Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2309/OID1GtHWxx4XreVGTKCbCP2034Y.roa
File: OID1GtHWxx4XreVGTKCbCP2034Y.roa (raw, json)
Hash identifier: LYxY/d5fWlXp9f6EtJkHzYKjAil7dF3u5XUmf0Sv+CQ=
Subject key identifier: 38:80:F5:1A:D1:D6:C7:1E:17:AD:E5:46:4C:A0:9B:08:FD:B4:DF:86
Certificate issuer: /CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Certificate serial: 0166
Authority key identifier: 06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/OID1GtHWxx4XreVGTKCbCP2034Y.roa
Signing time: Tue 02 Aug 2022 03:22:07 +0000
ROA not before: Tue 02 Aug 2022 03:22:07 +0000
ROA not after: Wed 19 Jul 2023 01:20:03 +0000
asID: 34549
IP address blocks: 59.83.132.0/22 maxlen: 24
114.66.140.0/22 maxlen: 24
114.66.144.0/22 maxlen: 24
114.66.156.0/22 maxlen: 24
114.66.168.0/22 maxlen: 24
114.66.176.0/22 maxlen: 24
114.66.192.0/22 maxlen: 24
114.66.208.0/22 maxlen: 24
114.66.212.0/22 maxlen: 24
114.66.224.0/22 maxlen: 24
114.66.228.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 358 (0x166)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Validity
Not Before: Aug 2 03:22:07 2022 GMT
Not After : Jul 19 01:20:03 2023 GMT
Subject: CN=3880F51AD1D6C71E17ADE5464CA09B08FDB4DF86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:f7:16:46:86:1d:8d:2d:d0:c8:10:49:56:d0:
e8:65:54:86:3b:63:4b:16:8a:87:f3:d7:4c:d9:35:
be:02:a1:27:ce:69:28:6c:34:5c:bd:24:f1:66:65:
f0:ef:02:26:02:e9:95:85:9f:ae:0e:ee:ef:40:23:
24:26:24:8f:96:e0:d1:81:40:cd:43:14:69:0b:00:
43:91:f0:fe:4a:a8:ae:92:22:90:0d:6c:af:aa:1e:
5d:ff:81:9e:50:39:02:e8:8e:92:32:22:ed:9f:43:
d2:26:92:38:21:3d:eb:f3:10:19:6f:8e:92:6e:ec:
7e:1d:73:58:11:48:8c:8b:6f:57:31:bb:ff:9e:bd:
7f:41:d1:7c:20:ce:69:a5:68:9f:65:1e:a0:b9:a5:
7a:fa:20:14:c2:4a:35:fe:e2:00:e2:d9:7e:6b:aa:
a0:ba:a8:59:f2:13:60:3c:33:e0:f1:70:43:16:ef:
a1:a1:78:ee:b6:bf:dd:c4:b5:3c:4b:b7:31:f0:ac:
2e:46:e0:84:a0:3a:90:b4:18:55:56:09:b5:c4:19:
67:d9:07:b8:8d:68:d1:74:cb:62:fa:a1:5a:3d:82:
aa:fd:26:80:13:fd:51:32:df:02:63:67:e4:6e:4b:
50:02:d9:54:7b:0a:50:60:2a:23:f4:0f:80:ff:14:
1f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:80:F5:1A:D1:D6:C7:1E:17:AD:E5:46:4C:A0:9B:08:FD:B4:DF:86
X509v3 Authority Key Identifier:
keyid:06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/BgwAvxelX9uFyvRXi-gzBW4Ci0M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/OID1GtHWxx4XreVGTKCbCP2034Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
59.83.132.0/22
114.66.140.0-114.66.147.255
114.66.156.0/22
114.66.168.0/22
114.66.176.0/22
114.66.192.0/22
114.66.208.0/21
114.66.224.0/21
Signature Algorithm: sha256WithRSAEncryption
46:a1:c6:68:75:cf:8c:9a:2b:b5:9f:c7:e9:de:34:b7:47:08:
51:a2:a0:12:53:34:22:a0:8e:f7:57:a8:10:b2:af:54:86:86:
b3:7d:07:3b:af:63:99:e7:b3:9a:01:45:78:bb:4a:2f:77:10:
54:f5:d8:83:05:46:74:61:0f:5d:12:5f:67:e5:fd:f0:06:72:
51:5e:28:42:fb:9f:05:ec:b2:fc:a1:f8:c9:6c:21:19:86:03:
0d:a0:8a:08:f4:86:db:6a:b6:d8:55:de:68:94:6c:40:44:bc:
9b:ff:b5:02:0e:5b:52:04:52:45:9a:88:ec:ed:15:28:6e:4e:
eb:b0:4a:54:4d:2a:90:99:d4:e7:e2:5a:79:54:54:43:bd:56:
73:9f:68:1d:15:56:df:e2:ae:0f:85:b3:6a:7d:78:2f:db:95:
a3:b6:3d:ea:18:c3:f5:15:3f:bc:ae:74:8d:ac:d7:bc:17:ab:
5a:32:a1:35:aa:60:eb:6c:35:69:41:27:65:f3:2e:86:e7:cb:
0c:68:7c:3b:c8:a6:eb:ef:18:45:71:0a:17:2c:ac:13:7c:f4:
a0:ea:d3:1b:71:ad:9e:4c:e0:0b:29:40:e3:3a:da:2c:79:cc:
8a:60:63:f0:3a:44:7c:93:af:d1:a0:2f:52:cd:57:82:cb:1c:
74:f0:4e:6d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgICAWYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDYw
QzAwQkYxN0E1NUZEQjg1Q0FGNDU3OEJFODMzMDU2RTAyOEI0MzAeFw0yMjA4MDIw
MzIyMDdaFw0yMzA3MTkwMTIwMDNaMDMxMTAvBgNVBAMTKDM4ODBGNTFBRDFENkM3
MUUxN0FERTU0NjRDQTA5QjA4RkRCNERGODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDj9xZGhh2NLdDIEElW0OhlVIY7Y0sWiofz10zZNb4CoSfOaShs
NFy9JPFmZfDvAiYC6ZWFn64O7u9AIyQmJI+W4NGBQM1DFGkLAEOR8P5KqK6SIpAN
bK+qHl3/gZ5QOQLojpIyIu2fQ9ImkjghPevzEBlvjpJu7H4dc1gRSIyLb1cxu/+e
vX9B0XwgzmmlaJ9lHqC5pXr6IBTCSjX+4gDi2X5rqqC6qFnyE2A8M+DxcEMW76Gh
eO62v93EtTxLtzHwrC5G4ISgOpC0GFVWCbXEGWfZB7iNaNF0y2L6oVo9gqr9JoAT
/VEy3wJjZ+RuS1AC2VR7ClBgKiP0D4D/FB8rAgMBAAGjggIlMIICITAdBgNVHQ4E
FgQUOID1GtHWxx4XreVGTKCbCP2034YwHwYDVR0jBBgwFoAUBgwAvxelX9uFyvRX
i+gzBW4Ci0MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMw
OS9CZ3dBdnhlbFg5dUZ5dlJYaS1nekJXNENpME0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0Jnd0F2eGVsWDl1Rnl2UlhpLWd6Qlc0Q2kwTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMDkvT0lEMUd0SFd4eDRY
cmVWR1RLQ2JDUDIwMzRZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDBRBggrBgEFBQcBBwEB/wRCMEAwPgQCAAEw
OAMEAjtThDAMAwQCckKMAwQCckKQAwQCckKcAwQCckKoAwQCckKwAwQCckLAAwQD
ckLQAwQDckLgMA0GCSqGSIb3DQEBCwUAA4IBAQBGocZodc+Mmiu1n8fp3jS3RwhR
oqASUzQioI73V6gQsq9UhoazfQc7r2OZ57OaAUV4u0ovdxBU9diDBUZ0YQ9dEl9n
5f3wBnJRXihC+58F7LL8ofjJbCEZhgMNoIoI9IbbarbYVd5olGxARLyb/7UCDltS
BFJFmojs7RUobk7rsEpUTSqQmdTn4lp5VFRDvVZzn2gdFVbf4q4PhbNqfXgv25Wj
tj3qGMP1FT+8rnSNrNe8F6taMqE1qmDrbDVpQSdl8y6G58sMaHw7yKbr7xhFcQoX
LKwTfPSg6tMbca2eTOALKUDjOtosecyKYGPwOkR8k6/RoC9SzVeCyxx08E5t
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:24 2024 by rpki-client on console-ams.rpki-client.org