Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2309/gkhFRiNPkCVrJO4bGWNfTi4rczk.roa
File: gkhFRiNPkCVrJO4bGWNfTi4rczk.roa (raw, json)
Hash identifier: 2sdCU5Bi0IEAMfmnT6BiaXSybTvSqO1KKNjF2+fnIP0=
Subject key identifier: 82:48:45:46:23:4F:90:25:6B:24:EE:1B:19:63:5F:4E:2E:2B:73:39
Certificate issuer: /CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Certificate serial: 0CC0
Authority key identifier: 06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/gkhFRiNPkCVrJO4bGWNfTi4rczk.roa
Signing time: Thu 22 Feb 2024 11:28:38 +0000
ROA not before: Thu 22 Feb 2024 11:28:38 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 34549
IP address blocks: 59.83.136.0/21 maxlen: 24
59.83.240.0/21 maxlen: 24
59.83.240.0/23 maxlen: 24
114.66.149.0/24 maxlen: 24
114.66.169.0/24 maxlen: 24
114.66.172.0/24 maxlen: 24
114.66.181.0/24 maxlen: 24
114.66.183.0/24 maxlen: 24
114.66.212.0/22 maxlen: 24
114.66.212.0/24 maxlen: 24
114.66.214.0/24 maxlen: 24
218.98.80.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3264 (0xcc0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Validity
Not Before: Feb 22 11:28:38 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=82484546234F90256B24EE1B19635F4E2E2B7339
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:78:18:12:06:59:58:c7:81:48:12:1d:e7:80:
74:18:6b:81:e1:ad:b8:8d:a3:29:e8:2f:ea:a5:a2:
45:5d:c0:a4:11:c4:b7:6c:44:e4:3a:be:78:38:e8:
18:c1:6f:ee:4c:19:b1:a2:59:3a:03:69:90:7c:d0:
66:27:29:9a:2f:61:bd:bc:2d:59:5f:fa:40:f1:c9:
09:90:57:04:3a:80:6e:1d:92:84:5e:b0:e2:3a:87:
1d:b9:10:fe:c5:3d:e6:2a:80:a1:a3:71:1e:40:46:
ec:63:ae:8f:0e:28:76:fc:f4:29:13:df:6a:db:d7:
02:76:50:26:7f:6a:ef:64:60:39:a4:96:f8:9a:2c:
a6:ce:11:15:34:55:07:6c:da:03:de:15:9f:69:36:
a6:70:8f:7c:65:6b:8d:62:1f:f7:58:cb:f1:8e:e0:
ba:6f:8c:0e:d3:a9:91:72:53:96:26:25:d4:f3:ac:
a9:1c:c3:33:92:8c:17:40:c3:1f:dc:aa:eb:b9:b8:
40:f9:6c:45:5f:0c:0e:e5:c0:e7:1e:66:67:2f:85:
73:cd:2f:97:fa:18:b4:2e:09:dc:4a:cb:0d:bc:86:
d4:b5:67:be:82:62:ee:4d:56:0e:ff:d8:42:c3:08:
2e:b0:c2:b0:22:86:89:17:ea:9f:79:7d:10:cb:8d:
fd:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:48:45:46:23:4F:90:25:6B:24:EE:1B:19:63:5F:4E:2E:2B:73:39
X509v3 Authority Key Identifier:
keyid:06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/BgwAvxelX9uFyvRXi-gzBW4Ci0M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/gkhFRiNPkCVrJO4bGWNfTi4rczk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
59.83.136.0/21
59.83.240.0/21
114.66.149.0/24
114.66.169.0/24
114.66.172.0/24
114.66.181.0/24
114.66.183.0/24
114.66.212.0/22
218.98.80.0/22
Signature Algorithm: sha256WithRSAEncryption
89:d5:c7:ec:16:04:e7:9c:4b:3a:e1:a3:27:07:6c:a3:76:2b:
ab:59:d0:e7:2e:d7:e6:79:9a:a0:2e:bf:c1:0b:1e:6b:fc:96:
e1:26:a7:36:21:1d:11:04:22:b8:5a:f3:13:2b:7a:01:c9:64:
25:e6:cb:53:c9:ff:70:d2:a0:4e:d5:44:58:32:89:ac:55:55:
30:55:ac:58:54:09:b8:c7:a5:fa:04:e0:b5:75:bf:4a:48:4f:
ec:43:05:95:81:bf:8a:9c:f6:eb:b6:d7:ce:ce:c7:f0:2e:6e:
73:0e:19:56:85:8a:15:08:7f:50:b4:8e:9a:41:5c:32:1a:f1:
9f:a0:69:8a:7b:9b:d2:47:8d:85:26:0f:31:06:f9:e4:fe:1b:
d2:f3:fc:10:d9:0c:fe:7c:a5:2f:5c:3f:ab:ac:71:c9:bf:77:
f1:33:ba:76:e7:fe:21:75:b6:0b:5f:d7:20:54:81:7b:64:18:
f3:b0:bc:21:46:54:6e:9b:33:91:36:cb:ed:af:9c:41:06:ef:
f1:a4:a0:d7:b1:08:42:e0:cb:72:69:95:0d:15:2c:fa:fc:01:
2d:0b:a2:4d:59:4d:da:bf:76:a6:ad:f4:27:ea:93:17:40:e2:
ea:17:e1:57:18:bf:ea:a0:a9:f9:db:f3:52:df:95:d9:d4:cd:
cd:26:47:d3
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgICDMAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDYw
QzAwQkYxN0E1NUZEQjg1Q0FGNDU3OEJFODMzMDU2RTAyOEI0MzAeFw0yNDAyMjIx
MTI4MzhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDgyNDg0NTQ2MjM0Rjkw
MjU2QjI0RUUxQjE5NjM1RjRFMkUyQjczMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCeBgSBllYx4FIEh3ngHQYa4HhrbiNoynoL+qlokVdwKQRxLds
ROQ6vng46BjBb+5MGbGiWToDaZB80GYnKZovYb28LVlf+kDxyQmQVwQ6gG4dkoRe
sOI6hx25EP7FPeYqgKGjcR5ARuxjro8OKHb89CkT32rb1wJ2UCZ/au9kYDmklvia
LKbOERU0VQds2gPeFZ9pNqZwj3xla41iH/dYy/GO4LpvjA7TqZFyU5YmJdTzrKkc
wzOSjBdAwx/cquu5uED5bEVfDA7lwOceZmcvhXPNL5f6GLQuCdxKyw28htS1Z76C
Yu5NVg7/2ELDCC6wwrAihokX6p95fRDLjf1ZAgMBAAGjggIjMIICHzAdBgNVHQ4E
FgQUgkhFRiNPkCVrJO4bGWNfTi4rczkwHwYDVR0jBBgwFoAUBgwAvxelX9uFyvRX
i+gzBW4Ci0MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMw
OS9CZ3dBdnhlbFg5dUZ5dlJYaS1nekJXNENpME0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0Jnd0F2eGVsWDl1Rnl2UlhpLWd6Qlc0Q2kwTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMDkvZ2toRlJpTlBrQ1Zy
Sk80YkdXTmZUaTRyY3prLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDBPBggrBgEFBQcBBwEB/wRAMD4wPAQCAAEw
NgMEAztTiAMEAztT8AMEAHJClQMEAHJCqQMEAHJCrAMEAHJCtQMEAHJCtwMEAnJC
1AMEAtpiUDANBgkqhkiG9w0BAQsFAAOCAQEAidXH7BYE55xLOuGjJwdso3Yrq1nQ
5y7X5nmaoC6/wQsea/yW4SanNiEdEQQiuFrzEyt6AclkJebLU8n/cNKgTtVEWDKJ
rFVVMFWsWFQJuMel+gTgtXW/SkhP7EMFlYG/ipz267bXzs7H8C5ucw4ZVoWKFQh/
ULSOmkFcMhrxn6Bpinub0keNhSYPMQb55P4b0vP8ENkM/nylL1w/q6xxyb938TO6
duf+IXW2C1/XIFSBe2QY87C8IUZUbpszkTbL7a+cQQbv8aSg17EIQuDLcmmVDRUs
+vwBLQuiTVlN2r92pq30J+qTF0Di6hfhVxi/6qCp+dvzUt+V2dTNzSZH0w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:24 2024 by rpki-client on console-ams.rpki-client.org