Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/0S749s1yVehemdxvHfKSRqrt1IU.roa
File: 0S749s1yVehemdxvHfKSRqrt1IU.roa (raw, json)
Hash identifier: YQ3d0zgnuQOUPYY/kTRhmNksS9JUw0kFFPuv/mLRAtw=
Subject key identifier: D1:2E:F8:F6:CD:72:55:E8:5E:99:DC:6F:1D:F2:92:46:AA:ED:D4:85
Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Certificate serial: 0A5B
Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/0S749s1yVehemdxvHfKSRqrt1IU.roa
Signing time: Tue 07 Jun 2022 10:05:41 +0000
ROA not before: Tue 07 Jun 2022 10:05:41 +0000
ROA not after: Wed 07 Jun 2023 03:34:43 +0000
asID: 4812
IP address blocks: 106.75.224.0/20 maxlen: 20
106.75.240.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2651 (0xa5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Validity
Not Before: Jun 7 10:05:41 2022 GMT
Not After : Jun 7 03:34:43 2023 GMT
Subject: CN=D12EF8F6CD7255E85E99DC6F1DF29246AAEDD485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:6b:37:44:db:45:3f:89:99:a4:04:57:08:0a:
44:d1:b2:68:d0:bd:27:d2:93:f8:09:09:05:3d:44:
ad:01:70:4d:7f:a3:b9:c2:ba:9e:98:85:3b:f0:f4:
4d:61:13:52:f5:9c:b6:e6:31:44:f9:71:01:9a:f7:
de:89:a2:cc:14:a1:23:8a:99:f6:6d:e9:3f:15:5d:
90:2e:77:a0:c9:1a:db:7f:a0:40:f8:9a:98:ff:e2:
63:7d:43:53:ae:14:9c:1f:61:0a:3d:81:a8:e1:0a:
46:c4:ba:1b:32:ef:7f:22:4d:a5:7f:8c:ac:2a:1b:
26:a5:96:03:70:d9:87:25:3a:d7:cf:09:c1:6a:3a:
0a:79:30:e6:8c:f0:11:7e:1d:56:f7:24:c5:d9:14:
9d:a2:d4:c5:be:57:08:28:0d:4d:01:97:21:14:e0:
b7:be:f2:1d:cb:dc:5d:79:44:07:3f:53:b6:0d:83:
28:66:b0:30:6c:74:ee:16:38:fb:69:d0:10:b5:73:
ef:96:d2:52:8d:25:4b:07:9f:a9:9c:2d:62:b9:1d:
45:c6:2e:97:05:0f:0c:03:48:79:f9:86:ac:8c:a0:
1f:99:c4:a5:07:a9:9e:86:75:a3:55:fa:ef:ec:8a:
4d:05:f5:ae:91:b0:5b:cd:76:5b:5f:be:5c:ec:66:
a8:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:2E:F8:F6:CD:72:55:E8:5E:99:DC:6F:1D:F2:92:46:AA:ED:D4:85
X509v3 Authority Key Identifier:
keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/0S749s1yVehemdxvHfKSRqrt1IU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.75.224.0/19
Signature Algorithm: sha256WithRSAEncryption
70:ae:9b:5b:27:96:41:1e:1f:56:cb:c6:7a:43:75:55:51:39:
a4:03:14:27:88:01:11:81:53:a6:1f:d8:88:f6:08:d8:28:20:
1e:80:67:ab:de:0b:31:8e:f6:de:1e:dd:80:9a:d4:ba:19:12:
be:fc:a3:4d:1c:7e:80:66:c2:a6:b7:8e:da:f5:95:ee:43:d5:
94:97:88:1c:f8:44:ab:4e:f4:14:8e:a0:16:97:9b:e3:2b:0d:
93:5f:9c:56:25:50:bb:e7:b7:a3:59:d1:eb:01:da:f6:9e:82:
e1:0c:d5:d5:6c:29:00:50:9f:bc:99:44:1d:24:ad:57:6f:4e:
73:c8:aa:17:2d:b1:65:70:1a:3e:44:76:93:09:74:a3:93:59:
18:a9:c3:0b:fc:b4:df:f9:9c:82:0e:71:ad:69:22:d4:d3:06:
72:fb:ce:91:9c:3f:d3:e0:f0:00:09:32:45:76:e5:dd:15:04:
81:3c:12:27:d2:e0:aa:96:9d:ea:ba:75:5f:a6:4b:f6:cd:7d:
67:61:68:6e:3e:83:87:c8:3d:80:99:82:55:a9:40:2e:43:9b:
a6:04:d1:e4:d4:7f:29:61:6d:77:d7:8f:25:0d:84:dc:ce:00:
b5:42:32:6e:af:20:04:1a:60:a6:ba:43:e0:9f:dd:fa:ff:b2:
15:22:61:73
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICClswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3
MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yMjA2MDcx
MDA1NDFaFw0yMzA2MDcwMzM0NDNaMDMxMTAvBgNVBAMTKEQxMkVGOEY2Q0Q3MjU1
RTg1RTk5REM2RjFERjI5MjQ2QUFFREQ0ODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2azdE20U/iZmkBFcICkTRsmjQvSfSk/gJCQU9RK0BcE1/o7nC
up6YhTvw9E1hE1L1nLbmMUT5cQGa996JoswUoSOKmfZt6T8VXZAud6DJGtt/oED4
mpj/4mN9Q1OuFJwfYQo9gajhCkbEuhsy738iTaV/jKwqGyallgNw2YclOtfPCcFq
Ogp5MOaM8BF+HVb3JMXZFJ2i1MW+VwgoDU0BlyEU4Le+8h3L3F15RAc/U7YNgyhm
sDBsdO4WOPtp0BC1c++W0lKNJUsHn6mcLWK5HUXGLpcFDwwDSHn5hqyMoB+ZxKUH
qZ6GdaNV+u/sik0F9a6RsFvNdltfvlzsZqihAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU0S749s1yVehemdxvHfKSRqrt1IUwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI
l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3
L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3LzBTNzQ5czF5VmVoZW1k
eHZIZktTUnFydDFJVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAVqS+AwDQYJKoZIhvcNAQELBQADggEBAHCum1snlkEeH1bLxnpDdVVROaQDFCeI
ARGBU6Yf2Ij2CNgoIB6AZ6veCzGO9t4e3YCa1LoZEr78o00cfoBmwqa3jtr1le5D
1ZSXiBz4RKtO9BSOoBaXm+MrDZNfnFYlULvnt6NZ0esB2vaeguEM1dVsKQBQn7yZ
RB0krVdvTnPIqhctsWVwGj5EdpMJdKOTWRipwwv8tN/5nIIOca1pItTTBnL7zpGc
P9Pg8AAJMkV25d0VBIE8EifS4KqWneq6dV+mS/bNfWdhaG4+g4fIPYCZglWpQC5D
m6YE0eTUfylhbXfXjyUNhNzOALVCMm6vIAQaYKa6Q+Cf3fr/shUiYXM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:24 2023 by rpki-client on console-fra.rpki-client.org