Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/iPZzbgqb6Tlup4Fr2wOaykcSavY.roa
File: iPZzbgqb6Tlup4Fr2wOaykcSavY.roa (raw, json)
Hash identifier: WLO75e3MqEovRkWbXqkZC0Z9UVxhYpNQqlPrFiXB7P8=
Subject key identifier: 88:F6:73:6E:0A:9B:E9:39:6E:A7:81:6B:DB:03:9A:CA:47:12:6A:F6
Certificate issuer: /CN=E5D7C1B0C298ED183371C9DFA49D5B5FCDDE984F
Certificate serial: 04A9
Authority key identifier: E5:D7:C1:B0:C2:98:ED:18:33:71:C9:DF:A4:9D:5B:5F:CD:DE:98:4F
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5dfBsMKY7RgzccnfpJ1bX83emE8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/iPZzbgqb6Tlup4Fr2wOaykcSavY.roa
Signing time: Tue 30 Nov 2021 04:49:18 +0000
ROA not before: Tue 30 Nov 2021 04:49:18 +0000
ROA not after: Fri 27 May 2022 04:59:52 +0000
asID: 136958
IP address blocks: 42.240.128.0/20 maxlen: 20
42.240.144.0/20 maxlen: 20
42.240.160.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1193 (0x4a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E5D7C1B0C298ED183371C9DFA49D5B5FCDDE984F
Validity
Not Before: Nov 30 04:49:18 2021 GMT
Not After : May 27 04:59:52 2022 GMT
Subject: CN=88F6736E0A9BE9396EA7816BDB039ACA47126AF6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:d4:ef:55:83:97:e9:7f:0b:c1:71:a6:1f:40:
fa:eb:c9:ba:97:b6:30:b6:2b:b0:1c:af:9d:09:7b:
05:51:aa:94:e0:f0:a6:41:a7:4c:e9:fe:68:5e:82:
70:aa:70:0c:e1:0b:d5:e0:de:03:17:27:c9:a0:37:
0e:17:bf:bb:66:72:a1:48:c5:6c:d2:ad:fb:91:5a:
69:0b:09:75:36:4e:b3:25:92:61:b2:a4:47:97:a3:
1f:a8:b6:5b:bf:4a:63:96:52:a3:75:52:f5:f7:a6:
be:5b:bd:6e:91:16:f4:fc:b4:47:4b:d6:69:28:ef:
18:00:74:9d:5d:c6:ef:2e:14:ce:58:e4:1f:c3:ea:
68:63:d7:8a:e7:bb:03:6e:ae:b0:8d:ba:05:0e:17:
14:18:76:7c:39:73:ab:56:3f:53:88:70:9b:af:42:
aa:07:c1:27:fc:16:a2:7f:3a:dd:b8:54:80:d2:39:
01:ef:60:5a:f5:6a:c5:9d:0d:51:1a:cc:f7:fd:fc:
da:3d:6f:0e:ac:ef:51:5d:f1:46:82:40:53:7f:11:
6f:37:78:d3:5f:cc:37:24:28:70:66:87:2f:3d:8a:
99:92:2e:04:53:6a:d9:df:63:a0:dc:a0:5c:84:2c:
79:d7:bd:7b:53:1a:5a:36:42:e4:06:cb:a0:b3:b7:
1c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:F6:73:6E:0A:9B:E9:39:6E:A7:81:6B:DB:03:9A:CA:47:12:6A:F6
X509v3 Authority Key Identifier:
keyid:E5:D7:C1:B0:C2:98:ED:18:33:71:C9:DF:A4:9D:5B:5F:CD:DE:98:4F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/5dfBsMKY7RgzccnfpJ1bX83emE8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5dfBsMKY7RgzccnfpJ1bX83emE8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/iPZzbgqb6Tlup4Fr2wOaykcSavY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
42.240.128.0-42.240.175.255
Signature Algorithm: sha256WithRSAEncryption
b9:d0:b0:5a:72:db:73:c1:85:7f:79:eb:14:8c:fe:41:6a:4d:
fe:1b:6b:e2:27:bf:b7:04:a8:49:52:bb:c0:2c:f3:19:18:80:
94:59:51:96:e6:6d:94:0e:71:a7:8b:b5:18:99:c3:1b:a5:5c:
fd:af:8b:88:db:28:75:3a:10:ad:6c:19:04:1f:76:bc:4c:cf:
41:4b:71:9a:b9:a3:70:f3:c5:e8:99:9e:15:a7:3c:24:b4:1c:
fe:7b:e1:04:ce:17:08:7c:41:31:a2:e6:c4:37:a9:7c:30:1d:
20:e4:8f:77:dd:03:e7:e0:48:84:a8:53:94:1d:4b:7e:87:14:
cd:56:84:21:a3:c9:6b:bb:ad:53:57:b4:45:f9:2c:b2:20:fc:
e2:ed:ff:54:c3:07:3a:1f:f9:ea:87:6b:59:bd:ae:3e:f3:4d:
86:86:13:7e:0f:82:16:b4:b3:8f:f7:58:37:f9:c0:21:af:89:
00:be:e1:16:d3:7a:d4:ea:c5:d9:1c:fb:6f:05:17:48:84:2a:
bc:e1:93:60:c3:3d:ca:a0:32:80:25:cf:44:e9:22:66:08:eb:
a2:fe:a8:e5:6e:52:c1:f6:60:ab:cd:2d:43:38:ca:eb:02:89:
82:2d:57:81:28:50:1c:a3:75:85:5e:75:ab:bd:29:fe:5d:f5:
2d:14:ac:ba
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgICBKkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTVE
N0MxQjBDMjk4RUQxODMzNzFDOURGQTQ5RDVCNUZDRERFOTg0RjAeFw0yMTExMzAw
NDQ5MThaFw0yMjA1MjcwNDU5NTJaMDMxMTAvBgNVBAMTKDg4RjY3MzZFMEE5QkU5
Mzk2RUE3ODE2QkRCMDM5QUNBNDcxMjZBRjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDU1O9Vg5fpfwvBcaYfQPrrybqXtjC2K7Acr50JewVRqpTg8KZB
p0zp/mhegnCqcAzhC9Xg3gMXJ8mgNw4Xv7tmcqFIxWzSrfuRWmkLCXU2TrMlkmGy
pEeXox+otlu/SmOWUqN1UvX3pr5bvW6RFvT8tEdL1mko7xgAdJ1dxu8uFM5Y5B/D
6mhj14rnuwNurrCNugUOFxQYdnw5c6tWP1OIcJuvQqoHwSf8FqJ/Ot24VIDSOQHv
YFr1asWdDVEazPf9/No9bw6s71Fd8UaCQFN/EW83eNNfzDckKHBmhy89ipmSLgRT
atnfY6DcoFyELHnXvXtTGlo2QuQGy6CztxxtAgMBAAGjggH5MIIB9TAdBgNVHQ4E
FgQUiPZzbgqb6Tlup4Fr2wOaykcSavYwHwYDVR0jBBgwFoAU5dfBsMKY7Rgzccnf
pJ1bX83emE8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3
LzVkZkJzTUtZN1JnemNjbmZwSjFiWDgzZW1FOC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNWRmQnNNS1k3Umd6Y2NuZnBKMWJYODNlbUU4LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L2lQWnpiZ3FiNlRsdXA0
RnIyd09heWtjU2F2WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJwYIKwYBBQUHAQcBAf8EGDAWMBQEAgABMA4w
DAMEByrwgAMEBCrwoDANBgkqhkiG9w0BAQsFAAOCAQEAudCwWnLbc8GFf3nrFIz+
QWpN/htr4ie/twSoSVK7wCzzGRiAlFlRluZtlA5xp4u1GJnDG6Vc/a+LiNsodToQ
rWwZBB92vEzPQUtxmrmjcPPF6JmeFac8JLQc/nvhBM4XCHxBMaLmxDepfDAdIOSP
d90D5+BIhKhTlB1LfocUzVaEIaPJa7utU1e0RfkssiD84u3/VMMHOh/56odrWb2u
PvNNhoYTfg+CFrSzj/dYN/nAIa+JAL7hFtN61OrF2Rz7bwUXSIQqvOGTYMM9yqAy
gCXPROkiZgjrov6o5W5SwfZgq80tQzjK6wKJgi1XgShQHKN1hV51q70p/l31LRSs
ug==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:24 2023 by rpki-client on console-fra.rpki-client.org