Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/tMIZKeu4WkJwRCKeGE5xhuhNnRA.roa
File: tMIZKeu4WkJwRCKeGE5xhuhNnRA.roa (raw, json)
Hash identifier: K95WZxco4LQ84uC0zerHvM1q2IBcz/LR2uk5t0z56GI=
Subject key identifier: B4:C2:19:29:EB:B8:5A:42:70:44:22:9E:18:4E:71:86:E8:4D:9D:10
Certificate issuer: /CN=194ACC313935AF5433C2B9456D742682F961EABB
Certificate serial: 05ED
Authority key identifier: 19:4A:CC:31:39:35:AF:54:33:C2:B9:45:6D:74:26:82:F9:61:EA:BB
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GUrMMTk1r1QzwrlFbXQmgvlh6rs.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/tMIZKeu4WkJwRCKeGE5xhuhNnRA.roa
Signing time: Fri 11 Mar 2022 04:51:05 +0000
ROA not before: Fri 11 Mar 2022 04:51:05 +0000
ROA not after: Fri 27 May 2022 04:59:52 +0000
asID: 139259
IP address blocks: 45.252.100.0/22 maxlen: 24
103.6.108.0/24 maxlen: 24
103.220.248.0/24 maxlen: 24
103.220.249.0/24 maxlen: 24
103.220.250.0/23 maxlen: 24
103.220.252.0/22 maxlen: 24
103.221.0.0/22 maxlen: 24
103.221.4.0/23 maxlen: 24
103.221.6.0/24 maxlen: 24
103.221.7.0/24 maxlen: 24
103.221.8.0/22 maxlen: 24
103.221.12.0/22 maxlen: 24
103.221.16.0/22 maxlen: 24
103.221.20.0/22 maxlen: 24
103.221.24.0/22 maxlen: 24
103.221.28.0/22 maxlen: 24
103.221.32.0/23 maxlen: 24
103.221.34.0/24 maxlen: 24
103.221.35.0/24 maxlen: 24
103.221.36.0/22 maxlen: 24
103.221.36.0/24 maxlen: 24
103.221.37.0/24 maxlen: 24
103.221.40.0/22 maxlen: 24
103.221.44.0/22 maxlen: 24
103.221.48.0/24 maxlen: 24
103.221.50.0/24 maxlen: 24
103.221.92.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1517 (0x5ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=194ACC313935AF5433C2B9456D742682F961EABB
Validity
Not Before: Mar 11 04:51:05 2022 GMT
Not After : May 27 04:59:52 2022 GMT
Subject: CN=B4C21929EBB85A427044229E184E7186E84D9D10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:70:16:d0:b6:59:42:44:53:36:18:3c:62:5a:
a3:9e:e2:2d:eb:22:d5:aa:50:3b:86:51:a0:af:23:
82:1c:d4:0e:19:4d:bb:51:6c:93:fc:43:31:b6:5b:
df:df:c9:45:ed:ae:f0:0d:85:78:db:94:83:e3:08:
47:20:66:50:92:11:71:c9:f2:77:4c:ec:62:c7:d7:
64:bc:e7:fa:81:d4:e8:d2:28:55:7a:b0:50:aa:5e:
24:7b:eb:43:cf:3a:46:6a:6b:1c:60:07:f7:e7:b9:
99:e7:28:dd:2d:49:c5:22:ba:8b:57:36:b9:55:84:
80:8b:6a:98:b1:1f:eb:bb:01:be:03:eb:9d:a5:62:
00:da:22:75:61:7d:56:f3:9d:f4:dd:d6:5c:9c:50:
12:69:2f:93:58:7a:23:00:85:79:8f:cf:42:57:1c:
7b:ca:58:6e:07:0a:ba:81:e1:68:f1:13:fe:05:cb:
74:45:5f:a4:ed:d4:e0:9b:b7:52:1b:5e:3c:cc:8e:
fd:de:92:f3:a1:4c:fb:8b:9e:d3:ef:53:52:da:8e:
97:14:eb:61:8b:12:12:08:73:0d:cc:8d:79:31:07:
8d:59:bf:bd:27:4a:c2:99:c9:33:bd:64:7c:f1:98:
04:ac:a6:53:d3:e4:ce:81:a6:a8:a8:0b:56:a0:88:
c3:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:C2:19:29:EB:B8:5A:42:70:44:22:9E:18:4E:71:86:E8:4D:9D:10
X509v3 Authority Key Identifier:
keyid:19:4A:CC:31:39:35:AF:54:33:C2:B9:45:6D:74:26:82:F9:61:EA:BB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/GUrMMTk1r1QzwrlFbXQmgvlh6rs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GUrMMTk1r1QzwrlFbXQmgvlh6rs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/tMIZKeu4WkJwRCKeGE5xhuhNnRA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.252.100.0/22
103.6.108.0/24
103.220.248.0-103.221.48.255
103.221.50.0/24
103.221.92.0/23
Signature Algorithm: sha256WithRSAEncryption
22:60:e0:55:73:1b:eb:a3:af:46:c2:01:75:fd:1b:a2:67:90:
99:7b:d8:e7:78:ec:92:dd:e7:be:96:a7:32:87:a5:64:ff:83:
e1:ac:79:b7:ee:5c:d1:be:c3:f3:23:c9:38:95:13:2b:f2:71:
f1:db:f5:fb:3b:5b:71:69:8f:0a:2f:b6:54:e6:63:08:a5:21:
e7:55:70:77:4b:66:8c:86:ee:bc:af:3f:fa:71:1e:cf:68:a0:
8d:b7:b8:d1:b3:04:bb:2c:8e:00:d9:05:f5:eb:da:7b:93:46:
b3:a4:0e:18:00:1c:c8:b1:32:a9:ab:f2:98:2c:2e:f0:5b:75:
6b:4a:ff:1b:c8:10:8f:aa:7f:cf:86:e0:da:e9:8f:56:86:8a:
d7:0d:a7:08:a9:1a:4a:80:12:b8:4e:f6:71:8c:cc:71:a4:44:
b3:42:2e:07:30:c4:ac:3c:99:8d:d6:4c:81:e0:3c:6e:f5:fb:
93:16:f8:16:26:d7:b8:b9:26:1d:ef:91:37:f6:58:ec:4c:01:
57:d7:13:6b:cb:c3:08:d3:d3:36:de:91:59:51:e6:b6:8f:58:
a5:10:43:bb:c0:b0:b3:13:ae:a9:76:2b:25:88:d1:fc:c7:87:
a5:ac:17:08:88:35:6e:01:ce:b4:45:53:63:ea:e1:e9:8c:36:
7f:02:42:f4
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgICBe0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTk0
QUNDMzEzOTM1QUY1NDMzQzJCOTQ1NkQ3NDI2ODJGOTYxRUFCQjAeFw0yMjAzMTEw
NDUxMDVaFw0yMjA1MjcwNDU5NTJaMDMxMTAvBgNVBAMTKEI0QzIxOTI5RUJCODVB
NDI3MDQ0MjI5RTE4NEU3MTg2RTg0RDlEMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDvcBbQtllCRFM2GDxiWqOe4i3rItWqUDuGUaCvI4Ic1A4ZTbtR
bJP8QzG2W9/fyUXtrvANhXjblIPjCEcgZlCSEXHJ8ndM7GLH12S85/qB1OjSKFV6
sFCqXiR760PPOkZqaxxgB/fnuZnnKN0tScUiuotXNrlVhICLapixH+u7Ab4D652l
YgDaInVhfVbznfTd1lycUBJpL5NYeiMAhXmPz0JXHHvKWG4HCrqB4WjxE/4Fy3RF
X6Tt1OCbt1IbXjzMjv3ekvOhTPuLntPvU1LajpcU62GLEhIIcw3MjXkxB41Zv70n
SsKZyTO9ZHzxmASsplPT5M6BpqioC1agiMNBAgMBAAGjggIRMIICDTAdBgNVHQ4E
FgQUtMIZKeu4WkJwRCKeGE5xhuhNnRAwHwYDVR0jBBgwFoAUGUrMMTk1r1QzwrlF
bXQmgvlh6rswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L0dVck1NVGsxcjFRendybEZiWFFtZ3ZsaDZycy5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvR1VyTU1UazFyMVF6d3JsRmJYUW1ndmxoNnJzLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3RNSVpLZXU0V2tKd1JD
S2VHRTV4aHVoTm5SQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwPwYIKwYBBQUHAQcBAf8EMDAuMCwEAgABMCYD
BAIt/GQDBABnBmwwDAMEA2fc+AMEAGfdMAMEAGfdMgMEAWfdXDANBgkqhkiG9w0B
AQsFAAOCAQEAImDgVXMb66OvRsIBdf0bomeQmXvY53jskt3nvpanMoelZP+D4ax5
t+5c0b7D8yPJOJUTK/Jx8dv1+ztbcWmPCi+2VOZjCKUh51Vwd0tmjIbuvK8/+nEe
z2igjbe40bMEuyyOANkF9evae5NGs6QOGAAcyLEyqavymCwu8Ft1a0r/G8gQj6p/
z4bg2umPVoaK1w2nCKkaSoASuE72cYzMcaREs0IuBzDErDyZjdZMgeA8bvX7kxb4
FibXuLkmHe+RN/ZY7EwBV9cTa8vDCNPTNt6RWVHmto9YpRBDu8CwsxOuqXYrJYjR
/MeHpawXCIg1bgHOtEVTY+rh6Yw2fwJC9A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:23 2023 by rpki-client on console-fra.rpki-client.org