Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2309/X1IsTJoKScVaMeePUVhMRHJFkbw.roa
File: X1IsTJoKScVaMeePUVhMRHJFkbw.roa (raw, json)
Hash identifier: MpBU2daQOMvjyU0idlt1kY1nxrYV78TrTvTutPBOs0Y=
Subject key identifier: 5F:52:2C:4C:9A:0A:49:C5:5A:31:E7:8F:51:58:4C:44:72:45:91:BC
Certificate issuer: /CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Certificate serial: 078A
Authority key identifier: 06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/X1IsTJoKScVaMeePUVhMRHJFkbw.roa
Signing time: Fri 02 Jun 2023 01:56:36 +0000
ROA not before: Fri 02 Jun 2023 01:56:36 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 34549
IP address blocks: 59.83.136.0/21 maxlen: 24
59.83.240.0/21 maxlen: 24
114.66.144.0/22 maxlen: 24
114.66.168.0/22 maxlen: 24
114.66.180.0/22 maxlen: 24
114.66.184.0/22 maxlen: 24
114.66.212.0/22 maxlen: 24
114.66.216.0/22 maxlen: 24
218.98.80.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1930 (0x78a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Validity
Not Before: Jun 2 01:56:36 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=5F522C4C9A0A49C55A31E78F51584C44724591BC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:be:ad:44:22:6c:8b:14:14:31:c5:d1:79:1d:
d7:53:e3:63:b0:b0:65:1c:0f:ec:5b:dc:f8:9d:6c:
88:81:da:ce:c1:ca:ba:0e:fc:34:da:48:f8:2a:29:
db:96:cd:00:bb:06:bc:0b:0b:8a:d7:92:5d:7a:0a:
5e:b6:bb:66:a9:19:d5:75:1e:2c:f2:b7:db:d8:c7:
a5:c8:2c:91:bf:ef:6d:48:36:ba:17:f4:7e:b3:91:
65:07:b3:cd:8c:17:4b:23:a1:8c:95:52:9f:28:74:
4c:d8:ef:04:6f:c5:66:8f:a0:8c:d8:18:f3:ff:75:
9c:ce:20:6b:f9:ad:6f:4f:45:79:ab:c4:07:d6:a3:
a9:67:dc:d7:59:c2:2c:40:7b:17:ee:09:65:77:df:
26:d3:9a:78:41:86:63:ff:db:fe:1f:d3:99:86:7a:
5a:9f:ea:e0:ff:02:d2:bf:e0:8e:be:49:62:f1:dc:
1b:69:8c:e8:e8:87:04:13:c2:05:cb:44:1d:3a:9c:
8e:53:88:20:2d:ef:cb:8e:a4:e9:6b:66:00:4c:dc:
c9:8f:34:4c:d7:04:9e:b5:1c:c9:e0:bc:9a:50:e2:
1b:67:f1:1c:e5:36:74:e1:09:9c:db:13:2d:f3:8b:
4f:4c:b1:5d:7b:ef:5a:0f:1b:e7:c0:f4:90:32:dd:
7d:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:52:2C:4C:9A:0A:49:C5:5A:31:E7:8F:51:58:4C:44:72:45:91:BC
X509v3 Authority Key Identifier:
keyid:06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/BgwAvxelX9uFyvRXi-gzBW4Ci0M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/X1IsTJoKScVaMeePUVhMRHJFkbw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
59.83.136.0/21
59.83.240.0/21
114.66.144.0/22
114.66.168.0/22
114.66.180.0-114.66.187.255
114.66.212.0-114.66.219.255
218.98.80.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:52:97:95:f2:8d:3f:4c:c8:b1:6f:0f:86:8f:c1:cf:4e:af:
af:30:bb:05:5c:17:3a:50:e2:7d:92:e5:40:b4:f4:60:63:a2:
a6:c8:a2:bb:6d:f9:9e:b4:59:ac:24:9a:86:d3:2d:b5:57:99:
21:52:37:c8:0e:95:5f:0b:53:cc:50:45:ea:e9:8b:41:1c:95:
b0:71:08:b4:bb:6b:5d:a0:59:eb:21:9b:41:ad:09:e6:81:02:
0e:07:56:8d:20:04:7b:0d:7c:80:ea:8e:1d:85:26:7a:12:df:
d8:fe:6e:98:14:93:88:dd:40:75:1d:b3:22:6b:ec:e3:6e:8d:
9d:e7:e9:3d:de:34:91:12:7b:98:eb:da:bd:5f:53:f6:df:40:
8f:d5:60:c2:f7:5a:d4:3a:ab:f9:e7:2c:27:2a:09:23:5c:56:
f8:db:ea:e7:07:e2:f1:39:eb:40:0b:68:81:9d:f6:f0:56:c8:
88:af:6e:41:58:2f:2f:63:bf:1e:8f:fa:8c:f1:a9:37:8e:99:
a3:8d:fa:8c:1c:9a:e0:76:10:6e:b7:d1:63:96:ab:06:4d:20:
74:5b:2e:52:32:e0:5b:67:1c:e5:29:e2:96:87:83:eb:42:eb:
cd:6a:d3:10:68:b4:d6:7f:3b:15:96:a5:68:cb:2e:dd:4f:34:
09:22:23:49
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgICB4owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDYw
QzAwQkYxN0E1NUZEQjg1Q0FGNDU3OEJFODMzMDU2RTAyOEI0MzAeFw0yMzA2MDIw
MTU2MzZaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDVGNTIyQzRDOUEwQTQ5
QzU1QTMxRTc4RjUxNTg0QzQ0NzI0NTkxQkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD4vq1EImyLFBQxxdF5HddT42OwsGUcD+xb3PidbIiB2s7ByroO
/DTaSPgqKduWzQC7BrwLC4rXkl16Cl62u2apGdV1Hizyt9vYx6XILJG/721INroX
9H6zkWUHs82MF0sjoYyVUp8odEzY7wRvxWaPoIzYGPP/dZzOIGv5rW9PRXmrxAfW
o6ln3NdZwixAexfuCWV33ybTmnhBhmP/2/4f05mGelqf6uD/AtK/4I6+SWLx3Btp
jOjohwQTwgXLRB06nI5TiCAt78uOpOlrZgBM3MmPNEzXBJ61HMngvJpQ4htn8Rzl
NnThCZzbEy3zi09MsV1771oPG+fA9JAy3X2NAgMBAAGjggInMIICIzAdBgNVHQ4E
FgQUX1IsTJoKScVaMeePUVhMRHJFkbwwHwYDVR0jBBgwFoAUBgwAvxelX9uFyvRX
i+gzBW4Ci0MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMw
OS9CZ3dBdnhlbFg5dUZ5dlJYaS1nekJXNENpME0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0Jnd0F2eGVsWDl1Rnl2UlhpLWd6Qlc0Q2kwTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMDkvWDFJc1RKb0tTY1Zh
TWVlUFVWaE1SSEpGa2J3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDBTBggrBgEFBQcBBwEB/wREMEIwQAQCAAEw
OgMEAztTiAMEAztT8AMEAnJCkAMEAnJCqDAMAwQCckK0AwQCckK4MAwDBAJyQtQD
BAJyQtgDBALaYlAwDQYJKoZIhvcNAQELBQADggEBAH1Sl5XyjT9MyLFvD4aPwc9O
r68wuwVcFzpQ4n2S5UC09GBjoqbIortt+Z60WawkmobTLbVXmSFSN8gOlV8LU8xQ
Rerpi0EclbBxCLS7a12gWeshm0GtCeaBAg4HVo0gBHsNfIDqjh2FJnoS39j+bpgU
k4jdQHUdsyJr7ONujZ3n6T3eNJESe5jr2r1fU/bfQI/VYML3WtQ6q/nnLCcqCSNc
Vvjb6ucH4vE560ALaIGd9vBWyIivbkFYLy9jvx6P+ozxqTeOmaON+owcmuB2EG63
0WOWqwZNIHRbLlIy4FtnHOUp4paHg+tC681q0xBotNZ/OxWWpWjLLt1PNAkiI0k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:58 2024 by rpki-client on console-fra.rpki-client.org