Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/tIcAjixpjoRMl3kHw2Nc6hOGex0.roa
File: tIcAjixpjoRMl3kHw2Nc6hOGex0.roa (raw, json)
Hash identifier: sf2E5Mj7TzoKfAKJChRx3h2mSOK77giEXi2CvbFO938=
Subject key identifier: B4:87:00:8E:2C:69:8E:84:4C:97:79:07:C3:63:5C:EA:13:86:7B:1D
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 9A
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/tIcAjixpjoRMl3kHw2Nc6hOGex0.roa
Signing time: Mon 27 Jun 2022 02:19:46 +0000
ROA not before: Mon 27 Jun 2022 02:19:46 +0000
ROA not after: Fri 09 Jun 2023 06:51:49 +0000
asID: 59083
IP address blocks: 43.254.152.0/22 maxlen: 24
43.254.153.0/24 maxlen: 24
43.254.154.0/23 maxlen: 24
43.254.154.0/24 maxlen: 24
43.254.155.0/24 maxlen: 24
59.153.164.0/22 maxlen: 24
59.153.168.0/23 maxlen: 24
103.5.192.0/22 maxlen: 24
103.7.140.0/22 maxlen: 24
103.7.140.0/23 maxlen: 24
103.7.142.0/23 maxlen: 24
103.10.0.0/23 maxlen: 24
103.10.0.0/24 maxlen: 24
103.10.1.0/24 maxlen: 24
103.10.2.0/23 maxlen: 24
103.10.2.0/24 maxlen: 24
103.10.3.0/24 maxlen: 24
103.24.116.0/22 maxlen: 24
103.24.116.0/23 maxlen: 24
103.24.116.0/24 maxlen: 24
103.24.117.0/24 maxlen: 24
103.24.118.0/23 maxlen: 24
103.24.118.0/24 maxlen: 24
103.24.119.0/24 maxlen: 24
150.242.236.0/23 maxlen: 24
150.242.238.0/23 maxlen: 24
202.89.108.0/22 maxlen: 24
202.89.108.0/23 maxlen: 24
202.89.110.0/23 maxlen: 24
202.136.248.0/22 maxlen: 24
202.136.248.0/23 maxlen: 24
202.136.249.0/24 maxlen: 24
202.136.250.0/23 maxlen: 24
202.136.250.0/24 maxlen: 24
202.140.140.0/22 maxlen: 24
202.140.140.0/23 maxlen: 24
202.140.142.0/23 maxlen: 24
202.174.124.0/22 maxlen: 24
203.90.12.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154 (0x9a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jun 27 02:19:46 2022 GMT
Not After : Jun 9 06:51:49 2023 GMT
Subject: CN=B487008E2C698E844C977907C3635CEA13867B1D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:6e:15:99:76:b6:b4:c3:5a:c4:c2:35:4e:e1:
ff:84:5b:ef:86:e5:49:ff:7e:ba:5d:0f:0d:b2:1c:
37:08:c6:1f:24:d3:e8:aa:7e:9c:30:84:2c:6b:64:
4d:f8:17:75:da:7a:c0:7c:4c:5d:88:ff:9a:31:09:
62:c4:15:02:76:02:c2:e8:21:5d:8d:a4:93:51:16:
4c:59:52:bb:c9:74:8c:0f:74:91:48:fe:f1:56:5a:
7a:ba:62:b2:2f:8e:68:4e:ec:b8:3e:ec:e1:32:61:
e1:10:ab:c5:71:ab:19:52:bb:d4:a2:78:e7:ac:92:
0d:87:c0:93:e4:80:21:0a:3b:7f:2e:7b:2a:23:7b:
7c:1b:65:0a:e9:c2:3d:ff:df:33:b4:d5:45:5e:82:
6e:f3:35:5b:06:c6:26:6d:84:22:02:32:ba:50:01:
bd:03:60:ca:e1:e1:b9:ea:b2:35:77:10:c2:d2:21:
4c:82:3d:8f:e7:7d:6f:36:00:ea:32:a6:35:87:86:
76:ac:3b:16:ab:5d:88:e7:73:ad:23:10:fe:1c:3a:
7a:88:20:68:b8:78:4e:38:8d:d8:87:c4:af:95:ed:
80:7d:f9:ce:26:80:69:90:15:d8:91:4a:61:05:84:
38:4f:ac:01:ee:d0:c7:d4:6a:ff:90:76:01:a6:d5:
48:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:87:00:8E:2C:69:8E:84:4C:97:79:07:C3:63:5C:EA:13:86:7B:1D
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/tIcAjixpjoRMl3kHw2Nc6hOGex0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.152.0/22
59.153.164.0-59.153.169.255
103.5.192.0/22
103.7.140.0/22
103.10.0.0/22
103.24.116.0/22
150.242.236.0/22
202.89.108.0/22
202.136.248.0/22
202.140.140.0/22
202.174.124.0/22
203.90.12.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:34:c5:c1:0a:09:08:c4:94:6e:21:95:7a:02:48:af:28:f9:
36:1f:c7:1d:04:23:26:71:7e:84:e4:16:c2:bb:dd:fc:f5:9b:
0c:26:ba:5a:61:69:33:39:4f:f4:3e:10:d5:f8:ff:26:b9:f6:
34:9b:57:9b:45:1e:b6:90:50:b4:38:f7:ce:ba:38:60:27:08:
62:d1:ea:97:00:57:ae:e5:e0:c4:e6:9d:94:6e:2d:d3:a1:c1:
00:95:1e:8c:86:b6:1c:06:ee:32:57:31:63:8c:d2:8d:a0:4b:
ae:28:15:28:ab:59:25:8c:0c:71:9e:bf:0a:d9:55:b5:ab:7b:
32:72:49:ec:07:57:6e:57:bd:15:ae:93:54:77:42:9a:1e:69:
a2:56:f1:58:8a:30:f0:91:7d:cf:22:ff:ec:2d:17:ca:bd:c2:
98:6e:b6:ef:36:b2:7b:27:d4:86:0b:5d:7f:75:fc:42:3e:4f:
38:53:86:a7:c4:d6:b6:d2:f2:c2:2b:8c:ee:80:ae:4d:2a:40:
d6:2f:d3:ac:e2:45:4e:0d:92:c1:47:98:e8:a3:aa:65:fb:79:
8f:04:bf:3f:e8:e1:af:40:3e:56:eb:bd:79:55:e6:af:8f:31:
00:72:16:fb:12:63:f8:51:4e:04:d4:34:d4:2f:1e:b9:da:58:
85:6a:93:4e
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgICAJowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yMjA2Mjcw
MjE5NDZaFw0yMzA2MDkwNjUxNDlaMDMxMTAvBgNVBAMTKEI0ODcwMDhFMkM2OThF
ODQ0Qzk3NzkwN0MzNjM1Q0VBMTM4NjdCMUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsbhWZdra0w1rEwjVO4f+EW++G5Un/frpdDw2yHDcIxh8k0+iq
fpwwhCxrZE34F3XaesB8TF2I/5oxCWLEFQJ2AsLoIV2NpJNRFkxZUrvJdIwPdJFI
/vFWWnq6YrIvjmhO7Lg+7OEyYeEQq8VxqxlSu9SieOeskg2HwJPkgCEKO38ueyoj
e3wbZQrpwj3/3zO01UVegm7zNVsGxiZthCICMrpQAb0DYMrh4bnqsjV3EMLSIUyC
PY/nfW82AOoypjWHhnasOxarXYjnc60jEP4cOnqIIGi4eE44jdiHxK+V7YB9+c4m
gGmQFdiRSmEFhDhPrAHu0MfUav+QdgGm1UgXAgMBAAGjggI7MIICNzAdBgNVHQ4E
FgQUtIcAjixpjoRMl3kHw2Nc6hOGex0wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3RJY0FqaXhwam9STWwz
a0h3Mk5jNmhPR2V4MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwaQYIKwYBBQUHAQcBAf8EWjBYMFYEAgABMFAD
BAIr/pgwDAMEAjuZpAMEATuZqAMEAmcFwAMEAmcHjAMEAmcKAAMEAmcYdAMEApby
7AMEAspZbAMEAsqI+AMEAsqMjAMEAsqufAMEAstaDDANBgkqhkiG9w0BAQsFAAOC
AQEADzTFwQoJCMSUbiGVegJIryj5Nh/HHQQjJnF+hOQWwrvd/PWbDCa6WmFpMzlP
9D4Q1fj/Jrn2NJtXm0UetpBQtDj3zro4YCcIYtHqlwBXruXgxOadlG4t06HBAJUe
jIa2HAbuMlcxY4zSjaBLrigVKKtZJYwMcZ6/CtlVtat7MnJJ7AdXble9Fa6TVHdC
mh5polbxWIow8JF9zyL/7C0Xyr3CmG627zayeyfUhgtdf3X8Qj5POFOGp8TWttLy
wiuM7oCuTSpA1i/TrOJFTg2SwUeY6KOqZft5jwS/P+jhr0A+Vuu9eVXmr48xAHIW
+xJj+FFOBNQ01C8eudpYhWqTTg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:18 2023 by rpki-client on console-ams.rpki-client.org