Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/RnDt8hA2LZHVtnkxhVupLZR3Ub0.roa
File: RnDt8hA2LZHVtnkxhVupLZR3Ub0.roa (raw, json)
Hash identifier: rtm2p58sYy91+U+aBYZz3oHtJKd8k2iKF50VCDNOaX4=
Subject key identifier: 46:70:ED:F2:10:36:2D:91:D5:B6:79:31:85:5B:A9:2D:94:77:51:BD
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 04
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/RnDt8hA2LZHVtnkxhVupLZR3Ub0.roa
Signing time: Wed 01 Jun 2022 07:07:33 +0000
ROA not before: Wed 01 Jun 2022 07:07:33 +0000
ROA not after: Thu 01 Jun 2023 06:58:54 +0000
asID: 17621
IP address blocks: 43.254.152.0/24 maxlen: 24
103.5.192.0/22 maxlen: 24
103.24.116.0/24 maxlen: 24
103.24.118.0/23 maxlen: 24
150.242.238.0/23 maxlen: 24
202.89.96.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jun 1 07:07:33 2022 GMT
Not After : Jun 1 06:58:54 2023 GMT
Subject: CN=4670EDF210362D91D5B67931855BA92D947751BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:bd:6f:fc:b9:f7:30:d9:a3:d6:dd:bf:a8:1b:
52:84:a9:df:04:c2:49:87:44:41:e7:a5:94:24:ac:
2e:c5:36:7e:d3:78:79:ef:2c:5a:1c:f3:29:72:a1:
12:ad:db:27:52:e6:8c:f6:b2:f9:66:2e:3b:c7:2f:
be:b1:bd:db:86:c9:21:1d:11:47:05:0f:a4:31:e5:
0f:79:ad:e2:6f:dc:ca:b9:4a:22:f0:47:8f:3b:d1:
48:31:88:e2:07:5d:90:c9:73:ad:90:a0:0e:00:e0:
1b:24:d9:65:1a:66:d2:f4:32:09:ba:07:51:1c:8a:
b5:c8:6c:2f:ff:4a:22:77:0a:20:50:68:b5:09:f7:
7c:8b:c0:ff:de:b5:62:94:7d:95:b9:9a:3b:38:de:
83:ca:75:1d:09:59:db:3f:8b:a8:5a:42:03:66:a8:
ac:ac:18:18:1f:37:0e:6d:8d:ef:a8:1d:f9:18:41:
53:6f:f3:0a:3e:a4:22:2f:48:04:e2:5d:b6:3d:e8:
30:cb:99:2f:09:fd:b5:e8:51:ac:17:28:16:bf:ad:
1c:a5:67:2d:a7:61:7b:99:63:88:19:fd:19:33:81:
ba:88:f0:87:fe:83:a8:8a:5c:9d:f1:9a:79:d9:ac:
55:54:66:84:9c:ec:f2:c2:dc:de:a0:30:32:6b:36:
c3:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:70:ED:F2:10:36:2D:91:D5:B6:79:31:85:5B:A9:2D:94:77:51:BD
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/RnDt8hA2LZHVtnkxhVupLZR3Ub0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.152.0/24
103.5.192.0/22
103.24.116.0/24
103.24.118.0/23
150.242.238.0/23
202.89.96.0/24
Signature Algorithm: sha256WithRSAEncryption
92:d1:1a:08:be:cb:71:4e:8f:d5:d1:fc:de:2d:c3:84:71:2b:
a2:ae:8d:64:37:2c:ff:34:43:7d:10:4b:bb:ec:8e:7a:68:f0:
85:dc:da:91:4f:3b:4b:3b:9e:72:1c:b0:6c:d9:b9:27:96:80:
d5:c4:89:c3:00:10:dd:4f:97:81:22:c4:01:ca:a5:f5:4c:ec:
2f:82:3b:fb:a3:09:70:36:64:3f:f5:cb:02:f5:ad:23:9f:59:
ed:c8:88:40:3f:0e:55:fe:b6:65:1e:18:3a:f3:7d:e6:7f:17:
d5:fe:75:fd:0d:df:24:fa:23:a0:a7:d7:c5:02:e8:0a:a9:74:
e4:3a:eb:0e:4a:20:2b:b9:fa:66:84:2c:3e:72:25:f2:f7:6f:
2a:07:ee:b9:0f:16:89:3b:dd:61:f9:72:3a:f2:bf:17:c8:06:
f1:41:b9:b8:e9:f9:1f:d6:72:fd:a3:b1:8c:86:42:d5:1c:55:
f7:ee:84:c8:e8:32:4b:ea:15:91:c5:65:74:7c:33:de:88:eb:
de:73:e8:b3:50:50:f6:b5:a7:82:ee:23:84:27:f1:0a:ae:06:
f6:94:30:f3:d7:f3:6e:81:9a:cb:ce:ab:55:2e:93:c3:6f:a4:
3a:6a:1e:c1:b6:a4:ca:5e:dc:22:e8:34:4c:08:2f:a7:e1:50:
22:18:da:16
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIBBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3NUI0
NzE0QzRGNjFCRUEwNEEwMkNGOUNGNTYzQUUxMzRGNDc5Qzg1MB4XDTIyMDYwMTA3
MDczM1oXDTIzMDYwMTA2NTg1NFowMzExMC8GA1UEAxMoNDY3MEVERjIxMDM2MkQ5
MUQ1QjY3OTMxODU1QkE5MkQ5NDc3NTFCRDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALm9b/y59zDZo9bdv6gbUoSp3wTCSYdEQeellCSsLsU2ftN4ee8s
WhzzKXKhEq3bJ1LmjPay+WYuO8cvvrG924bJIR0RRwUPpDHlD3mt4m/cyrlKIvBH
jzvRSDGI4gddkMlzrZCgDgDgGyTZZRpm0vQyCboHURyKtchsL/9KIncKIFBotQn3
fIvA/961YpR9lbmaOzjeg8p1HQlZ2z+LqFpCA2aorKwYGB83Dm2N76gd+RhBU2/z
Cj6kIi9IBOJdtj3oMMuZLwn9tehRrBcoFr+tHKVnLadhe5ljiBn9GTOBuojwh/6D
qIpcnfGaedmsVVRmhJzs8sLc3qAwMms2w1kCAwEAAaOCAg8wggILMB0GA1UdDgQW
BBRGcO3yEDYtkdW2eTGFW6ktlHdRvTAfBgNVHSMEGDAWgBR1tHFMT2G+oEoCz5z1
Y64TT0echTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFwGA1UdHwRVMFMwUaBP
oE2GS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC81Nzcv
ZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9kYlJ4VEU5aHZxQktBcy1jOVdPdUUwOUhuSVUuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBnAYIKwYBBQUHAQsEgY8wgYwwVwYIKwYBBQUHMAuGS3JzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC81NzcvUm5EdDhoQTJMWkhWdG5r
eGhWdXBMWlIzVWIwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmlj
LmNuL3JyZHAvbm90aWZ5LnhtbDA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAME
ACv+mAMEAmcFwAMEAGcYdAMEAWcYdgMEAZby7gMEAMpZYDANBgkqhkiG9w0BAQsF
AAOCAQEAktEaCL7LcU6P1dH83i3DhHEroq6NZDcs/zRDfRBLu+yOemjwhdzakU87
SzuechywbNm5J5aA1cSJwwAQ3U+XgSLEAcql9UzsL4I7+6MJcDZkP/XLAvWtI59Z
7ciIQD8OVf62ZR4YOvN95n8X1f51/Q3fJPojoKfXxQLoCql05DrrDkogK7n6ZoQs
PnIl8vdvKgfuuQ8WiTvdYflyOvK/F8gG8UG5uOn5H9Zy/aOxjIZC1RxV9+6EyOgy
S+oVkcVldHwz3ojr3nPos1BQ9rWngu4jhCfxCq4G9pQw89fzboGay86rVS6Tw2+k
Omoewbakyl7cIug0TAgvp+FQIhjaFg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:18 2023 by rpki-client on console-ams.rpki-client.org