Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2309/aKqK0jHzIxOU9vkQSzvjN0-yMyQ.roa
File: aKqK0jHzIxOU9vkQSzvjN0-yMyQ.roa (raw, json)
Hash identifier: j4G0wsbxllnKuP+qcqvK4hDDZm/MWWnPP7lwRBNFOvQ=
Subject key identifier: 68:AA:8A:D2:31:F3:23:13:94:F6:F9:10:4B:3B:E3:37:4F:B2:33:24
Certificate issuer: /CN=981B38009AA03BEB91271B999DD751BEC8520FE3
Certificate serial: 09AB
Authority key identifier: 98:1B:38:00:9A:A0:3B:EB:91:27:1B:99:9D:D7:51:BE:C8:52:0F:E3
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mBs4AJqgO-uRJxuZnddRvshSD-M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/aKqK0jHzIxOU9vkQSzvjN0-yMyQ.roa
Signing time: Wed 11 May 2022 02:22:07 +0000
ROA not before: Wed 11 May 2022 02:22:07 +0000
ROA not after: Fri 27 May 2022 04:59:52 +0000
asID: 34549
IP address blocks: 114.66.128.0/20 maxlen: 24
114.66.144.0/22 maxlen: 24
114.66.152.0/22 maxlen: 24
114.66.156.0/22 maxlen: 24
114.66.160.0/20 maxlen: 24
114.66.176.0/22 maxlen: 24
114.66.180.0/22 maxlen: 24
114.66.184.0/22 maxlen: 24
114.66.188.0/22 maxlen: 24
114.66.224.0/22 maxlen: 24
114.66.228.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2475 (0x9ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=981B38009AA03BEB91271B999DD751BEC8520FE3
Validity
Not Before: May 11 02:22:07 2022 GMT
Not After : May 27 04:59:52 2022 GMT
Subject: CN=68AA8AD231F3231394F6F9104B3BE3374FB23324
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:72:af:6b:37:43:2b:6d:da:79:55:51:62:9a:
9c:44:e7:82:2c:51:32:fa:7a:72:7b:aa:83:aa:e2:
4c:2b:bb:20:6c:c4:98:a1:93:5a:56:94:1c:8a:f0:
c1:0c:1b:f2:da:7d:7f:cb:24:67:15:54:5a:d2:09:
4c:84:c7:20:9f:4e:1d:9f:f7:41:1d:f5:74:9f:af:
2b:f5:8d:4c:3b:50:32:9b:de:ed:d6:02:58:82:c9:
ba:e8:e9:54:34:23:66:dd:e9:90:30:ca:cc:f3:a7:
92:65:98:9f:24:3a:49:fc:cc:cc:9b:3b:97:8c:27:
f9:ac:f4:db:5a:aa:d8:b4:58:35:75:d8:85:20:02:
2c:f7:da:cc:42:01:03:b6:38:98:d8:80:47:a2:e1:
bb:b4:72:b6:7a:46:f1:05:55:f6:bc:e5:83:c1:a7:
93:00:ce:6d:65:c4:e5:57:70:8e:99:4c:0a:90:30:
f7:35:5b:6b:92:e0:2b:2e:ac:24:49:21:2c:90:9a:
53:f2:53:84:59:ea:29:21:72:ab:99:3f:c6:73:d1:
28:ec:d1:6d:dd:d9:6a:12:a8:28:e9:59:a9:17:92:
8b:91:7e:f5:14:4b:b7:58:79:65:9e:cf:e5:35:45:
4d:fc:7a:d8:61:17:0c:b7:b0:94:4d:fc:79:62:2e:
29:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:AA:8A:D2:31:F3:23:13:94:F6:F9:10:4B:3B:E3:37:4F:B2:33:24
X509v3 Authority Key Identifier:
keyid:98:1B:38:00:9A:A0:3B:EB:91:27:1B:99:9D:D7:51:BE:C8:52:0F:E3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/mBs4AJqgO-uRJxuZnddRvshSD-M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mBs4AJqgO-uRJxuZnddRvshSD-M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/aKqK0jHzIxOU9vkQSzvjN0-yMyQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
114.66.128.0-114.66.147.255
114.66.152.0-114.66.191.255
114.66.224.0/21
Signature Algorithm: sha256WithRSAEncryption
6e:6a:93:19:59:96:8b:f6:34:2a:61:0b:84:7d:bb:74:09:59:
ab:73:6d:a8:1c:49:ff:df:d2:af:57:cf:af:28:30:8f:17:bd:
33:e5:17:72:b6:b1:c6:44:ac:13:69:3d:c6:ee:d7:e0:30:79:
84:4a:bd:47:50:c1:f7:f3:2f:76:d4:d0:2b:55:3d:bd:3f:2c:
b5:f9:89:5e:c1:aa:46:ee:07:18:9b:e2:6f:db:6a:b8:11:02:
19:21:42:1b:62:9f:11:7a:05:7e:8a:d5:cc:5e:50:25:0b:76:
c2:48:ce:5c:9a:22:5d:4d:f4:bb:48:b7:2b:f5:82:eb:b0:91:
5b:9a:bf:fc:4e:83:c1:1e:f7:50:6a:a9:6f:c0:49:42:99:75:
a6:8f:4a:ad:41:0d:ab:4b:56:73:34:f0:25:10:81:02:73:a0:
a5:8b:6f:ed:9f:fc:48:5d:1a:0d:6b:e0:25:61:85:81:7c:7f:
ee:9d:bd:0d:7b:8b:c3:b4:ea:49:31:9b:1f:f1:08:af:fd:7d:
db:cb:e9:90:a4:2e:c6:02:e8:c7:76:d3:3f:d0:a0:63:65:71:
71:d5:55:66:3a:e7:c0:13:f1:8b:74:b5:71:a7:8f:e8:0c:2a:
d4:8e:57:54:5c:43:0d:3f:52:d1:3a:d6:26:92:3d:7a:6b:98:
21:e8:cc:a8
-----BEGIN CERTIFICATE-----
MIIE8zCCA9ugAwIBAgICCaswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTgx
QjM4MDA5QUEwM0JFQjkxMjcxQjk5OURENzUxQkVDODUyMEZFMzAeFw0yMjA1MTEw
MjIyMDdaFw0yMjA1MjcwNDU5NTJaMDMxMTAvBgNVBAMTKDY4QUE4QUQyMzFGMzIz
MTM5NEY2RjkxMDRCM0JFMzM3NEZCMjMzMjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkcq9rN0Mrbdp5VVFimpxE54IsUTL6enJ7qoOq4kwruyBsxJih
k1pWlByK8MEMG/LafX/LJGcVVFrSCUyExyCfTh2f90Ed9XSfryv1jUw7UDKb3u3W
AliCybro6VQ0I2bd6ZAwyszzp5JlmJ8kOkn8zMybO5eMJ/ms9Ntaqti0WDV12IUg
Aiz32sxCAQO2OJjYgEei4bu0crZ6RvEFVfa85YPBp5MAzm1lxOVXcI6ZTAqQMPc1
W2uS4CsurCRJISyQmlPyU4RZ6ikhcquZP8Zz0Sjs0W3d2WoSqCjpWakXkouRfvUU
S7dYeWWez+U1RU38ethhFwy3sJRN/HliLimxAgMBAAGjggIPMIICCzAdBgNVHQ4E
FgQUaKqK0jHzIxOU9vkQSzvjN0+yMyQwHwYDVR0jBBgwFoAUmBs4AJqgO+uRJxuZ
nddRvshSD+MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMw
OS9tQnM0QUpxZ08tdVJKeHVabmRkUnZzaFNELU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL21CczRBSnFnTy11Ukp4dVpuZGRSdnNoU0QtTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMDkvYUtxSzBqSHpJeE9V
OXZrUVN6dmpOMC15TXlRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDA7BggrBgEFBQcBBwEB/wQsMCowKAQCAAEw
IjAMAwQHckKAAwQCckKQMAwDBANyQpgDBAZyQoADBANyQuAwDQYJKoZIhvcNAQEL
BQADggEBAG5qkxlZlov2NCphC4R9u3QJWatzbagcSf/f0q9Xz68oMI8XvTPlF3K2
scZErBNpPcbu1+AweYRKvUdQwffzL3bU0CtVPb0/LLX5iV7BqkbuBxib4m/bargR
AhkhQhtinxF6BX6K1cxeUCULdsJIzlyaIl1N9LtItyv1guuwkVuav/xOg8Ee91Bq
qW/ASUKZdaaPSq1BDatLVnM08CUQgQJzoKWLb+2f/EhdGg1r4CVhhYF8f+6dvQ17
i8O06kkxmx/xCK/9fdvL6ZCkLsYC6Md20z/QoGNlcXHVVWY658AT8Yt0tXGnj+gM
KtSOV1RcQw0/UtE61iaSPXprmCHozKg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:24 2024 by rpki-client on console-ams.rpki-client.org