:1a:4f:f2:92:85:61:34:87:ca:dc:7e:78:47:64:
a6:2c:b4:ff:bd:22:e7:63:7b:3c:1b:14:0a:3f:c8:05:1e:55:
b4:e4:23:a9:b2:f5:a8:27:69:63:5d:63:95:26:1b:87:9b:a9:
51:4b:bd:a4:2c:b0:62:f1:f6:93:62:ad:72:b4:97:9f:69:c2:
57:34:fe:1e:f9:21:22:3e:9e:4f:c0:c8:38:ce:6f:9b:ad:68:
2a:74:87:4c
-----BEGIN CERTIFICATE-----
MIIE6TCCA9GgAwIBAgICA1EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTk0
QUNDMzEzOTM1QUY1NDMzQzJCOTQ1NkQ3NDI2ODJGOTYxRUFCQjAeFw0yMTExMDEw
MTIxNDBaFw0yMjA1MjcwNDU5NTJaMDMxMTAvBgNVBAMTKEU3NEMxQUEwMkVGQjQy
NEQyODdBRTY0OTQ5OEIxM0ExQUJBOTRGNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqPrcRsq9M4wqNAE+c+1bVvII6h8bpaeqphjx8hVqEky4lcXLW
cZd+BFwxBa4jKMYQ7owJQcTyiXgim+6bCJ8+u7GOnyEmEIx4FfL3ySZRF2S0+eKM
X9ZOVMIkkdGeLQdm9FOiCc+yj/93f2RRpSreILoa2s01ACyRiZ380BXi8p+jhqwa
SB2l8I5hERpvD4CSrO0mxTVha4rfdLm8Re0n7I1jyAmo+omfOGTh9p4nZdqBM563
LV0wLNzzl3Q0DrukEwvP9uk5qK1YrV17F4z2NbakYWdHOlvCT3qz6R5FXA2z/+HY
ARH4JCJVizCNlXHNfcLYo9vZG7wMJanC1eo7AgMBAAGjggIFMIICATAdBgNVHQ4E
FgQU50waoC77Qk0oeuZJSYsToaupT3kwHwYDVR0jBBgwFoAUGUrMMTk1r1QzwrlF
bXQmgvlh6rswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L0dVck1NVGsxcjFRendybEZiWFFtZ3ZsaDZycy5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvR1VyTU1UazFyMVF6d3JsRmJYUW1ndmxoNnJzLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzUwd2FvQzc3UWswb2V1
WkpTWXNUb2F1cFQzay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwMwYIKwYBBQUHAQcBAf8EJDAiMCAEAgABMBoD
BAIt/GQwDAMEA2fc+AMEAmfdMAMEAmfdXDANBgkqhkiG9w0BAQsFAAOCAQEAL0hX
mj6gN2mY4pgWfUIb3pNRnrfZaCRbboh2H+4roV4ZKuhFUzBoqysIlqOvxA4PYvt7
oP0mFPuyOzdRlhrtdYUkGSNCtIJJo2Pj3kQA3ZmB5TzeGzkAu6KeK4dE3fKLpmbc
g3R2MAF8OiRLEUlbE2LToiJk4sk5mwC4rAufjq3CbQqR3LCwVc6IKCICe6Mey0vq
d+kQhsBpXCkbxwn1TXaG6SwHxRpP8pKFYTSHytx+eEdkpiy0/70i52N7PBsUCj/I
BR5VtOQjqbL1qCdpY11jlSYbh5upUUu9pCywYvH2k2KtcrSXn2nCVzT+HvkhIj6e
T8DIOM5vm61oKnSHTA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:22 2023 by rpki-client on console-fra.rpki-client.org