Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2309/mLQufCieSvca7RLjHXNH9qsF_ew.roa
File: mLQufCieSvca7RLjHXNH9qsF_ew.roa (raw, json)
Hash identifier: z8WQBVXzp9MKJ3ShWP+l2r3JBJ5TYz7XPycBkiUuxUI=
Subject key identifier: 98:B4:2E:7C:28:9E:4A:F7:1A:ED:12:E3:1D:73:47:F6:AB:05:FD:EC
Certificate issuer: /CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Certificate serial: 0DAC
Authority key identifier: 06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/mLQufCieSvca7RLjHXNH9qsF_ew.roa
Signing time: Wed 10 Apr 2024 03:21:53 +0000
ROA not before: Wed 10 Apr 2024 03:21:53 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 34549
IP address blocks: 59.83.136.0/21 maxlen: 24
59.83.240.0/21 maxlen: 24
114.66.149.0/24 maxlen: 24
114.66.169.0/24 maxlen: 24
114.66.172.0/24 maxlen: 24
114.66.181.0/24 maxlen: 24
114.66.183.0/24 maxlen: 24
114.66.212.0/22 maxlen: 24
114.66.212.0/24 maxlen: 24
114.66.214.0/24 maxlen: 24
218.98.80.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3500 (0xdac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Validity
Not Before: Apr 10 03:21:53 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=98B42E7C289E4AF71AED12E31D7347F6AB05FDEC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:8d:01:aa:fb:be:d2:36:b1:92:bc:0e:5d:83:
8c:34:e8:04:be:a5:f7:95:64:05:bb:4d:8a:c1:54:
2c:d0:88:4c:d0:68:d0:c2:cc:c8:21:46:22:75:c6:
9b:2f:11:b4:f0:cf:df:c8:1d:86:9e:5e:4f:96:a6:
9c:03:a9:03:ee:c8:dc:93:b6:bf:42:20:df:3b:1d:
8d:ba:f6:0c:25:d2:49:5d:d5:8d:24:37:22:71:e2:
ae:7d:f1:70:74:be:2c:d2:f6:5a:d8:fc:21:2d:d3:
b3:27:98:86:b3:80:16:95:9b:04:d1:5e:d1:a8:49:
b3:35:49:c5:98:e6:3b:ff:10:ea:ce:20:0d:40:04:
11:5a:65:80:83:0c:63:94:f7:82:57:47:06:25:b4:
f3:fb:63:7b:f3:b5:0b:af:cb:22:8e:1a:83:4c:08:
8f:1c:07:d1:46:6c:21:67:d5:39:77:9b:b2:3c:12:
37:34:39:38:af:0c:70:a4:e9:7d:b5:86:86:61:3d:
59:38:c2:80:58:95:4c:e5:21:20:71:4b:6c:c9:c0:
59:f7:61:b8:4f:ff:2d:a4:0d:a7:28:73:b5:7a:90:
70:7d:a4:89:d1:f5:1f:d1:e2:f5:73:a1:68:ff:f8:
fc:9b:1b:c7:ec:dd:dd:e3:c8:f2:1c:f8:18:84:58:
ef:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:B4:2E:7C:28:9E:4A:F7:1A:ED:12:E3:1D:73:47:F6:AB:05:FD:EC
X509v3 Authority Key Identifier:
keyid:06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/BgwAvxelX9uFyvRXi-gzBW4Ci0M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/mLQufCieSvca7RLjHXNH9qsF_ew.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
59.83.136.0/21
59.83.240.0/21
114.66.149.0/24
114.66.169.0/24
114.66.172.0/24
114.66.181.0/24
114.66.183.0/24
114.66.212.0/22
218.98.80.0/22
Signature Algorithm: sha256WithRSAEncryption
10:dc:90:45:e8:94:28:8b:0d:00:84:b5:db:c2:5a:8a:ed:86:
87:96:89:7c:d1:8c:03:af:57:6d:1c:43:55:d8:a5:b9:88:96:
b1:de:33:50:33:cc:28:a2:29:52:45:da:ab:ac:64:a6:a3:5e:
ef:87:9e:74:9f:70:54:a3:99:da:94:a4:f3:ee:b5:ae:16:74:
0a:30:5e:17:a1:13:de:bf:84:cb:01:25:85:46:c9:13:36:64:
56:0e:9f:17:95:08:05:6f:a0:a6:df:a1:fb:1e:75:fa:49:68:
a6:08:9d:74:ae:50:9b:59:de:28:2a:e5:b8:54:74:e4:ed:ac:
47:40:89:48:e0:c5:1c:fa:e7:5c:1a:53:f9:2b:9c:2e:d9:cb:
49:bf:f3:4c:cc:d0:0c:40:29:a2:c4:db:c5:a5:58:83:f7:fa:
04:24:a0:d2:d6:22:f2:bd:05:30:fe:9c:b4:fd:bf:bb:10:de:
88:7a:f0:80:b3:e6:70:7c:fc:3a:6d:4d:22:4a:04:ba:d6:f3:
36:47:bd:81:50:dc:84:a8:bd:2e:8d:66:96:83:e9:5b:df:b3:
30:b9:7a:f0:60:46:8a:c8:75:44:1b:78:e9:da:cb:65:80:3e:
18:c9:2b:03:32:1d:31:35:d3:9a:d6:c7:d9:ff:ec:a3:f4:fc:
9f:89:c2:f6
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgICDawwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDYw
QzAwQkYxN0E1NUZEQjg1Q0FGNDU3OEJFODMzMDU2RTAyOEI0MzAeFw0yNDA0MTAw
MzIxNTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk4QjQyRTdDMjg5RTRB
RjcxQUVEMTJFMzFENzM0N0Y2QUIwNUZERUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqjQGq+77SNrGSvA5dg4w06AS+pfeVZAW7TYrBVCzQiEzQaNDC
zMghRiJ1xpsvEbTwz9/IHYaeXk+WppwDqQPuyNyTtr9CIN87HY269gwl0kld1Y0k
NyJx4q598XB0vizS9lrY/CEt07MnmIazgBaVmwTRXtGoSbM1ScWY5jv/EOrOIA1A
BBFaZYCDDGOU94JXRwYltPP7Y3vztQuvyyKOGoNMCI8cB9FGbCFn1Tl3m7I8Ejc0
OTivDHCk6X21hoZhPVk4woBYlUzlISBxS2zJwFn3YbhP/y2kDacoc7V6kHB9pInR
9R/R4vVzoWj/+PybG8fs3d3jyPIc+BiEWO/ZAgMBAAGjggIjMIICHzAdBgNVHQ4E
FgQUmLQufCieSvca7RLjHXNH9qsF/ewwHwYDVR0jBBgwFoAUBgwAvxelX9uFyvRX
i+gzBW4Ci0MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMw
OS9CZ3dBdnhlbFg5dUZ5dlJYaS1nekJXNENpME0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0Jnd0F2eGVsWDl1Rnl2UlhpLWd6Qlc0Q2kwTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMDkvbUxRdWZDaWVTdmNh
N1JMakhYTkg5cXNGX2V3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDBPBggrBgEFBQcBBwEB/wRAMD4wPAQCAAEw
NgMEAztTiAMEAztT8AMEAHJClQMEAHJCqQMEAHJCrAMEAHJCtQMEAHJCtwMEAnJC
1AMEAtpiUDANBgkqhkiG9w0BAQsFAAOCAQEAENyQReiUKIsNAIS128Jaiu2Gh5aJ
fNGMA69XbRxDVdiluYiWsd4zUDPMKKIpUkXaq6xkpqNe74eedJ9wVKOZ2pSk8+61
rhZ0CjBeF6ET3r+EywElhUbJEzZkVg6fF5UIBW+gpt+h+x51+klopgiddK5Qm1ne
KCrluFR05O2sR0CJSODFHPrnXBpT+SucLtnLSb/zTMzQDEAposTbxaVYg/f6BCSg
0tYi8r0FMP6ctP2/uxDeiHrwgLPmcHz8Om1NIkoEutbzNke9gVDchKi9Lo1mloPp
W9+zMLl68GBGish1RBt46drLZYA+GMkrAzIdMTXTmtbH2f/so/T8n4nC9g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:58 2024 by rpki-client on console-fra.rpki-client.org