Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/GujB8BwCvtkKrwe9q4YnoWorDeQ.roa
File: GujB8BwCvtkKrwe9q4YnoWorDeQ.roa (raw, json)
Hash identifier: I1+ClzMvLK556WYonr3X8AWejNcisjw7meuLHYWHmwI=
Subject key identifier: 1A:E8:C1:F0:1C:02:BE:D9:0A:AF:07:BD:AB:86:27:A1:6A:2B:0D:E4
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 0394
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/GujB8BwCvtkKrwe9q4YnoWorDeQ.roa
Signing time: Wed 23 Nov 2022 07:04:19 +0000
ROA not before: Wed 23 Nov 2022 07:04:19 +0000
ROA not after: Mon 28 Aug 2023 04:15:34 +0000
asID: 59083
IP address blocks: 43.254.152.0/22 maxlen: 24
43.254.153.0/24 maxlen: 24
43.254.154.0/23 maxlen: 24
43.254.154.0/24 maxlen: 24
43.254.155.0/24 maxlen: 24
59.153.164.0/22 maxlen: 24
59.153.168.0/23 maxlen: 24
103.5.192.0/22 maxlen: 24
103.7.140.0/22 maxlen: 24
103.7.140.0/23 maxlen: 24
103.7.142.0/23 maxlen: 24
103.10.0.0/23 maxlen: 24
103.10.0.0/24 maxlen: 24
103.10.1.0/24 maxlen: 24
103.10.2.0/23 maxlen: 24
103.10.2.0/24 maxlen: 24
103.10.3.0/24 maxlen: 24
103.24.116.0/22 maxlen: 24
103.24.116.0/23 maxlen: 24
103.24.116.0/24 maxlen: 24
103.24.117.0/24 maxlen: 24
103.24.118.0/23 maxlen: 24
103.24.118.0/24 maxlen: 24
103.24.119.0/24 maxlen: 24
150.242.236.0/23 maxlen: 24
150.242.238.0/23 maxlen: 24
202.89.108.0/22 maxlen: 24
202.89.108.0/23 maxlen: 24
202.89.110.0/23 maxlen: 24
202.136.248.0/22 maxlen: 24
202.136.248.0/23 maxlen: 24
202.136.249.0/24 maxlen: 24
202.136.250.0/23 maxlen: 24
202.136.250.0/24 maxlen: 24
202.140.140.0/22 maxlen: 24
202.140.140.0/23 maxlen: 24
202.140.142.0/23 maxlen: 24
202.174.124.0/22 maxlen: 24
203.90.12.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 916 (0x394)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Nov 23 07:04:19 2022 GMT
Not After : Aug 28 04:15:34 2023 GMT
Subject: CN=1AE8C1F01C02BED90AAF07BDAB8627A16A2B0DE4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:25:9c:09:13:66:91:63:64:f5:31:42:db:4e:
63:bc:a4:a0:24:31:83:e4:ad:d5:91:d4:7e:bc:cf:
98:0a:5b:b6:19:1e:85:a6:ca:c0:06:09:b1:8b:15:
3a:41:f4:d5:b9:10:bd:8c:f7:b2:a5:4f:31:92:77:
46:86:c2:cf:9c:5b:24:79:5d:26:04:16:2c:84:6e:
69:b2:ae:33:f0:67:be:32:5a:3e:8d:86:b6:d6:1d:
82:be:aa:c6:04:42:02:64:8e:a8:1a:51:cc:ed:af:
56:c3:99:1a:9d:02:a1:26:05:c1:f5:03:5a:b0:21:
7c:95:71:eb:4e:41:a4:56:51:eb:4f:94:1b:ba:15:
46:a1:44:ec:40:7a:ae:a1:ff:60:a2:37:2e:26:eb:
9d:9b:42:4d:e0:57:df:b6:36:6f:3f:38:ad:b6:5c:
68:72:0b:f6:fe:24:ec:d0:f0:11:66:8a:c8:bc:6d:
0a:99:40:a1:51:a2:9e:2c:d6:bf:41:14:a4:32:6d:
7e:29:b5:44:56:b7:7b:6b:3f:71:95:4e:4c:d9:0c:
61:f5:95:85:ed:5a:b9:b5:29:4c:b0:7a:08:d7:f9:
15:75:c5:43:3d:97:a8:42:a3:2b:9b:01:04:02:5f:
65:75:ff:c6:82:76:03:21:3d:8a:32:b0:e4:3e:a3:
f5:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:E8:C1:F0:1C:02:BE:D9:0A:AF:07:BD:AB:86:27:A1:6A:2B:0D:E4
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/GujB8BwCvtkKrwe9q4YnoWorDeQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.152.0/22
59.153.164.0-59.153.169.255
103.5.192.0/22
103.7.140.0/22
103.10.0.0/22
103.24.116.0/22
150.242.236.0/22
202.89.108.0/22
202.136.248.0/22
202.140.140.0/22
202.174.124.0/22
203.90.12.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:70:c2:71:0f:5e:0b:90:93:45:b6:32:de:9d:d7:f0:c0:cb:
60:35:c5:cb:ec:75:be:f8:32:b9:72:6c:4d:e2:df:44:18:28:
e6:af:f2:96:f2:5b:c2:57:e5:1c:51:07:fd:cc:67:bc:fb:25:
7e:0d:8a:91:70:82:e2:59:7f:92:dd:10:9a:cd:1b:39:64:07:
45:b3:34:e2:4f:ba:68:0d:e7:31:57:c5:cf:bc:72:51:b3:0d:
3f:99:99:26:87:a0:95:dc:d3:29:62:45:ff:7f:32:e9:1e:76:
75:ec:c6:cc:6a:00:3d:74:e7:8a:37:82:ff:b7:f9:e6:8c:2a:
1f:77:d9:ec:b4:d0:a5:c4:4e:0b:33:bd:ea:73:7e:0b:0d:f6:
07:44:f0:73:fa:5e:ab:9d:c1:83:70:46:ec:f2:74:0d:d9:6c:
3f:47:24:a7:a4:0d:59:3a:64:38:42:66:2c:c6:71:8b:a1:60:
96:6f:48:d9:e0:39:49:60:bd:75:08:7d:a6:c9:dc:d7:7d:d8:
51:4f:fc:02:3d:3e:d1:39:eb:da:42:29:4c:9a:f1:68:6e:c7:
fc:ea:c4:10:b2:ac:bf:f8:e9:f0:c3:d7:87:29:a2:94:59:e6:
95:24:d2:a4:fe:d7:62:45:98:6b:49:8b:08:7d:f8:e6:b8:24:
fd:52:e8:af
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgICA5QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yMjExMjMw
NzA0MTlaFw0yMzA4MjgwNDE1MzRaMDMxMTAvBgNVBAMTKDFBRThDMUYwMUMwMkJF
RDkwQUFGMDdCREFCODYyN0ExNkEyQjBERTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVJZwJE2aRY2T1MULbTmO8pKAkMYPkrdWR1H68z5gKW7YZHoWm
ysAGCbGLFTpB9NW5EL2M97KlTzGSd0aGws+cWyR5XSYEFiyEbmmyrjPwZ74yWj6N
hrbWHYK+qsYEQgJkjqgaUcztr1bDmRqdAqEmBcH1A1qwIXyVcetOQaRWUetPlBu6
FUahROxAeq6h/2CiNy4m652bQk3gV9+2Nm8/OK22XGhyC/b+JOzQ8BFmisi8bQqZ
QKFRop4s1r9BFKQybX4ptURWt3trP3GVTkzZDGH1lYXtWrm1KUywegjX+RV1xUM9
l6hCoyubAQQCX2V1/8aCdgMhPYoysOQ+o/XJAgMBAAGjggI7MIICNzAdBgNVHQ4E
FgQUGujB8BwCvtkKrwe9q4YnoWorDeQwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0d1akI4QndDdnRrS3J3
ZTlxNFlub1dvckRlUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwaQYIKwYBBQUHAQcBAf8EWjBYMFYEAgABMFAD
BAIr/pgwDAMEAjuZpAMEATuZqAMEAmcFwAMEAmcHjAMEAmcKAAMEAmcYdAMEApby
7AMEAspZbAMEAsqI+AMEAsqMjAMEAsqufAMEAstaDDANBgkqhkiG9w0BAQsFAAOC
AQEAPHDCcQ9eC5CTRbYy3p3X8MDLYDXFy+x1vvgyuXJsTeLfRBgo5q/ylvJbwlfl
HFEH/cxnvPslfg2KkXCC4ll/kt0Qms0bOWQHRbM04k+6aA3nMVfFz7xyUbMNP5mZ
JoegldzTKWJF/38y6R52dezGzGoAPXTnijeC/7f55owqH3fZ7LTQpcROCzO96nN+
Cw32B0Twc/peq53Bg3BG7PJ0DdlsP0ckp6QNWTpkOEJmLMZxi6Fglm9I2eA5SWC9
dQh9psnc133YUU/8Aj0+0Tnr2kIpTJrxaG7H/OrEELKsv/jp8MPXhymilFnmlSTS
pP7XYkWYa0mLCH345rgk/VLorw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:23 2023 by rpki-client on console-fra.rpki-client.org