Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2309/uGDDhcCnUlt4_cS4E4Y1P3CdsNs.roa
File: uGDDhcCnUlt4_cS4E4Y1P3CdsNs.roa (raw, json)
Hash identifier: BGI7EmmJ6Mel3vKcrNj3FOKl8RZN2hSi8QTZO8k4LNE=
Subject key identifier: B8:60:C3:85:C0:A7:52:5B:78:FD:C4:B8:13:86:35:3F:70:9D:B0:DB
Certificate issuer: /CN=981B38009AA03BEB91271B999DD751BEC8520FE3
Certificate serial: 09CF
Authority key identifier: 98:1B:38:00:9A:A0:3B:EB:91:27:1B:99:9D:D7:51:BE:C8:52:0F:E3
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mBs4AJqgO-uRJxuZnddRvshSD-M.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/uGDDhcCnUlt4_cS4E4Y1P3CdsNs.roa
Signing time: Tue 17 May 2022 04:07:20 +0000
ROA not before: Tue 17 May 2022 04:07:20 +0000
ROA not after: Fri 27 May 2022 04:59:52 +0000
asID: 34549
IP address blocks: 114.66.128.0/20 maxlen: 24
114.66.144.0/22 maxlen: 24
114.66.148.0/22 maxlen: 24
114.66.152.0/22 maxlen: 24
114.66.156.0/22 maxlen: 24
114.66.160.0/20 maxlen: 24
114.66.176.0/22 maxlen: 24
114.66.180.0/22 maxlen: 24
114.66.184.0/22 maxlen: 24
114.66.216.0/22 maxlen: 24
114.66.224.0/22 maxlen: 24
114.66.228.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2511 (0x9cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=981B38009AA03BEB91271B999DD751BEC8520FE3
Validity
Not Before: May 17 04:07:20 2022 GMT
Not After : May 27 04:59:52 2022 GMT
Subject: CN=B860C385C0A7525B78FDC4B81386353F709DB0DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:62:74:75:24:5f:9a:37:24:81:ee:9d:c0:72:
c5:21:3f:78:84:78:af:90:03:fe:85:bc:3b:b8:7d:
fe:a6:d7:a1:fa:68:e1:e1:da:38:8d:a8:fa:0e:d3:
e0:3d:d2:84:60:90:a5:a4:71:ee:d1:07:83:3a:18:
2a:ad:ee:4a:d0:40:47:0f:97:f4:64:ea:78:5c:59:
52:cf:02:72:20:1f:b0:df:e1:bb:e3:0c:5e:5f:16:
5c:74:84:9e:b5:5d:aa:ee:fb:80:90:ca:24:e3:98:
10:c0:f5:34:92:65:2f:a9:e4:aa:52:5b:04:9c:34:
96:89:0a:1c:5e:63:19:3f:81:de:1b:b0:c2:55:24:
6e:aa:3b:00:cd:0c:3d:bd:60:9c:62:b6:b2:43:60:
b8:5d:84:d1:af:31:02:8c:c0:2a:1b:d9:0c:69:65:
d2:fb:dc:2d:87:aa:bd:49:32:67:e1:ce:f0:76:27:
a1:04:fa:69:f4:ff:55:f4:89:cf:0f:27:c6:bf:b9:
fa:14:14:f4:4c:64:22:8b:11:79:44:1e:68:e1:87:
53:57:cc:d4:53:b6:2a:a9:b9:38:94:a1:d2:06:55:
cd:df:1c:0a:33:ed:a8:16:91:3d:d2:ca:46:3d:b3:
fb:4c:88:14:ef:49:27:d8:22:22:9b:a1:48:d5:b5:
a0:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:60:C3:85:C0:A7:52:5B:78:FD:C4:B8:13:86:35:3F:70:9D:B0:DB
X509v3 Authority Key Identifier:
keyid:98:1B:38:00:9A:A0:3B:EB:91:27:1B:99:9D:D7:51:BE:C8:52:0F:E3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/mBs4AJqgO-uRJxuZnddRvshSD-M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mBs4AJqgO-uRJxuZnddRvshSD-M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/uGDDhcCnUlt4_cS4E4Y1P3CdsNs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
114.66.128.0-114.66.187.255
114.66.216.0/22
114.66.224.0/21
Signature Algorithm: sha256WithRSAEncryption
91:13:7a:95:c6:3d:d8:70:34:ae:87:33:8e:e3:dc:6a:84:31:
d4:1e:cf:39:28:6e:9e:f8:72:85:ec:4f:51:99:ae:89:8d:35:
66:8c:fa:b2:3f:52:60:83:b0:87:18:1d:76:a9:a0:e7:5a:7b:
74:d3:95:b9:23:4b:73:0a:fa:d0:7a:12:d1:56:e7:7f:14:1a:
73:86:be:54:4c:41:78:c8:d1:9a:e8:c5:da:29:37:ad:36:eb:
92:0f:b5:8a:c1:07:7f:c4:8d:55:da:73:bd:f9:1e:fa:c3:48:
bb:d9:60:e5:93:14:f0:0e:84:eb:af:ce:98:7f:1b:04:0a:83:
dd:91:73:06:c4:80:b4:aa:ea:5b:df:3a:1d:fb:82:af:13:58:
44:0c:e0:80:e5:e2:f3:af:c2:58:bb:ca:65:28:80:fd:a5:dc:
7a:70:f0:23:c4:0c:2c:bc:ba:b2:26:17:4d:27:da:5a:0e:82:
99:59:e9:ed:c4:11:94:51:ca:b5:8c:e1:20:30:5d:42:ab:c0:
15:3f:1d:e1:0c:d6:59:d3:ad:a1:7b:02:e4:07:97:7d:77:cd:
0c:6d:a2:f2:bc:10:e8:22:74:40:d5:37:69:9a:f4:61:d0:cb:
ff:0a:88:71:2f:d2:db:4b:af:0c:d4:b2:5d:e0:dc:a1:92:79:
8b:77:46:0c
-----BEGIN CERTIFICATE-----
MIIE6zCCA9OgAwIBAgICCc8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTgx
QjM4MDA5QUEwM0JFQjkxMjcxQjk5OURENzUxQkVDODUyMEZFMzAeFw0yMjA1MTcw
NDA3MjBaFw0yMjA1MjcwNDU5NTJaMDMxMTAvBgNVBAMTKEI4NjBDMzg1QzBBNzUy
NUI3OEZEQzRCODEzODYzNTNGNzA5REIwREIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzYnR1JF+aNySB7p3AcsUhP3iEeK+QA/6FvDu4ff6m16H6aOHh
2jiNqPoO0+A90oRgkKWkce7RB4M6GCqt7krQQEcPl/Rk6nhcWVLPAnIgH7Df4bvj
DF5fFlx0hJ61Xaru+4CQyiTjmBDA9TSSZS+p5KpSWwScNJaJChxeYxk/gd4bsMJV
JG6qOwDNDD29YJxitrJDYLhdhNGvMQKMwCob2QxpZdL73C2Hqr1JMmfhzvB2J6EE
+mn0/1X0ic8PJ8a/ufoUFPRMZCKLEXlEHmjhh1NXzNRTtiqpuTiUodIGVc3fHAoz
7agWkT3SykY9s/tMiBTvSSfYIiKboUjVtaBpAgMBAAGjggIHMIICAzAdBgNVHQ4E
FgQUuGDDhcCnUlt4/cS4E4Y1P3CdsNswHwYDVR0jBBgwFoAUmBs4AJqgO+uRJxuZ
nddRvshSD+MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMw
OS9tQnM0QUpxZ08tdVJKeHVabmRkUnZzaFNELU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL21CczRBSnFnTy11Ukp4dVpuZGRSdnNoU0QtTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMDkvdUdERGhjQ25VbHQ0
X2NTNEU0WTFQM0Nkc05zLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAzBggrBgEFBQcBBwEB/wQkMCIwIAQCAAEw
GjAMAwQHckKAAwQCckK4AwQCckLYAwQDckLgMA0GCSqGSIb3DQEBCwUAA4IBAQCR
E3qVxj3YcDSuhzOO49xqhDHUHs85KG6e+HKF7E9Rma6JjTVmjPqyP1Jgg7CHGB12
qaDnWnt005W5I0tzCvrQehLRVud/FBpzhr5UTEF4yNGa6MXaKTetNuuSD7WKwQd/
xI1V2nO9+R76w0i72WDlkxTwDoTrr86YfxsECoPdkXMGxIC0qupb3zod+4KvE1hE
DOCA5eLzr8JYu8plKID9pdx6cPAjxAwsvLqyJhdNJ9paDoKZWentxBGUUcq1jOEg
MF1Cq8AVPx3hDNZZ062hewLkB5d9d80MbaLyvBDoInRA1TdpmvRh0Mv/CohxL9Lb
S68M1LJd4NyhknmLd0YM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:58 2024 by rpki-client on console-fra.rpki-client.org