Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2309/9K-hWBCLb9NdCmAbqFworsX8Nao.roa
File: 9K-hWBCLb9NdCmAbqFworsX8Nao.roa (raw, json)
Hash identifier: ierLgjr72A8R/zijlxJxJQyu9C38vGgD1RaMZ6KpjKk=
Subject key identifier: F4:AF:A1:58:10:8B:6F:D3:5D:0A:60:1B:A8:5C:28:AE:C5:FC:35:AA
Certificate issuer: /CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Certificate serial: 0299
Authority key identifier: 06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/9K-hWBCLb9NdCmAbqFworsX8Nao.roa
Signing time: Wed 28 Sep 2022 04:55:22 +0000
ROA not before: Wed 28 Sep 2022 04:55:22 +0000
ROA not after: Mon 28 Aug 2023 04:15:34 +0000
asID: 34549
IP address blocks: 59.83.132.0/22 maxlen: 24
114.66.140.0/22 maxlen: 24
114.66.144.0/22 maxlen: 24
114.66.156.0/22 maxlen: 24
114.66.192.0/22 maxlen: 24
114.66.212.0/22 maxlen: 24
114.66.224.0/22 maxlen: 24
114.66.228.0/22 maxlen: 24
218.98.69.0/24 maxlen: 24
218.98.70.0/24 maxlen: 24
218.98.71.0/24 maxlen: 24
218.98.72.0/24 maxlen: 24
218.98.80.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 665 (0x299)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Validity
Not Before: Sep 28 04:55:22 2022 GMT
Not After : Aug 28 04:15:34 2023 GMT
Subject: CN=F4AFA158108B6FD35D0A601BA85C28AEC5FC35AA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:6e:f9:70:de:7e:b4:45:fc:17:80:72:1a:78:
e3:c0:82:29:51:8f:ad:84:a7:38:f3:09:e6:e1:45:
ff:3a:7a:42:78:fa:94:c3:12:78:b3:03:35:f7:1d:
f9:59:c3:71:7c:19:c1:f8:4e:1d:e3:9f:55:46:b5:
ed:82:22:8e:ac:5c:b9:64:35:51:e7:68:f6:b5:72:
03:ca:25:b4:db:e5:18:3c:25:2b:dd:71:84:63:35:
5d:00:e3:af:b3:54:5c:81:6b:a6:4b:7c:21:11:fc:
c9:41:cb:5b:54:83:c4:38:61:e7:1a:81:5d:cd:af:
89:0e:66:b8:85:1a:8b:eb:d2:dc:f7:24:58:52:03:
21:5e:a0:2e:18:76:10:4c:38:8b:e3:45:97:94:b8:
8f:fa:4b:93:4b:00:24:3a:4e:b1:96:3e:18:bd:09:
9c:ea:1e:bf:a4:a0:9b:d6:b2:23:e1:d8:05:39:a2:
0e:33:11:80:30:6e:3b:81:bb:56:46:3c:3b:84:22:
e8:8a:4d:a7:26:eb:c6:73:b1:22:92:d3:27:ae:07:
96:a8:a7:86:40:5f:4c:c0:49:f7:7d:6c:72:49:fd:
b0:44:3d:23:43:4a:12:72:81:11:9d:b9:0b:85:bb:
97:59:47:7a:41:b9:02:12:73:3b:12:e7:81:6b:38:
61:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:AF:A1:58:10:8B:6F:D3:5D:0A:60:1B:A8:5C:28:AE:C5:FC:35:AA
X509v3 Authority Key Identifier:
keyid:06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/BgwAvxelX9uFyvRXi-gzBW4Ci0M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/9K-hWBCLb9NdCmAbqFworsX8Nao.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
59.83.132.0/22
114.66.140.0-114.66.147.255
114.66.156.0/22
114.66.192.0/22
114.66.212.0/22
114.66.224.0/21
218.98.69.0-218.98.72.255
218.98.80.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:ee:33:6c:1c:8e:c6:28:85:29:d2:37:a5:05:44:04:fe:a8:
52:ac:67:33:29:75:ce:30:a8:68:22:76:a7:43:28:b6:ae:52:
a3:6f:43:6c:d5:3f:d3:f4:29:ba:e0:6c:6b:bb:b1:e0:85:23:
9d:cd:62:c4:83:18:d6:94:34:a6:44:13:b2:bd:3d:4e:92:e7:
df:d3:43:64:d2:99:35:5e:7f:a3:3e:cc:68:c1:3e:f3:bd:2d:
76:c9:8b:67:1a:a1:87:60:26:26:29:ba:11:ee:c3:1e:f3:d5:
31:46:d5:27:70:f6:50:c6:ba:0b:43:17:c6:fa:c7:9b:6f:5a:
0c:b3:1c:b5:fd:7e:a5:93:c7:0f:1c:6c:53:92:e0:02:73:56:
f5:79:0c:81:b3:d6:61:67:13:51:c1:fb:fe:f2:d9:46:12:09:
c2:08:49:f7:09:b7:0b:50:48:ca:5f:99:f6:44:ee:c7:dd:c6:
a6:62:12:37:a3:6e:93:84:28:b6:41:d5:d9:c9:55:20:eb:4b:
a2:7f:b8:fe:52:7f:fc:27:ff:27:ff:7f:e2:2a:a4:f5:e7:f3:
87:57:de:7f:46:37:26:bc:6a:59:2d:c5:46:db:20:45:e6:1a:
ba:f6:41:41:90:cf:24:2c:19:a1:bc:26:d9:24:4d:33:1f:36:
ca:7d:54:d8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgICApkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDYw
QzAwQkYxN0E1NUZEQjg1Q0FGNDU3OEJFODMzMDU2RTAyOEI0MzAeFw0yMjA5Mjgw
NDU1MjJaFw0yMzA4MjgwNDE1MzRaMDMxMTAvBgNVBAMTKEY0QUZBMTU4MTA4QjZG
RDM1RDBBNjAxQkE4NUMyOEFFQzVGQzM1QUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCZbvlw3n60RfwXgHIaeOPAgilRj62EpzjzCebhRf86ekJ4+pTD
EnizAzX3HflZw3F8GcH4Th3jn1VGte2CIo6sXLlkNVHnaPa1cgPKJbTb5Rg8JSvd
cYRjNV0A46+zVFyBa6ZLfCER/MlBy1tUg8Q4YecagV3Nr4kOZriFGovr0tz3JFhS
AyFeoC4YdhBMOIvjRZeUuI/6S5NLACQ6TrGWPhi9CZzqHr+koJvWsiPh2AU5og4z
EYAwbjuBu1ZGPDuEIuiKTacm68ZzsSKS0yeuB5aop4ZAX0zASfd9bHJJ/bBEPSND
ShJygRGduQuFu5dZR3pBuQISczsS54FrOGHHAgMBAAGjggItMIICKTAdBgNVHQ4E
FgQU9K+hWBCLb9NdCmAbqFworsX8NaowHwYDVR0jBBgwFoAUBgwAvxelX9uFyvRX
i+gzBW4Ci0MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMw
OS9CZ3dBdnhlbFg5dUZ5dlJYaS1nekJXNENpME0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0Jnd0F2eGVsWDl1Rnl2UlhpLWd6Qlc0Q2kwTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMDkvOUstaFdCQ0xiOU5k
Q21BYnFGd29yc1g4TmFvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDBZBggrBgEFBQcBBwEB/wRKMEgwRgQCAAEw
QAMEAjtThDAMAwQCckKMAwQCckKQAwQCckKcAwQCckLAAwQCckLUAwQDckLgMAwD
BADaYkUDBADaYkgDBALaYlAwDQYJKoZIhvcNAQELBQADggEBAJruM2wcjsYohSnS
N6UFRAT+qFKsZzMpdc4wqGgidqdDKLauUqNvQ2zVP9P0KbrgbGu7seCFI53NYsSD
GNaUNKZEE7K9PU6S59/TQ2TSmTVef6M+zGjBPvO9LXbJi2caoYdgJiYpuhHuwx7z
1TFG1Sdw9lDGugtDF8b6x5tvWgyzHLX9fqWTxw8cbFOS4AJzVvV5DIGz1mFnE1HB
+/7y2UYSCcIISfcJtwtQSMpfmfZE7sfdxqZiEjejbpOEKLZB1dnJVSDrS6J/uP5S
f/wn/yf/f+IqpPXn84dX3n9GNya8alktxUbbIEXmGrr2QUGQzyQsGaG8JtkkTTMf
Nsp9VNg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:58 2024 by rpki-client on console-fra.rpki-client.org