Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2309/5bxaK2522WoNE5nXLwBUHhUh80k.roa
File: 5bxaK2522WoNE5nXLwBUHhUh80k.roa (raw, json)
Hash identifier: pljrWOCAYZNdnE1DMmXaxvo0LDUOPxVwToPdO8JvIog=
Subject key identifier: E5:BC:5A:2B:6E:76:D9:6A:0D:13:99:D7:2F:00:54:1E:15:21:F3:49
Certificate issuer: /CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Certificate serial: 0147
Authority key identifier: 06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/5bxaK2522WoNE5nXLwBUHhUh80k.roa
Signing time: Wed 27 Jul 2022 09:13:26 +0000
ROA not before: Wed 27 Jul 2022 09:13:26 +0000
ROA not after: Wed 19 Jul 2023 01:20:03 +0000
asID: 34549
IP address blocks: 59.83.132.0/22 maxlen: 24
114.66.140.0/22 maxlen: 24
114.66.144.0/22 maxlen: 24
114.66.156.0/22 maxlen: 24
114.66.168.0/22 maxlen: 24
114.66.176.0/22 maxlen: 24
114.66.208.0/22 maxlen: 24
114.66.212.0/22 maxlen: 24
114.66.224.0/22 maxlen: 24
114.66.228.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 327 (0x147)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Validity
Not Before: Jul 27 09:13:26 2022 GMT
Not After : Jul 19 01:20:03 2023 GMT
Subject: CN=E5BC5A2B6E76D96A0D1399D72F00541E1521F349
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:00:55:53:8b:f8:6a:ea:75:14:fe:d1:85:1c:
7f:ff:86:c6:e1:ba:d4:8f:e1:14:73:68:98:4b:30:
65:55:63:dc:82:b1:1e:e6:af:76:de:9f:63:2a:62:
31:29:b7:75:e2:ce:51:00:9d:09:ae:4d:5d:a9:8d:
3a:ec:3f:56:e6:b8:87:c4:ca:c7:20:25:1f:7d:8f:
ed:da:a6:d9:79:42:83:9f:bf:8e:09:9a:b3:2c:cb:
95:3d:b2:9c:00:9e:71:13:8c:53:02:3c:29:52:ac:
53:21:a8:a8:f0:52:01:33:8b:14:0a:d9:97:9f:b5:
b1:70:c0:4f:51:56:85:f2:54:bf:77:d4:b1:dc:92:
e5:fe:4d:76:1c:e9:f4:9d:0b:d9:9f:fe:16:94:3a:
e8:fe:10:d5:6f:a1:68:ab:1e:14:81:d4:cc:2a:ed:
7c:e7:bf:a3:d8:99:be:60:43:3b:57:37:48:ae:51:
df:4c:79:fd:c5:7c:df:ea:bb:9c:94:0e:7c:08:2d:
f6:73:3c:02:24:24:08:ba:41:f6:af:cc:36:a8:c4:
19:59:69:0b:8c:9a:b0:46:05:65:7b:4c:bb:f2:c1:
6d:a8:b9:33:79:7c:bb:ef:53:fc:38:1d:65:23:c9:
55:e7:7e:69:31:28:d8:f1:d0:4d:2f:5b:02:d8:4e:
00:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:BC:5A:2B:6E:76:D9:6A:0D:13:99:D7:2F:00:54:1E:15:21:F3:49
X509v3 Authority Key Identifier:
keyid:06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/BgwAvxelX9uFyvRXi-gzBW4Ci0M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/5bxaK2522WoNE5nXLwBUHhUh80k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
59.83.132.0/22
114.66.140.0-114.66.147.255
114.66.156.0/22
114.66.168.0/22
114.66.176.0/22
114.66.208.0/21
114.66.224.0/21
Signature Algorithm: sha256WithRSAEncryption
68:61:f5:13:69:29:4d:36:44:25:98:44:9a:97:7c:bd:00:c8:
7b:99:7a:bd:95:bb:52:15:e1:08:d8:09:e4:55:7b:e4:19:a8:
cc:34:5e:9e:68:29:ac:1a:b6:c9:95:65:c0:96:47:64:f5:85:
0d:dc:90:01:de:ac:10:f8:f1:84:2d:73:53:1c:cf:ca:b9:c8:
4d:9d:16:65:ba:5c:b7:a1:a8:2e:25:07:92:38:53:58:59:19:
a6:bf:02:cd:d9:7c:a0:cf:b1:e3:a9:b1:4c:18:e5:a6:be:ba:
fe:65:78:96:8a:bd:36:da:ed:a6:93:8b:8e:9a:15:c4:0a:50:
c5:b2:e4:7c:d7:f6:b6:ff:80:d9:ff:cc:62:9f:b3:3a:50:b5:
fb:7d:89:a7:3c:8e:35:3a:f2:a4:61:82:45:ec:93:45:9f:b9:
cb:08:c6:39:3d:20:ab:90:fc:bb:f8:54:5f:08:28:fc:de:a2:
f0:c9:3f:90:2b:6d:9c:89:0c:8b:99:02:0e:27:d4:67:42:c7:
e4:58:72:e4:73:d3:08:ed:ee:75:24:44:fb:df:19:d4:9c:a7:
1b:fe:7e:56:7a:5e:b9:23:4c:29:0e:61:e7:b9:50:1d:8c:18:
77:19:5e:8e:a2:94:11:9e:39:9c:64:d2:9b:23:33:b8:80:2c:
b4:6b:73:55
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgICAUcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDYw
QzAwQkYxN0E1NUZEQjg1Q0FGNDU3OEJFODMzMDU2RTAyOEI0MzAeFw0yMjA3Mjcw
OTEzMjZaFw0yMzA3MTkwMTIwMDNaMDMxMTAvBgNVBAMTKEU1QkM1QTJCNkU3NkQ5
NkEwRDEzOTlENzJGMDA1NDFFMTUyMUYzNDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlAFVTi/hq6nUU/tGFHH//hsbhutSP4RRzaJhLMGVVY9yCsR7m
r3ben2MqYjEpt3XizlEAnQmuTV2pjTrsP1bmuIfEyscgJR99j+3aptl5QoOfv44J
mrMsy5U9spwAnnETjFMCPClSrFMhqKjwUgEzixQK2ZeftbFwwE9RVoXyVL931LHc
kuX+TXYc6fSdC9mf/haUOuj+ENVvoWirHhSB1Mwq7Xznv6PYmb5gQztXN0iuUd9M
ef3FfN/qu5yUDnwILfZzPAIkJAi6QfavzDaoxBlZaQuMmrBGBWV7TLvywW2ouTN5
fLvvU/w4HWUjyVXnfmkxKNjx0E0vWwLYTgDzAgMBAAGjggIfMIICGzAdBgNVHQ4E
FgQU5bxaK2522WoNE5nXLwBUHhUh80kwHwYDVR0jBBgwFoAUBgwAvxelX9uFyvRX
i+gzBW4Ci0MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMw
OS9CZ3dBdnhlbFg5dUZ5dlJYaS1nekJXNENpME0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0Jnd0F2eGVsWDl1Rnl2UlhpLWd6Qlc0Q2kwTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMDkvNWJ4YUsyNTIyV29O
RTVuWEx3QlVIaFVoODBrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDBLBggrBgEFBQcBBwEB/wQ8MDowOAQCAAEw
MgMEAjtThDAMAwQCckKMAwQCckKQAwQCckKcAwQCckKoAwQCckKwAwQDckLQAwQD
ckLgMA0GCSqGSIb3DQEBCwUAA4IBAQBoYfUTaSlNNkQlmESal3y9AMh7mXq9lbtS
FeEI2AnkVXvkGajMNF6eaCmsGrbJlWXAlkdk9YUN3JAB3qwQ+PGELXNTHM/KuchN
nRZluly3oaguJQeSOFNYWRmmvwLN2Xygz7HjqbFMGOWmvrr+ZXiWir022u2mk4uO
mhXEClDFsuR81/a2/4DZ/8xin7M6ULX7fYmnPI41OvKkYYJF7JNFn7nLCMY5PSCr
kPy7+FRfCCj83qLwyT+QK22ciQyLmQIOJ9RnQsfkWHLkc9MI7e51JET73xnUnKcb
/n5Wel65I0wpDmHnuVAdjBh3GV6OopQRnjmcZNKbIzO4gCy0a3NV
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:24 2024 by rpki-client on console-ams.rpki-client.org