Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/zXLsQxXSHgDFouH0TcawgIqVR04.roa
File: zXLsQxXSHgDFouH0TcawgIqVR04.roa (raw, json)
Hash identifier: irq9kiy0284ISUPe31yD64ml/x3lu1+4ZLiQ9IRixPw=
Subject key identifier: CD:72:EC:43:15:D2:1E:00:C5:A2:E1:F4:4D:C6:B0:80:8A:95:47:4E
Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Certificate serial: 0A5A
Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/zXLsQxXSHgDFouH0TcawgIqVR04.roa
Signing time: Tue 07 Jun 2022 10:05:40 +0000
ROA not before: Tue 07 Jun 2022 10:05:40 +0000
ROA not after: Wed 07 Jun 2023 03:34:43 +0000
asID: 4808
IP address blocks: 106.75.0.0/19 maxlen: 19
106.75.32.0/19 maxlen: 19
106.75.64.0/19 maxlen: 19
106.75.96.0/19 maxlen: 19
117.50.0.0/19 maxlen: 19
117.50.32.0/19 maxlen: 19
117.50.64.0/19 maxlen: 19
117.50.96.0/19 maxlen: 19
117.50.128.0/19 maxlen: 19
117.50.160.0/19 maxlen: 19
117.50.192.0/19 maxlen: 19
117.50.224.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2650 (0xa5a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9
Validity
Not Before: Jun 7 10:05:40 2022 GMT
Not After : Jun 7 03:34:43 2023 GMT
Subject: CN=CD72EC4315D21E00C5A2E1F44DC6B0808A95474E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:2b:24:aa:ea:ae:be:34:91:8e:fd:b7:53:2a:
06:68:6a:45:d7:5b:55:a5:0d:8b:0f:18:56:64:f3:
7d:d8:03:cd:b8:78:88:87:57:21:cc:0f:b5:ae:4e:
87:37:60:d8:f4:30:27:21:41:fd:83:e5:1b:37:43:
ec:db:e9:ae:a7:5a:ff:3c:fa:38:c5:74:f3:92:4a:
66:03:01:64:2d:27:a2:25:b6:49:b7:79:6a:2d:d6:
3f:eb:43:15:e8:60:20:6f:2f:2e:0f:80:1f:fc:14:
00:10:00:28:a7:ec:77:82:a1:ee:11:2a:fa:23:70:
d9:ec:17:6b:5c:bf:a7:8c:13:07:78:9c:c3:5e:e0:
66:fa:1d:97:7c:bf:7f:bf:05:40:7d:8c:8c:1f:11:
82:93:43:e9:19:b4:d2:fc:3d:aa:f3:0c:57:88:c3:
b5:7c:9e:72:fd:08:48:ea:c0:b2:6f:18:60:96:53:
bb:ab:e3:35:27:e6:a5:17:06:b7:01:13:78:2d:01:
68:4d:91:f5:4a:9d:9c:bf:e0:ab:21:ed:c3:bd:e5:
59:76:ad:9d:99:9a:9a:d4:8b:ee:90:21:7d:9f:99:
5d:4e:39:c0:c7:a6:e8:ed:53:4d:5b:9c:93:27:b1:
31:2e:54:99:c7:ca:ba:b6:e6:96:6b:38:76:f5:68:
4b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:72:EC:43:15:D2:1E:00:C5:A2:E1:F4:4D:C6:B0:80:8A:95:47:4E
X509v3 Authority Key Identifier:
keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/zXLsQxXSHgDFouH0TcawgIqVR04.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.75.0.0/17
117.50.0.0/16
Signature Algorithm: sha256WithRSAEncryption
56:c9:52:38:ff:c8:c7:0a:81:80:51:07:7c:07:53:5c:0e:21:
1f:71:14:af:e8:ef:48:96:83:41:40:41:a0:c9:3e:ab:32:4e:
9c:8b:61:a4:3e:ab:50:be:ce:f5:d4:9d:60:86:c0:0d:a2:bb:
83:53:db:e4:f2:c7:39:dc:9f:67:eb:96:9b:8c:41:ed:f0:57:
7e:cb:74:5f:a9:d8:70:ee:28:5b:5c:a6:25:c6:ea:85:12:f0:
be:90:7b:09:49:f8:ff:68:8f:0b:ea:6d:bc:39:49:62:8e:e6:
92:76:a8:01:2f:46:de:21:24:4e:c7:ca:73:67:ba:a1:5f:4e:
c4:6e:2e:51:18:4b:53:4c:8f:95:e0:1f:1b:8b:c2:df:18:09:
ac:18:87:64:87:33:84:cd:9f:33:52:df:0c:be:13:21:8f:38:
4a:9e:92:0b:fa:28:96:82:a9:ac:4f:f1:91:78:8e:a6:f3:50:
a5:c5:d8:b5:ad:1c:c3:ef:34:40:04:d3:b8:83:eb:13:4a:65:
61:9c:c2:6a:fa:d5:0e:8a:78:e6:2c:8b:17:4e:4e:a7:fd:cd:
44:e3:34:07:43:03:ce:1b:ad:9f:f7:b1:89:37:7c:a7:95:de:
38:e3:68:b3:48:d3:a0:0a:11:bf:21:f3:aa:bf:57:92:5f:a0:
dd:93:9d:ff
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgICClowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3
MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yMjA2MDcx
MDA1NDBaFw0yMzA2MDcwMzM0NDNaMDMxMTAvBgNVBAMTKENENzJFQzQzMTVEMjFF
MDBDNUEyRTFGNDREQzZCMDgwOEE5NTQ3NEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChKySq6q6+NJGO/bdTKgZoakXXW1WlDYsPGFZk833YA824eIiH
VyHMD7WuToc3YNj0MCchQf2D5Rs3Q+zb6a6nWv88+jjFdPOSSmYDAWQtJ6Iltkm3
eWot1j/rQxXoYCBvLy4PgB/8FAAQACin7HeCoe4RKvojcNnsF2tcv6eMEwd4nMNe
4Gb6HZd8v3+/BUB9jIwfEYKTQ+kZtNL8ParzDFeIw7V8nnL9CEjqwLJvGGCWU7ur
4zUn5qUXBrcBE3gtAWhNkfVKnZy/4Ksh7cO95Vl2rZ2ZmprUi+6QIX2fmV1OOcDH
pujtU01bnJMnsTEuVJnHyrq25pZrOHb1aEt3AgMBAAGjggH2MIIB8jAdBgNVHQ4E
FgQUzXLsQxXSHgDFouH0TcawgIqVR04wHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI
l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3
L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L3pYTHNReFhTSGdERm91
SDBUY2F3Z0lxVlIwNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwJAYIKwYBBQUHAQcBAf8EFTATMBEEAgABMAsD
BAdqSwADAwB1MjANBgkqhkiG9w0BAQsFAAOCAQEAVslSOP/IxwqBgFEHfAdTXA4h
H3EUr+jvSJaDQUBBoMk+qzJOnIthpD6rUL7O9dSdYIbADaK7g1Pb5PLHOdyfZ+uW
m4xB7fBXfst0X6nYcO4oW1ymJcbqhRLwvpB7CUn4/2iPC+ptvDlJYo7mknaoAS9G
3iEkTsfKc2e6oV9OxG4uURhLU0yPleAfG4vC3xgJrBiHZIczhM2fM1LfDL4TIY84
Sp6SC/ooloKprE/xkXiOpvNQpcXYta0cw+80QATTuIPrE0plYZzCavrVDop45iyL
F05Op/3NROM0B0MDzhutn/exiTd8p5XeOONos0jToAoRvyHzqr9Xkl+g3ZOd/w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:20 2023 by rpki-client on console-ams.rpki-client.org