Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2309/MQSHi0BjbfKeVtl9oqCBTbbUDgw.roa
File: MQSHi0BjbfKeVtl9oqCBTbbUDgw.roa (raw, json)
Hash identifier: quBaRiHJDHMH755BPN8vWV64mipT8viDZ5jTP/BYO4w=
Subject key identifier: 31:04:87:8B:40:63:6D:F2:9E:56:D9:7D:A2:A0:81:4D:B6:D4:0E:0C
Certificate issuer: /CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Certificate serial: A2
Authority key identifier: 06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/MQSHi0BjbfKeVtl9oqCBTbbUDgw.roa
Signing time: Thu 30 Jun 2022 02:06:16 +0000
ROA not before: Thu 30 Jun 2022 02:06:16 +0000
ROA not after: Fri 09 Jun 2023 06:51:49 +0000
asID: 34549
IP address blocks: 59.83.132.0/22 maxlen: 24
114.66.128.0/20 maxlen: 24
114.66.144.0/22 maxlen: 24
114.66.148.0/22 maxlen: 24
114.66.152.0/22 maxlen: 24
114.66.156.0/22 maxlen: 24
114.66.160.0/20 maxlen: 24
114.66.168.0/22 maxlen: 24
114.66.176.0/22 maxlen: 24
114.66.180.0/22 maxlen: 24
114.66.184.0/22 maxlen: 24
114.66.208.0/22 maxlen: 24
114.66.216.0/22 maxlen: 24
114.66.224.0/22 maxlen: 24
114.66.228.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162 (0xa2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Validity
Not Before: Jun 30 02:06:16 2022 GMT
Not After : Jun 9 06:51:49 2023 GMT
Subject: CN=3104878B40636DF29E56D97DA2A0814DB6D40E0C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:68:30:1b:49:db:cd:68:80:ed:fb:6f:a9:d8:
a8:b8:58:16:a8:ec:b9:51:ad:55:5b:4e:77:bd:53:
5a:34:2d:17:d4:4c:17:7e:b2:65:07:43:f5:f3:9a:
55:b4:3c:55:80:58:78:42:d8:e5:0f:e6:77:53:4b:
8f:60:79:2a:f7:c5:a2:0d:ab:50:d9:cb:93:c5:63:
0b:e8:21:0b:27:9f:a9:44:ff:63:cd:a7:a0:cb:e7:
18:92:e2:d7:d9:13:95:db:61:e0:9d:5b:fc:e0:7c:
73:4d:16:b0:4a:22:a9:6f:10:4c:e8:4f:de:2c:b9:
7d:79:6b:be:50:1e:9a:7c:fa:89:1f:de:b8:f7:8d:
82:fd:c8:b7:67:35:87:64:25:7f:f8:aa:a7:d1:13:
93:7a:dc:e3:9c:d3:6f:3d:49:c2:5c:d8:fa:e0:ac:
1d:2b:b8:94:39:c4:40:72:9b:80:b5:54:55:ce:d2:
9e:3f:a9:22:9f:64:9d:e2:ae:e1:2f:f0:d4:05:4e:
78:d3:e3:58:25:a3:f5:13:29:37:96:70:86:d9:db:
51:64:d0:72:82:22:57:c9:0e:29:b1:c5:e7:c9:45:
95:90:2d:28:0d:f4:41:a2:0f:ff:d2:ac:98:d3:71:
35:de:93:32:d7:1c:49:bd:3e:45:5f:ee:6c:dc:e2:
b8:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:04:87:8B:40:63:6D:F2:9E:56:D9:7D:A2:A0:81:4D:B6:D4:0E:0C
X509v3 Authority Key Identifier:
keyid:06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/BgwAvxelX9uFyvRXi-gzBW4Ci0M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/MQSHi0BjbfKeVtl9oqCBTbbUDgw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
59.83.132.0/22
114.66.128.0-114.66.187.255
114.66.208.0/22
114.66.216.0/22
114.66.224.0/21
Signature Algorithm: sha256WithRSAEncryption
9e:23:fd:f8:a8:50:53:86:72:e6:b0:d0:9c:64:c4:d4:d3:12:
ea:07:66:05:e0:1e:a2:1f:56:89:d4:97:4a:dc:9a:ba:ba:e4:
c1:89:eb:3a:ec:8a:eb:96:93:d5:d3:27:56:72:51:d8:b9:8d:
d5:5f:96:c1:4e:ec:cf:4a:6a:73:ee:3c:f1:09:8d:64:32:02:
e0:35:c2:f6:0e:89:5e:45:76:d2:51:6b:26:56:47:f5:4e:fa:
88:91:07:cc:62:a2:ee:8a:3f:2a:b2:cd:6d:78:75:8c:17:dd:
bd:f2:54:8c:8e:81:1f:54:0d:1a:ca:6d:e8:4d:d8:89:d4:ff:
8e:74:cc:dc:62:1f:da:13:fa:71:bc:5d:ee:12:23:a4:f4:d8:
d7:f1:b9:d6:93:bf:c8:86:f5:07:4a:a1:58:8e:9a:19:96:d6:
9e:1c:4c:44:09:7c:a0:02:dd:65:b8:7a:25:af:9a:25:95:42:
db:9f:7c:80:83:13:f1:44:dd:64:7f:4e:25:c9:54:a1:54:6c:
06:c0:6d:e9:a9:70:66:43:47:3b:10:42:46:de:1f:89:d0:c9:
39:e8:da:46:09:fc:9e:8c:f1:cd:ef:00:e7:bc:30:74:0f:3b:
0e:e0:ea:ce:59:dd:dd:da:91:38:86:80:ed:be:a9:3f:ef:cf:
aa:c3:11:66
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgICAKIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDYw
QzAwQkYxN0E1NUZEQjg1Q0FGNDU3OEJFODMzMDU2RTAyOEI0MzAeFw0yMjA2MzAw
MjA2MTZaFw0yMzA2MDkwNjUxNDlaMDMxMTAvBgNVBAMTKDMxMDQ4NzhCNDA2MzZE
RjI5RTU2RDk3REEyQTA4MTREQjZENDBFMEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjaDAbSdvNaIDt+2+p2Ki4WBao7LlRrVVbTne9U1o0LRfUTBd+
smUHQ/XzmlW0PFWAWHhC2OUP5ndTS49geSr3xaINq1DZy5PFYwvoIQsnn6lE/2PN
p6DL5xiS4tfZE5XbYeCdW/zgfHNNFrBKIqlvEEzoT94suX15a75QHpp8+okf3rj3
jYL9yLdnNYdkJX/4qqfRE5N63OOc0289ScJc2PrgrB0ruJQ5xEBym4C1VFXO0p4/
qSKfZJ3iruEv8NQFTnjT41glo/UTKTeWcIbZ21Fk0HKCIlfJDimxxefJRZWQLSgN
9EGiD//SrJjTcTXekzLXHEm9PkVf7mzc4rhFAgMBAAGjggITMIICDzAdBgNVHQ4E
FgQUMQSHi0BjbfKeVtl9oqCBTbbUDgwwHwYDVR0jBBgwFoAUBgwAvxelX9uFyvRX
i+gzBW4Ci0MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMw
OS9CZ3dBdnhlbFg5dUZ5dlJYaS1nekJXNENpME0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0Jnd0F2eGVsWDl1Rnl2UlhpLWd6Qlc0Q2kwTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMDkvTVFTSGkwQmpiZktl
VnRsOW9xQ0JUYmJVRGd3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDA/BggrBgEFBQcBBwEB/wQwMC4wLAQCAAEw
JgMEAjtThDAMAwQHckKAAwQCckK4AwQCckLQAwQCckLYAwQDckLgMA0GCSqGSIb3
DQEBCwUAA4IBAQCeI/34qFBThnLmsNCcZMTU0xLqB2YF4B6iH1aJ1JdK3Jq6uuTB
ies67IrrlpPV0ydWclHYuY3VX5bBTuzPSmpz7jzxCY1kMgLgNcL2DoleRXbSUWsm
Vkf1TvqIkQfMYqLuij8qss1teHWMF9298lSMjoEfVA0aym3oTdiJ1P+OdMzcYh/a
E/pxvF3uEiOk9NjX8bnWk7/IhvUHSqFYjpoZltaeHExECXygAt1luHolr5ollULb
n3yAgxPxRN1kf04lyVShVGwGwG3pqXBmQ0c7EEJG3h+J0Mk56NpGCfyejPHN7wDn
vDB0DzsO4OrOWd3d2pE4hoDtvqk/78+qwxFm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:58 2024 by rpki-client on console-fra.rpki-client.org