Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2309/sz2ljjF_LEv19SgVXuGgHO1tYtQ.roa
File: sz2ljjF_LEv19SgVXuGgHO1tYtQ.roa (raw, json)
Hash identifier: ZY0aPOgRjqQ5tGsj1lPuGLcdmV8URWTdNxRp62eGalo=
Subject key identifier: B3:3D:A5:8E:31:7F:2C:4B:F5:F5:28:15:5E:E1:A0:1C:ED:6D:62:D4
Certificate issuer: /CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Certificate serial: 23
Authority key identifier: 06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/sz2ljjF_LEv19SgVXuGgHO1tYtQ.roa
Signing time: Mon 06 Jun 2022 06:04:24 +0000
ROA not before: Mon 06 Jun 2022 06:04:24 +0000
ROA not after: Fri 02 Jun 2023 05:30:26 +0000
asID: 34549
IP address blocks: 59.83.132.0/22 maxlen: 24
114.66.128.0/20 maxlen: 24
114.66.144.0/22 maxlen: 24
114.66.148.0/22 maxlen: 24
114.66.152.0/22 maxlen: 24
114.66.156.0/22 maxlen: 24
114.66.160.0/20 maxlen: 24
114.66.176.0/22 maxlen: 24
114.66.180.0/22 maxlen: 24
114.66.184.0/22 maxlen: 24
114.66.216.0/22 maxlen: 24
114.66.224.0/22 maxlen: 24
114.66.228.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35 (0x23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=060C00BF17A55FDB85CAF4578BE833056E028B43
Validity
Not Before: Jun 6 06:04:24 2022 GMT
Not After : Jun 2 05:30:26 2023 GMT
Subject: CN=B33DA58E317F2C4BF5F528155EE1A01CED6D62D4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:2f:85:ba:a7:5a:75:0d:60:d7:7a:d6:89:7c:
85:c9:9e:c1:80:db:b3:43:e4:8f:58:a0:96:61:dc:
4a:ed:2d:c1:df:f1:4c:29:d8:b5:62:10:7b:87:7f:
33:1e:36:c0:02:7c:bf:99:88:c1:44:9b:ed:9f:6a:
ca:ec:12:47:b5:a3:46:b3:51:d0:ea:d0:54:34:5f:
70:cf:c4:7c:2b:6e:45:b2:83:98:33:ad:da:49:f3:
8a:11:fd:d8:a9:f7:e4:39:f5:08:96:58:bd:78:e9:
d0:5a:aa:0c:3d:8c:00:b2:ce:49:6b:aa:9e:41:7a:
4d:17:b0:e7:72:91:d4:08:83:b0:96:3f:c5:38:05:
ae:b5:2e:f9:b6:50:1c:f4:da:cc:f9:4c:eb:d8:c6:
b7:4c:09:95:e3:0b:09:0a:5c:61:48:66:a8:b5:25:
09:a0:51:35:3d:69:14:8c:07:01:95:ed:83:19:a4:
6d:4d:d8:c8:5f:e9:8d:4a:b5:66:4f:01:2a:df:eb:
c0:82:f0:ef:a2:87:0d:75:55:5e:46:bb:34:fc:25:
b1:71:70:cc:6c:70:3e:8c:10:90:f9:da:7a:91:4e:
97:2a:64:ee:2e:7e:f0:e8:35:d5:ee:08:62:1d:71:
25:aa:a2:00:ed:f1:c0:3d:43:01:b7:dc:ce:08:15:
86:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:3D:A5:8E:31:7F:2C:4B:F5:F5:28:15:5E:E1:A0:1C:ED:6D:62:D4
X509v3 Authority Key Identifier:
keyid:06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/BgwAvxelX9uFyvRXi-gzBW4Ci0M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/sz2ljjF_LEv19SgVXuGgHO1tYtQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
59.83.132.0/22
114.66.128.0-114.66.187.255
114.66.216.0/22
114.66.224.0/21
Signature Algorithm: sha256WithRSAEncryption
a1:41:a5:39:55:26:b7:9a:de:db:9e:4b:f1:0a:9f:ab:af:72:
96:7e:d8:95:6f:0c:5e:07:90:96:55:4e:4e:be:ce:a5:50:ed:
7a:8c:1a:87:81:b5:72:3c:e9:ca:bf:76:3d:00:24:c3:00:9a:
4f:df:83:50:1a:4e:86:3b:4f:17:ef:1b:7b:47:b7:2e:58:4e:
9b:92:83:fc:3f:89:58:b7:35:a1:aa:43:f7:3c:5a:90:d4:c9:
d8:68:0b:6f:eb:46:03:a9:d9:2f:35:db:d5:73:de:15:91:85:
58:10:16:d0:86:25:43:0d:58:4c:0d:74:38:e3:2a:71:83:83:
1e:aa:18:94:6d:c3:ce:79:26:5d:22:93:c9:2f:e6:51:56:77:
9b:40:93:f2:e4:c6:f5:64:60:0b:4a:ee:bd:fb:d1:47:b5:ef:
38:7c:e0:48:23:bc:3a:cc:9f:2d:d3:44:70:33:03:0d:1f:b1:
bc:6c:dd:98:fd:6a:ef:dd:bf:12:d2:db:08:22:ab:f7:7b:b5:
9d:76:00:9f:61:04:ba:be:93:3b:9c:1c:09:7b:21:95:c6:51:
ac:66:4b:25:29:bd:c8:2d:a3:ec:15:86:ea:41:ec:5e:14:28:
28:4e:a7:ec:dd:cf:67:4a:31:d7:ee:d0:9d:bf:35:a9:87:51:
5a:dd:b0:73
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIBIzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygwNjBD
MDBCRjE3QTU1RkRCODVDQUY0NTc4QkU4MzMwNTZFMDI4QjQzMB4XDTIyMDYwNjA2
MDQyNFoXDTIzMDYwMjA1MzAyNlowMzExMC8GA1UEAxMoQjMzREE1OEUzMTdGMkM0
QkY1RjUyODE1NUVFMUEwMUNFRDZENjJENDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAJYvhbqnWnUNYNd61ol8hcmewYDbs0Pkj1iglmHcSu0twd/xTCnY
tWIQe4d/Mx42wAJ8v5mIwUSb7Z9qyuwSR7WjRrNR0OrQVDRfcM/EfCtuRbKDmDOt
2knzihH92Kn35Dn1CJZYvXjp0FqqDD2MALLOSWuqnkF6TRew53KR1AiDsJY/xTgF
rrUu+bZQHPTazPlM69jGt0wJleMLCQpcYUhmqLUlCaBRNT1pFIwHAZXtgxmkbU3Y
yF/pjUq1Zk8BKt/rwILw76KHDXVVXka7NPwlsXFwzGxwPowQkPnaepFOlypk7i5+
8Og11e4IYh1xJaqiAO3xwD1DAbfczggVhm8CAwEAAaOCAg0wggIJMB0GA1UdDgQW
BBSzPaWOMX8sS/X1KBVe4aAc7W1i1DAfBgNVHSMEGDAWgBQGDAC/F6Vf24XK9FeL
6DMFbgKLQzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yMzA5
L0Jnd0F2eGVsWDl1Rnl2UlhpLWd6Qlc0Q2kwTS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvQmd3QXZ4ZWxYOXVGeXZSWGktZ3pCVzRDaTBNLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMwOS9zejJsampGX0xFdjE5
U2dWWHVHZ0hPMXRZdFEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAg
AwQCO1OEMAwDBAdyQoADBAJyQrgDBAJyQtgDBANyQuAwDQYJKoZIhvcNAQELBQAD
ggEBAKFBpTlVJrea3tueS/EKn6uvcpZ+2JVvDF4HkJZVTk6+zqVQ7XqMGoeBtXI8
6cq/dj0AJMMAmk/fg1AaToY7TxfvG3tHty5YTpuSg/w/iVi3NaGqQ/c8WpDUydho
C2/rRgOp2S8129Vz3hWRhVgQFtCGJUMNWEwNdDjjKnGDgx6qGJRtw855Jl0ik8kv
5lFWd5tAk/LkxvVkYAtK7r370Ue17zh84EgjvDrMny3TRHAzAw0fsbxs3Zj9au/d
vxLS2wgiq/d7tZ12AJ9hBLq+kzucHAl7IZXGUaxmSyUpvcgto+wVhupB7F4UKChO
p+zdz2dKMdfu0J2/NamHUVrdsHM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:58 2024 by rpki-client on console-fra.rpki-client.org