Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/sDRsUe8TRxMuktOBoaq-sXPMDuI.roa
File: sDRsUe8TRxMuktOBoaq-sXPMDuI.roa (raw, json)
Hash identifier: /Fk4H6EQimgDd+FcgBr0y7CPrvAbCrjtaTrHYtUEbjY=
Subject key identifier: B0:34:6C:51:EF:13:47:13:2E:92:D3:81:A1:AA:BE:B1:73:CC:0E:E2
Certificate issuer: /CN=194ACC313935AF5433C2B9456D742682F961EABB
Certificate serial: 0798
Authority key identifier: 19:4A:CC:31:39:35:AF:54:33:C2:B9:45:6D:74:26:82:F9:61:EA:BB
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GUrMMTk1r1QzwrlFbXQmgvlh6rs.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/sDRsUe8TRxMuktOBoaq-sXPMDuI.roa
Signing time: Sat 14 May 2022 15:10:04 +0000
ROA not before: Sat 14 May 2022 15:10:04 +0000
ROA not after: Fri 27 May 2022 04:59:52 +0000
asID: 24373
IP address blocks: 45.252.100.0/22 maxlen: 24
103.220.248.0/22 maxlen: 24
103.220.252.0/22 maxlen: 24
103.221.0.0/22 maxlen: 24
103.221.4.0/22 maxlen: 24
103.221.8.0/22 maxlen: 24
103.221.12.0/22 maxlen: 24
103.221.16.0/22 maxlen: 24
103.221.20.0/22 maxlen: 24
103.221.24.0/22 maxlen: 24
103.221.28.0/22 maxlen: 24
103.221.32.0/22 maxlen: 24
103.221.36.0/22 maxlen: 24
103.221.40.0/22 maxlen: 24
103.221.44.0/22 maxlen: 24
103.221.48.0/22 maxlen: 24
103.221.92.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1944 (0x798)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=194ACC313935AF5433C2B9456D742682F961EABB
Validity
Not Before: May 14 15:10:04 2022 GMT
Not After : May 27 04:59:52 2022 GMT
Subject: CN=B0346C51EF1347132E92D381A1AABEB173CC0EE2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:cf:87:11:ec:98:a9:cb:e7:34:3f:ef:62:9a:
d0:70:39:33:01:d0:de:4c:93:54:56:a9:07:f8:16:
64:39:c9:ac:63:05:f5:87:1c:72:a2:4f:e8:89:a3:
54:18:ea:8b:68:93:df:0c:d4:99:26:17:bb:bd:b7:
6d:90:14:61:07:59:a1:50:30:82:e7:a9:2c:ca:4a:
a2:1f:dd:c7:c4:93:f7:0d:0b:63:aa:61:3e:b3:46:
b5:8b:5f:ee:48:47:8a:83:0d:1b:51:df:87:d9:9c:
85:2b:e2:75:ff:5c:3d:33:36:dd:c7:11:96:f1:67:
97:16:89:f5:ad:f7:c6:6c:0f:83:96:c3:5c:08:fe:
8a:1a:7c:7a:66:e9:24:0e:3a:aa:22:79:87:5e:47:
0a:91:76:51:da:5f:ad:ee:16:8f:61:9f:d0:ca:98:
22:c5:74:bf:09:e9:d3:7a:d0:a9:ab:40:25:7a:c0:
a9:42:80:1e:60:27:16:5d:27:7d:91:f6:ad:99:ab:
f7:46:cb:c9:81:5b:3e:95:33:c3:d0:0b:5d:bc:6b:
5d:07:46:61:72:b7:6a:bb:17:ff:17:fb:6c:be:a9:
79:bf:1a:a2:5b:00:7a:7e:2c:92:ef:0e:a8:fa:c8:
75:ed:0b:f0:65:67:e0:c2:a1:1b:b4:a7:28:af:1d:
8b:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:34:6C:51:EF:13:47:13:2E:92:D3:81:A1:AA:BE:B1:73:CC:0E:E2
X509v3 Authority Key Identifier:
keyid:19:4A:CC:31:39:35:AF:54:33:C2:B9:45:6D:74:26:82:F9:61:EA:BB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/GUrMMTk1r1QzwrlFbXQmgvlh6rs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GUrMMTk1r1QzwrlFbXQmgvlh6rs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/sDRsUe8TRxMuktOBoaq-sXPMDuI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.100.0/22
103.220.248.0-103.221.51.255
103.221.92.0/22
Signature Algorithm: sha256WithRSAEncryption
96:3a:69:28:4f:87:ef:86:08:44:e8:be:bf:c3:5e:75:5a:7e:
03:6f:09:95:64:af:47:45:7d:22:4a:0d:00:3b:ff:c7:67:7b:
ce:3a:a2:09:72:38:d2:1b:cc:2f:06:1e:d1:95:4a:01:b3:4a:
3e:89:0e:ba:f4:a2:30:74:8d:3d:94:a4:a1:54:2c:24:68:ef:
81:78:ed:4f:44:8e:78:1e:c7:fc:4e:b6:c9:71:45:4a:ae:35:
3d:6e:f9:b6:7d:06:20:ce:14:4b:89:91:a5:c6:1d:09:5a:3e:
7e:e2:90:a3:cd:97:fc:18:97:89:4f:90:53:0d:68:ae:96:0f:
50:f8:8b:97:7c:d4:17:bf:a4:db:2b:08:9a:65:c8:6c:32:a2:
a2:ba:29:c7:b1:a8:60:01:0d:eb:e9:1f:40:2c:4c:0f:c4:60:
4e:79:0c:58:a8:bf:d3:e3:c5:6a:b7:4e:61:e7:49:c8:2b:9c:
01:3f:9b:25:13:55:6e:6b:37:98:24:eb:88:7b:77:e4:92:04:
91:40:cc:e7:9e:e7:39:b1:31:4e:59:6c:db:b2:c3:a7:10:a6:
21:6a:35:2c:3c:06:cd:24:79:72:90:64:4c:d0:5a:f0:9c:64:
b4:c5:e4:bb:62:b3:c7:9d:5d:f0:cd:2e:65:f9:70:af:e1:fe:
dd:41:65:38
-----BEGIN CERTIFICATE-----
MIIE6TCCA9GgAwIBAgICB5gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTk0
QUNDMzEzOTM1QUY1NDMzQzJCOTQ1NkQ3NDI2ODJGOTYxRUFCQjAeFw0yMjA1MTQx
NTEwMDRaFw0yMjA1MjcwNDU5NTJaMDMxMTAvBgNVBAMTKEIwMzQ2QzUxRUYxMzQ3
MTMyRTkyRDM4MUExQUFCRUIxNzNDQzBFRTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvz4cR7Jipy+c0P+9imtBwOTMB0N5Mk1RWqQf4FmQ5yaxjBfWH
HHKiT+iJo1QY6otok98M1JkmF7u9t22QFGEHWaFQMILnqSzKSqIf3cfEk/cNC2Oq
YT6zRrWLX+5IR4qDDRtR34fZnIUr4nX/XD0zNt3HEZbxZ5cWifWt98ZsD4OWw1wI
/ooafHpm6SQOOqoieYdeRwqRdlHaX63uFo9hn9DKmCLFdL8J6dN60KmrQCV6wKlC
gB5gJxZdJ32R9q2Zq/dGy8mBWz6VM8PQC128a10HRmFyt2q7F/8X+2y+qXm/GqJb
AHp+LJLvDqj6yHXtC/BlZ+DCoRu0pyivHYtpAgMBAAGjggIFMIICATAdBgNVHQ4E
FgQUsDRsUe8TRxMuktOBoaq+sXPMDuIwHwYDVR0jBBgwFoAUGUrMMTk1r1QzwrlF
bXQmgvlh6rswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L0dVck1NVGsxcjFRendybEZiWFFtZ3ZsaDZycy5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvR1VyTU1UazFyMVF6d3JsRmJYUW1ndmxoNnJzLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3NEUnNVZThUUnhNdWt0
T0JvYXEtc1hQTUR1SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwMwYIKwYBBQUHAQcBAf8EJDAiMCAEAgABMBoD
BAIt/GQwDAMEA2fc+AMEAmfdMAMEAmfdXDANBgkqhkiG9w0BAQsFAAOCAQEAljpp
KE+H74YIROi+v8NedVp+A28JlWSvR0V9IkoNADv/x2d7zjqiCXI40hvMLwYe0ZVK
AbNKPokOuvSiMHSNPZSkoVQsJGjvgXjtT0SOeB7H/E62yXFFSq41PW75tn0GIM4U
S4mRpcYdCVo+fuKQo82X/BiXiU+QUw1orpYPUPiLl3zUF7+k2ysImmXIbDKiorop
x7GoYAEN6+kfQCxMD8RgTnkMWKi/0+PFardOYedJyCucAT+bJRNVbms3mCTriHt3
5JIEkUDM557nObExTlls27LDpxCmIWo1LDwGzSR5cpBkTNBa8JxktMXku2Kzx51d
8M0uZflwr+H+3UFlOA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:18 2023 by rpki-client on console-ams.rpki-client.org