Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2309/pQToXpifAW070fZCd-4Dh-nFmsE.roa
File: pQToXpifAW070fZCd-4Dh-nFmsE.roa (raw, json)
Hash identifier: IKhHlVDZonYIWTGNWdo5Hlz819fE6yx91MLHUqrurG8=
Subject key identifier: A5:04:E8:5E:98:9F:01:6D:3B:D1:F6:42:77:EE:03:87:E9:C5:9A:C1
Certificate issuer: /CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Certificate serial: 0723
Authority key identifier: 06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/pQToXpifAW070fZCd-4Dh-nFmsE.roa
Signing time: Fri 12 May 2023 13:38:33 +0000
ROA not before: Fri 12 May 2023 13:38:33 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 34549
IP address blocks: 59.83.136.0/21 maxlen: 24
59.83.240.0/21 maxlen: 24
114.66.144.0/22 maxlen: 24
114.66.168.0/22 maxlen: 24
114.66.172.0/22 maxlen: 24
114.66.180.0/22 maxlen: 24
114.66.184.0/22 maxlen: 24
114.66.212.0/22 maxlen: 24
114.66.216.0/22 maxlen: 24
218.98.80.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1827 (0x723)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Validity
Not Before: May 12 13:38:33 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=A504E85E989F016D3BD1F64277EE0387E9C59AC1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a5:31:73:6a:00:9e:96:94:ce:87:9f:8c:3b:
eb:d2:62:4e:4b:5e:e8:95:7c:5c:7b:e1:44:55:a3:
16:e9:7c:e3:f7:22:69:8b:83:42:ce:51:5b:7d:30:
62:ef:5e:c4:f2:da:26:fb:04:31:52:02:a9:84:86:
2d:e4:bd:cd:b9:b1:c3:2d:be:70:89:4a:f5:d5:b3:
1d:18:b2:bd:99:09:47:5d:f3:47:39:60:81:4f:a4:
c4:af:63:4a:4c:e2:4d:39:8d:77:35:4a:dd:a3:f9:
90:3a:35:f6:bc:78:17:e6:e3:97:ed:ef:69:7c:d1:
b9:44:d6:70:32:29:25:6c:ee:3d:19:e6:1f:91:a3:
2b:cc:02:e1:04:33:f1:d6:e1:a9:30:2c:19:9f:e6:
b6:3c:f9:c4:46:c3:3f:9a:04:67:a2:b3:b0:a6:77:
24:64:e0:6e:f1:0e:24:e0:8a:df:02:39:2a:55:2a:
4e:e4:b7:79:5a:c4:b8:5a:f1:f9:01:74:4b:e8:51:
ac:eb:43:3d:d0:a2:08:83:39:0b:70:a2:10:66:dd:
5f:fd:1b:4e:c7:38:00:f3:21:85:ac:79:d6:cc:f3:
54:ed:a9:63:00:58:0a:33:7c:31:5d:68:4e:3c:31:
82:63:be:bb:f2:ed:24:cc:96:2b:57:54:39:2a:b1:
79:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:04:E8:5E:98:9F:01:6D:3B:D1:F6:42:77:EE:03:87:E9:C5:9A:C1
X509v3 Authority Key Identifier:
keyid:06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/BgwAvxelX9uFyvRXi-gzBW4Ci0M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/pQToXpifAW070fZCd-4Dh-nFmsE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
59.83.136.0/21
59.83.240.0/21
114.66.144.0/22
114.66.168.0/21
114.66.180.0-114.66.187.255
114.66.212.0-114.66.219.255
218.98.80.0/22
Signature Algorithm: sha256WithRSAEncryption
32:5e:12:b6:aa:b2:c8:41:ff:c3:98:9f:2c:dc:e2:c0:99:de:
9f:a6:45:34:34:4a:1c:e6:8d:38:71:46:52:ba:0c:56:ed:c6:
1c:e6:30:9b:04:4a:43:2a:cf:da:26:db:b0:9e:a5:74:98:9a:
38:95:b9:fa:45:5a:86:6b:84:3e:4b:dd:b0:5e:fc:f9:ba:66:
c5:9e:c2:46:16:0d:8b:c6:71:cf:69:0e:dc:86:5d:33:e1:ee:
52:c3:0f:40:78:74:93:b8:2a:98:bd:b0:fe:e7:89:bb:9f:3e:
e1:4f:23:3d:1d:25:8d:60:b3:80:63:fd:4c:55:cb:46:1c:3d:
59:bc:12:f7:cc:61:df:63:1f:9a:71:18:69:87:17:31:a5:9b:
23:ad:e8:0a:42:5a:f9:c6:ba:a4:c0:f9:ab:6b:9c:ca:bd:82:
0a:20:0f:07:95:78:28:a7:a9:4a:49:89:ea:27:13:4d:33:f9:
70:15:59:a0:89:8e:d5:2a:74:0c:97:7a:12:ab:37:32:1b:60:
7c:48:3e:3a:50:8b:8e:03:76:49:ac:20:d0:43:88:ae:59:bb:
0c:5e:0d:64:32:2d:27:18:1e:15:56:11:80:05:68:95:38:cb:
e2:17:c1:02:3c:25:ee:7b:c9:85:03:90:f6:26:e4:ab:d6:e2:
c6:43:a2:c2
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgICByMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDYw
QzAwQkYxN0E1NUZEQjg1Q0FGNDU3OEJFODMzMDU2RTAyOEI0MzAeFw0yMzA1MTIx
MzM4MzNaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKEE1MDRFODVFOTg5RjAx
NkQzQkQxRjY0Mjc3RUUwMzg3RTlDNTlBQzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6pTFzagCelpTOh5+MO+vSYk5LXuiVfFx74URVoxbpfOP3ImmL
g0LOUVt9MGLvXsTy2ib7BDFSAqmEhi3kvc25scMtvnCJSvXVsx0Ysr2ZCUdd80c5
YIFPpMSvY0pM4k05jXc1St2j+ZA6Nfa8eBfm45ft72l80blE1nAyKSVs7j0Z5h+R
oyvMAuEEM/HW4akwLBmf5rY8+cRGwz+aBGeis7CmdyRk4G7xDiTgit8COSpVKk7k
t3laxLha8fkBdEvoUazrQz3QogiDOQtwohBm3V/9G07HOADzIYWsedbM81TtqWMA
WAozfDFdaE48MYJjvrvy7STMlitXVDkqsXlPAgMBAAGjggInMIICIzAdBgNVHQ4E
FgQUpQToXpifAW070fZCd+4Dh+nFmsEwHwYDVR0jBBgwFoAUBgwAvxelX9uFyvRX
i+gzBW4Ci0MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMw
OS9CZ3dBdnhlbFg5dUZ5dlJYaS1nekJXNENpME0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0Jnd0F2eGVsWDl1Rnl2UlhpLWd6Qlc0Q2kwTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMDkvcFFUb1hwaWZBVzA3
MGZaQ2QtNERoLW5GbXNFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDBTBggrBgEFBQcBBwEB/wREMEIwQAQCAAEw
OgMEAztTiAMEAztT8AMEAnJCkAMEA3JCqDAMAwQCckK0AwQCckK4MAwDBAJyQtQD
BAJyQtgDBALaYlAwDQYJKoZIhvcNAQELBQADggEBADJeEraqsshB/8OYnyzc4sCZ
3p+mRTQ0ShzmjThxRlK6DFbtxhzmMJsESkMqz9om27CepXSYmjiVufpFWoZrhD5L
3bBe/Pm6ZsWewkYWDYvGcc9pDtyGXTPh7lLDD0B4dJO4Kpi9sP7nibufPuFPIz0d
JY1gs4Bj/UxVy0YcPVm8EvfMYd9jH5pxGGmHFzGlmyOt6ApCWvnGuqTA+atrnMq9
ggogDweVeCinqUpJieonE00z+XAVWaCJjtUqdAyXehKrNzIbYHxIPjpQi44Ddkms
INBDiK5ZuwxeDWQyLScYHhVWEYAFaJU4y+IXwQI8Je57yYUDkPYm5KvW4sZDosI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:58 2024 by rpki-client on console-fra.rpki-client.org