Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2309/D2FCxzBZQAQn2h2JjsB3Xt5wUkQ.roa
File: D2FCxzBZQAQn2h2JjsB3Xt5wUkQ.roa (raw, json)
Hash identifier: lc6WGms362/6nFERwvfw7Uvu93biEGpHgQ0pqSg92Ak=
Subject key identifier: 0F:61:42:C7:30:59:40:04:27:DA:1D:89:8E:C0:77:5E:DE:70:52:44
Certificate issuer: /CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Certificate serial: 0121
Authority key identifier: 06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/D2FCxzBZQAQn2h2JjsB3Xt5wUkQ.roa
Signing time: Fri 22 Jul 2022 05:34:49 +0000
ROA not before: Fri 22 Jul 2022 05:34:49 +0000
ROA not after: Wed 19 Jul 2023 01:20:03 +0000
asID: 34549
IP address blocks: 59.83.132.0/22 maxlen: 24
114.66.140.0/22 maxlen: 24
114.66.144.0/22 maxlen: 24
114.66.148.0/22 maxlen: 24
114.66.156.0/22 maxlen: 24
114.66.168.0/22 maxlen: 24
114.66.176.0/22 maxlen: 24
114.66.208.0/22 maxlen: 24
114.66.212.0/22 maxlen: 24
114.66.216.0/22 maxlen: 24
114.66.224.0/22 maxlen: 24
114.66.228.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 289 (0x121)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Validity
Not Before: Jul 22 05:34:49 2022 GMT
Not After : Jul 19 01:20:03 2023 GMT
Subject: CN=0F6142C73059400427DA1D898EC0775EDE705244
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:36:51:33:a7:82:d8:b0:e3:06:30:a1:d0:e0:
df:c6:da:df:4a:44:be:0d:63:1b:1d:b0:64:23:a0:
b5:aa:ea:dd:37:c0:65:fb:29:59:4f:4c:62:74:9a:
bb:82:9c:8d:24:92:71:1e:cb:99:04:22:58:63:e7:
31:d1:dd:b9:44:52:54:9b:4a:d7:f1:c4:24:77:f5:
6e:c8:02:78:90:00:ec:33:e5:80:36:5a:dc:c4:62:
0b:c1:69:2b:23:8f:e1:02:76:75:04:63:bc:db:c0:
af:cd:f7:c6:22:c9:88:b9:19:a4:7b:17:55:df:d4:
e8:83:c3:ee:e7:12:91:29:5e:9d:31:e5:68:1d:54:
d6:0c:a0:0b:0b:38:bd:2e:9d:43:5a:3e:a1:4b:24:
be:a2:03:46:ec:06:19:37:d7:01:6e:2f:0b:7e:55:
9c:4f:bd:65:10:5a:53:a3:c4:5a:50:28:61:3b:04:
64:ee:8b:e0:7f:1a:79:49:f0:5c:48:8f:2b:75:2d:
f9:26:34:bb:cc:84:79:63:4f:dd:89:a6:f1:a7:d4:
5f:4b:0b:a7:e2:6e:00:1a:16:9f:74:7e:90:4c:25:
7e:80:8b:14:38:6d:04:b8:77:07:12:43:97:11:c7:
d8:55:e9:ac:c9:1e:85:36:c7:50:bf:c5:21:6c:55:
e5:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:61:42:C7:30:59:40:04:27:DA:1D:89:8E:C0:77:5E:DE:70:52:44
X509v3 Authority Key Identifier:
keyid:06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/BgwAvxelX9uFyvRXi-gzBW4Ci0M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/D2FCxzBZQAQn2h2JjsB3Xt5wUkQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
59.83.132.0/22
114.66.140.0-114.66.151.255
114.66.156.0/22
114.66.168.0/22
114.66.176.0/22
114.66.208.0-114.66.219.255
114.66.224.0/21
Signature Algorithm: sha256WithRSAEncryption
58:28:17:53:e3:97:43:b8:39:97:c0:18:26:55:09:04:41:02:
8b:7b:2f:fc:c0:f9:3e:7b:1e:85:0b:ef:a4:9d:11:7f:85:52:
d1:fa:bb:08:89:ff:51:f0:d0:ac:91:27:35:79:1f:17:20:10:
45:22:ec:df:b0:ab:33:75:4d:01:a0:cd:4c:af:03:3f:df:5a:
a1:b6:23:d4:6b:9e:9f:70:90:f8:ed:68:a8:ba:52:29:03:5d:
88:86:b3:e2:92:cb:8f:39:00:4d:46:49:3d:52:b6:0f:74:b2:
c4:33:68:7a:b4:ea:d3:f3:1a:93:b7:f3:00:66:b8:93:57:80:
ae:12:36:30:2e:a4:c6:6a:6e:d8:ce:6e:90:51:4d:88:42:8e:
af:38:fb:82:43:90:ce:4e:63:39:32:78:34:bc:75:49:1e:60:
ce:dd:23:28:2e:af:f2:b0:23:ed:2b:fc:42:a6:b1:1f:2a:55:
e9:bd:ce:12:2f:89:ca:c1:df:b0:a0:4c:11:93:99:c6:ac:6d:
83:33:18:b4:90:14:b9:f7:f1:30:b3:c9:f2:62:d3:ae:b9:96:
89:d8:97:0f:f7:d2:4d:84:5f:5e:9b:89:50:9b:b7:fa:f6:be:
13:d9:1f:8b:09:2e:21:9d:46:ca:3d:f5:b5:3c:57:b8:e9:76:
18:03:d7:a4
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgICASEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDYw
QzAwQkYxN0E1NUZEQjg1Q0FGNDU3OEJFODMzMDU2RTAyOEI0MzAeFw0yMjA3MjIw
NTM0NDlaFw0yMzA3MTkwMTIwMDNaMDMxMTAvBgNVBAMTKDBGNjE0MkM3MzA1OTQw
MDQyN0RBMUQ4OThFQzA3NzVFREU3MDUyNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbNlEzp4LYsOMGMKHQ4N/G2t9KRL4NYxsdsGQjoLWq6t03wGX7
KVlPTGJ0mruCnI0kknEey5kEIlhj5zHR3blEUlSbStfxxCR39W7IAniQAOwz5YA2
WtzEYgvBaSsjj+ECdnUEY7zbwK/N98YiyYi5GaR7F1Xf1OiDw+7nEpEpXp0x5Wgd
VNYMoAsLOL0unUNaPqFLJL6iA0bsBhk31wFuLwt+VZxPvWUQWlOjxFpQKGE7BGTu
i+B/GnlJ8FxIjyt1LfkmNLvMhHljT92JpvGn1F9LC6fibgAaFp90fpBMJX6AixQ4
bQS4dwcSQ5cRx9hV6azJHoU2x1C/xSFsVeU1AgMBAAGjggInMIICIzAdBgNVHQ4E
FgQUD2FCxzBZQAQn2h2JjsB3Xt5wUkQwHwYDVR0jBBgwFoAUBgwAvxelX9uFyvRX
i+gzBW4Ci0MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMw
OS9CZ3dBdnhlbFg5dUZ5dlJYaS1nekJXNENpME0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0Jnd0F2eGVsWDl1Rnl2UlhpLWd6Qlc0Q2kwTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMDkvRDJGQ3h6QlpRQVFu
MmgySmpzQjNYdDV3VWtRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDBTBggrBgEFBQcBBwEB/wREMEIwQAQCAAEw
OgMEAjtThDAMAwQCckKMAwQDckKQAwQCckKcAwQCckKoAwQCckKwMAwDBARyQtAD
BAJyQtgDBANyQuAwDQYJKoZIhvcNAQELBQADggEBAFgoF1Pjl0O4OZfAGCZVCQRB
Aot7L/zA+T57HoUL76SdEX+FUtH6uwiJ/1Hw0KyRJzV5HxcgEEUi7N+wqzN1TQGg
zUyvAz/fWqG2I9Rrnp9wkPjtaKi6UikDXYiGs+KSy485AE1GST1Stg90ssQzaHq0
6tPzGpO38wBmuJNXgK4SNjAupMZqbtjObpBRTYhCjq84+4JDkM5OYzkyeDS8dUke
YM7dIygur/KwI+0r/EKmsR8qVem9zhIvicrB37CgTBGTmcasbYMzGLSQFLn38TCz
yfJi0665lonYlw/30k2EX16biVCbt/r2vhPZH4sJLiGdRso99bU8V7jpdhgD16Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:24 2024 by rpki-client on console-ams.rpki-client.org