Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2309/2KQstormH9Ir8smpA4NqdyHSQ3U.roa
File: 2KQstormH9Ir8smpA4NqdyHSQ3U.roa (raw, json)
Hash identifier: 1hHv95WV0blCsZKFwPX1/VB6HorL0Zn+x80+WsfE65w=
Subject key identifier: D8:A4:2C:B6:8A:E6:1F:D2:2B:F2:C9:A9:03:83:6A:77:21:D2:43:75
Certificate issuer: /CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Certificate serial: 018A
Authority key identifier: 06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/2KQstormH9Ir8smpA4NqdyHSQ3U.roa
Signing time: Mon 08 Aug 2022 13:58:25 +0000
ROA not before: Mon 08 Aug 2022 13:58:25 +0000
ROA not after: Wed 19 Jul 2023 01:20:03 +0000
asID: 34549
IP address blocks: 59.83.132.0/22 maxlen: 24
114.66.140.0/22 maxlen: 24
114.66.144.0/22 maxlen: 24
114.66.156.0/22 maxlen: 24
114.66.168.0/22 maxlen: 24
114.66.176.0/22 maxlen: 24
114.66.192.0/22 maxlen: 24
114.66.208.0/22 maxlen: 24
114.66.212.0/22 maxlen: 24
114.66.224.0/22 maxlen: 24
114.66.228.0/22 maxlen: 24
218.98.80.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 394 (0x18a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Validity
Not Before: Aug 8 13:58:25 2022 GMT
Not After : Jul 19 01:20:03 2023 GMT
Subject: CN=D8A42CB68AE61FD22BF2C9A903836A7721D24375
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:21:f0:68:79:8f:7a:26:bb:1d:38:77:63:51:
d3:f5:55:f7:31:19:2a:22:b1:30:bf:b5:0b:65:a9:
27:37:12:42:ab:2f:66:37:02:1e:e4:56:f1:6c:13:
a6:97:f9:ac:d2:37:f2:f0:fb:04:b4:6a:91:da:99:
b0:13:11:85:81:d0:60:e1:fc:f0:7a:fc:e6:3c:12:
0d:68:cc:b5:bc:bd:97:51:52:c7:3e:8e:8e:06:44:
03:37:40:de:30:da:62:53:9e:dd:02:68:ea:14:fb:
6a:98:88:6b:b3:1e:17:c5:9d:21:a6:02:7c:dd:23:
b3:9f:08:2b:a9:8a:a8:98:e5:00:71:b6:aa:b8:8c:
46:03:f4:b6:1c:65:c4:15:65:b5:ba:ea:85:21:7c:
75:f4:c9:6e:dd:84:9d:ae:d3:79:c0:f5:22:7e:d4:
ee:a3:94:00:a8:dc:10:74:25:bb:e2:db:be:3b:93:
4e:cf:e9:4a:43:39:6d:8f:eb:03:63:5c:58:92:b6:
52:8c:c8:5b:04:bf:55:2c:0c:57:15:57:74:a0:06:
82:d9:35:f9:48:d6:6d:3f:a1:ca:b1:e7:9c:22:be:
51:61:82:57:50:ff:ac:d8:78:6c:e2:b8:ab:63:ae:
ea:9e:07:82:50:c5:c9:47:01:8a:68:4f:e9:24:90:
27:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:A4:2C:B6:8A:E6:1F:D2:2B:F2:C9:A9:03:83:6A:77:21:D2:43:75
X509v3 Authority Key Identifier:
keyid:06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/BgwAvxelX9uFyvRXi-gzBW4Ci0M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/2KQstormH9Ir8smpA4NqdyHSQ3U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
59.83.132.0/22
114.66.140.0-114.66.147.255
114.66.156.0/22
114.66.168.0/22
114.66.176.0/22
114.66.192.0/22
114.66.208.0/21
114.66.224.0/21
218.98.80.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:67:54:06:3b:84:94:a6:f7:54:24:d5:71:28:0e:59:ae:bb:
ab:e0:2f:c2:c2:22:8f:42:71:2c:07:91:71:c5:56:3c:59:cb:
a9:68:c8:0f:28:62:dc:89:9a:18:90:79:8e:19:b6:21:3f:87:
9f:10:8c:3a:e6:ea:0e:30:1a:48:eb:40:10:a5:e2:57:f0:a3:
49:90:31:77:db:39:f8:de:f2:bf:85:38:6f:a6:73:0b:4d:d0:
8d:72:a2:c6:1c:ca:a3:59:32:ad:05:6b:1d:b3:e7:cd:a4:e9:
dd:e9:5a:63:59:0f:bd:f1:b5:49:72:cf:15:95:df:d7:9b:91:
26:44:f1:ad:da:e8:1a:ac:b8:3a:d2:27:46:17:2b:3d:6d:52:
82:92:5f:d5:a6:58:99:62:10:9d:d0:e2:0b:26:3a:6c:19:b2:
cd:42:34:fd:d0:f0:ed:67:a9:2b:1f:79:b8:91:45:9d:ba:5c:
86:d9:2c:dc:34:e6:e1:56:54:95:95:ec:82:58:42:5d:25:63:
88:17:74:b0:2b:57:e4:ba:54:75:e7:84:78:2d:3d:f3:af:a7:
a3:01:e4:01:15:c6:46:33:17:0d:4f:a8:3d:a1:09:9f:e9:3b:
f3:7b:ab:b4:31:86:fc:07:84:8c:10:da:66:d5:9a:34:22:08:
e1:87:73:af
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgICAYowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDYw
QzAwQkYxN0E1NUZEQjg1Q0FGNDU3OEJFODMzMDU2RTAyOEI0MzAeFw0yMjA4MDgx
MzU4MjVaFw0yMzA3MTkwMTIwMDNaMDMxMTAvBgNVBAMTKEQ4QTQyQ0I2OEFFNjFG
RDIyQkYyQzlBOTAzODM2QTc3MjFEMjQzNzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPIfBoeY96JrsdOHdjUdP1VfcxGSoisTC/tQtlqSc3EkKrL2Y3
Ah7kVvFsE6aX+azSN/Lw+wS0apHambATEYWB0GDh/PB6/OY8Eg1ozLW8vZdRUsc+
jo4GRAM3QN4w2mJTnt0CaOoU+2qYiGuzHhfFnSGmAnzdI7OfCCupiqiY5QBxtqq4
jEYD9LYcZcQVZbW66oUhfHX0yW7dhJ2u03nA9SJ+1O6jlACo3BB0Jbvi2747k07P
6UpDOW2P6wNjXFiStlKMyFsEv1UsDFcVV3SgBoLZNflI1m0/ocqx55wivlFhgldQ
/6zYeGziuKtjruqeB4JQxclHAYpoT+kkkCfJAgMBAAGjggIrMIICJzAdBgNVHQ4E
FgQU2KQstormH9Ir8smpA4NqdyHSQ3UwHwYDVR0jBBgwFoAUBgwAvxelX9uFyvRX
i+gzBW4Ci0MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMw
OS9CZ3dBdnhlbFg5dUZ5dlJYaS1nekJXNENpME0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0Jnd0F2eGVsWDl1Rnl2UlhpLWd6Qlc0Q2kwTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMDkvMktRc3Rvcm1IOUly
OHNtcEE0TnFkeUhTUTNVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDBXBggrBgEFBQcBBwEB/wRIMEYwRAQCAAEw
PgMEAjtThDAMAwQCckKMAwQCckKQAwQCckKcAwQCckKoAwQCckKwAwQCckLAAwQD
ckLQAwQDckLgAwQC2mJQMA0GCSqGSIb3DQEBCwUAA4IBAQA/Z1QGO4SUpvdUJNVx
KA5Zrrur4C/CwiKPQnEsB5FxxVY8WcupaMgPKGLciZoYkHmOGbYhP4efEIw65uoO
MBpI60AQpeJX8KNJkDF32zn43vK/hThvpnMLTdCNcqLGHMqjWTKtBWsds+fNpOnd
6VpjWQ+98bVJcs8Vld/Xm5EmRPGt2ugarLg60idGFys9bVKCkl/VpliZYhCd0OIL
JjpsGbLNQjT90PDtZ6krH3m4kUWdulyG2SzcNObhVlSVleyCWEJdJWOIF3SwK1fk
ulR154R4LT3zr6ejAeQBFcZGMxcNT6g9oQmf6Tvze6u0MYb8B4SMENpm1Zo0Igjh
h3Ov
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:24 2024 by rpki-client on console-ams.rpki-client.org