Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2309/YhvHIa5Ygyq1hD4_s-3yl3C8Lwk.roa
File: YhvHIa5Ygyq1hD4_s-3yl3C8Lwk.roa (raw, json)
Hash identifier: MqoMpo75XDXP6bTCkJVvKHH1Qk7QhIYwE/fxMikgJ1c=
Subject key identifier: 62:1B:C7:21:AE:58:83:2A:B5:84:3E:3F:B3:ED:F2:97:70:BC:2F:09
Certificate issuer: /CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Certificate serial: 06AC
Authority key identifier: 06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/YhvHIa5Ygyq1hD4_s-3yl3C8Lwk.roa
Signing time: Wed 19 Apr 2023 02:27:19 +0000
ROA not before: Wed 19 Apr 2023 02:27:19 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 34549
IP address blocks: 59.83.136.0/21 maxlen: 24
59.83.240.0/21 maxlen: 24
114.66.212.0/22 maxlen: 24
218.98.80.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1708 (0x6ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Validity
Not Before: Apr 19 02:27:19 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=621BC721AE58832AB5843E3FB3EDF29770BC2F09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e1:7a:0f:cd:ec:96:0a:85:e1:c7:2b:c6:ab:
ff:fa:1c:d2:8f:9c:2d:15:44:4b:5f:37:e2:af:21:
f3:1b:49:68:47:dd:b1:6a:a0:d0:1d:b1:ae:c2:f7:
62:c1:43:de:52:0f:b3:c1:3d:53:bc:2b:1a:20:4d:
b7:0b:9f:04:50:ac:12:0b:62:29:35:82:fc:93:79:
8d:f0:52:2a:7f:bf:e9:50:75:71:27:2b:d4:0d:be:
f9:d8:ae:27:ad:cf:ff:a7:eb:9d:ee:7b:60:bb:a1:
40:0a:73:36:94:70:15:77:96:79:50:25:64:be:30:
70:b6:48:9d:6c:9d:56:49:19:46:00:fe:7c:36:cf:
1d:af:46:0a:c8:ad:ef:79:6f:09:ee:7a:ba:f6:78:
b4:f0:60:bb:a8:10:3f:f4:86:58:01:95:4e:5c:10:
d0:b1:40:7b:a7:8d:ba:41:6e:af:a7:fc:08:08:57:
9d:56:1c:59:5c:2f:15:78:45:b9:e2:02:28:1c:bb:
7f:7f:44:0d:dd:00:cc:ba:0d:89:ab:97:43:38:5d:
66:8b:21:a1:5d:73:b5:1b:ad:73:ba:c5:e3:86:71:
39:95:ed:36:76:56:0d:e6:a4:2c:25:cc:b0:33:b5:
7a:1a:21:86:bf:02:1a:d9:99:e3:e2:e1:18:dd:3d:
aa:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:1B:C7:21:AE:58:83:2A:B5:84:3E:3F:B3:ED:F2:97:70:BC:2F:09
X509v3 Authority Key Identifier:
keyid:06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/BgwAvxelX9uFyvRXi-gzBW4Ci0M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/YhvHIa5Ygyq1hD4_s-3yl3C8Lwk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
59.83.136.0/21
59.83.240.0/21
114.66.212.0/22
218.98.80.0/22
Signature Algorithm: sha256WithRSAEncryption
55:f2:d5:ab:36:2c:8d:64:97:48:b8:71:ed:b2:95:fa:66:d2:
30:f0:13:58:c6:cb:fc:3a:82:56:f2:c4:97:ea:90:1c:42:89:
5f:8a:3c:87:9f:f5:b8:9a:5b:2e:62:96:a0:f8:8a:4d:0a:3c:
1b:3d:c0:5e:c0:db:17:be:37:f5:de:a8:9f:a2:66:2b:3b:ae:
c7:9b:19:e1:22:c4:60:06:da:53:03:84:3c:2a:d5:2e:39:de:
a3:c6:70:a4:fa:75:86:26:3f:68:51:ce:c9:84:75:f5:07:ed:
83:5d:25:2b:f5:d1:f6:b7:4b:ec:f5:2c:cb:b3:08:8c:37:f9:
d2:40:d6:02:35:cc:73:69:ff:f7:97:b2:65:db:9f:0b:47:f2:
e1:c8:85:e3:eb:21:74:36:36:bd:6d:05:f7:5c:75:e5:d6:9d:
e7:22:95:dd:f7:15:a3:e1:83:0b:7a:e1:29:c2:73:54:6d:48:
ed:02:eb:f3:fb:05:27:e2:9e:68:35:ff:26:fd:50:7f:99:ce:
0d:97:13:06:a8:0c:f6:79:2e:65:2b:54:db:42:d0:7c:a2:37:
b0:4f:e7:16:23:24:76:dc:33:2a:0e:94:57:c0:0e:e1:32:f8:
6a:f2:49:fb:a4:0a:e7:be:9b:e9:e7:13:30:9a:36:f8:0f:54:
69:7d:f6:8e
-----BEGIN CERTIFICATE-----
MIIE6TCCA9GgAwIBAgICBqwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDYw
QzAwQkYxN0E1NUZEQjg1Q0FGNDU3OEJFODMzMDU2RTAyOEI0MzAeFw0yMzA0MTkw
MjI3MTlaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDYyMUJDNzIxQUU1ODgz
MkFCNTg0M0UzRkIzRURGMjk3NzBCQzJGMDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCx4XoPzeyWCoXhxyvGq//6HNKPnC0VREtfN+KvIfMbSWhH3bFq
oNAdsa7C92LBQ95SD7PBPVO8KxogTbcLnwRQrBILYik1gvyTeY3wUip/v+lQdXEn
K9QNvvnYrietz/+n653ue2C7oUAKczaUcBV3lnlQJWS+MHC2SJ1snVZJGUYA/nw2
zx2vRgrIre95bwnuerr2eLTwYLuoED/0hlgBlU5cENCxQHunjbpBbq+n/AgIV51W
HFlcLxV4RbniAigcu39/RA3dAMy6DYmrl0M4XWaLIaFdc7UbrXO6xeOGcTmV7TZ2
Vg3mpCwlzLAztXoaIYa/AhrZmePi4RjdPap/AgMBAAGjggIFMIICATAdBgNVHQ4E
FgQUYhvHIa5Ygyq1hD4/s+3yl3C8LwkwHwYDVR0jBBgwFoAUBgwAvxelX9uFyvRX
i+gzBW4Ci0MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMw
OS9CZ3dBdnhlbFg5dUZ5dlJYaS1nekJXNENpME0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0Jnd0F2eGVsWDl1Rnl2UlhpLWd6Qlc0Q2kwTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMDkvWWh2SElhNVlneXEx
aEQ0X3MtM3lsM0M4THdrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEw
GAMEAztTiAMEAztT8AMEAnJC1AMEAtpiUDANBgkqhkiG9w0BAQsFAAOCAQEAVfLV
qzYsjWSXSLhx7bKV+mbSMPATWMbL/DqCVvLEl+qQHEKJX4o8h5/1uJpbLmKWoPiK
TQo8Gz3AXsDbF7439d6on6JmKzuux5sZ4SLEYAbaUwOEPCrVLjneo8ZwpPp1hiY/
aFHOyYR19Qftg10lK/XR9rdL7PUsy7MIjDf50kDWAjXMc2n/95eyZdufC0fy4ciF
4+shdDY2vW0F91x15dad5yKV3fcVo+GDC3rhKcJzVG1I7QLr8/sFJ+KeaDX/Jv1Q
f5nODZcTBqgM9nkuZStU20LQfKI3sE/nFiMkdtwzKg6UV8AO4TL4avJJ+6QK576b
6ecTMJo2+A9UaX32jg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:24 2024 by rpki-client on console-ams.rpki-client.org