Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/uCAmGJXBauKf9tVLjkCnwq7LUOg.roa
File: uCAmGJXBauKf9tVLjkCnwq7LUOg.roa (raw, json)
Hash identifier: UC5kcrHQmcsRiCOTDUc1S80oBVwr983bSAl1GPGwJdc=
Subject key identifier: B8:20:26:18:95:C1:6A:E2:9F:F6:D5:4B:8E:40:A7:C2:AE:CB:50:E8
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 07
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/uCAmGJXBauKf9tVLjkCnwq7LUOg.roa
Signing time: Wed 01 Jun 2022 07:07:34 +0000
ROA not before: Wed 01 Jun 2022 07:07:34 +0000
ROA not after: Thu 01 Jun 2023 06:58:54 +0000
asID: 59083
IP address blocks: 43.254.152.0/22 maxlen: 24
43.254.153.0/24 maxlen: 24
43.254.154.0/23 maxlen: 24
43.254.154.0/24 maxlen: 24
43.254.155.0/24 maxlen: 24
59.153.164.0/22 maxlen: 24
59.153.168.0/23 maxlen: 24
103.7.140.0/22 maxlen: 24
103.7.140.0/23 maxlen: 24
103.7.142.0/23 maxlen: 24
103.10.0.0/23 maxlen: 24
103.10.0.0/24 maxlen: 24
103.10.1.0/24 maxlen: 24
103.10.2.0/23 maxlen: 24
103.10.2.0/24 maxlen: 24
103.10.3.0/24 maxlen: 24
103.24.116.0/22 maxlen: 24
103.24.116.0/23 maxlen: 24
103.24.116.0/24 maxlen: 24
103.24.117.0/24 maxlen: 24
103.24.118.0/23 maxlen: 24
103.24.118.0/24 maxlen: 24
103.24.119.0/24 maxlen: 24
150.242.236.0/23 maxlen: 24
202.89.108.0/22 maxlen: 24
202.89.108.0/23 maxlen: 24
202.89.110.0/23 maxlen: 24
202.136.248.0/22 maxlen: 24
202.136.248.0/23 maxlen: 24
202.136.249.0/24 maxlen: 24
202.136.250.0/23 maxlen: 24
202.136.250.0/24 maxlen: 24
202.140.140.0/22 maxlen: 24
202.140.140.0/23 maxlen: 24
202.140.142.0/23 maxlen: 24
202.174.124.0/22 maxlen: 24
203.90.12.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7 (0x7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jun 1 07:07:34 2022 GMT
Not After : Jun 1 06:58:54 2023 GMT
Subject: CN=B820261895C16AE29FF6D54B8E40A7C2AECB50E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:13:bd:ef:f5:f6:ce:f0:21:98:92:fa:d5:20:
5f:23:99:a3:b7:71:1f:6d:25:ba:42:fe:a0:4e:e6:
b1:c7:de:af:ec:45:cb:4a:0f:d4:e3:f1:74:32:62:
a9:99:b1:12:02:da:98:83:c8:b5:b3:f6:bb:83:92:
96:3f:42:99:fc:ba:bf:ef:f3:03:28:a8:5c:80:0c:
46:d2:70:11:f1:9e:3a:e7:89:32:b9:9b:b8:7e:1c:
e8:c8:4d:29:8e:85:d3:1e:d4:aa:7a:a1:d2:34:9b:
9f:ff:d9:5b:07:28:27:ed:ca:25:ce:ff:08:ad:c1:
6d:60:46:6f:06:b2:25:ea:97:ff:7f:0d:e9:b1:3b:
f0:4c:10:a7:d6:46:e0:c9:ad:2b:15:2c:e8:e1:6b:
de:0f:f1:0d:79:6d:ff:a7:a0:6d:7e:4c:a3:c7:0f:
52:39:37:33:83:64:df:9e:a0:16:08:97:3e:f5:1f:
6e:f4:f7:b6:61:1c:1a:40:b9:94:eb:e0:35:5a:51:
b4:df:f9:e0:54:76:45:55:74:51:63:84:74:9a:7d:
37:94:02:50:f0:9f:53:76:81:7b:5b:0b:4c:cd:01:
37:4e:62:f5:ad:11:d1:4d:eb:10:0b:68:6b:42:04:
44:7d:4e:2c:08:3d:af:f2:7f:e3:1e:fe:37:ce:b4:
6a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:20:26:18:95:C1:6A:E2:9F:F6:D5:4B:8E:40:A7:C2:AE:CB:50:E8
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/uCAmGJXBauKf9tVLjkCnwq7LUOg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.152.0/22
59.153.164.0-59.153.169.255
103.7.140.0/22
103.10.0.0/22
103.24.116.0/22
150.242.236.0/23
202.89.108.0/22
202.136.248.0/22
202.140.140.0/22
202.174.124.0/22
203.90.12.0/22
Signature Algorithm: sha256WithRSAEncryption
95:a1:de:6b:73:12:a0:ec:41:e0:7a:4d:c6:d7:7f:13:38:d4:
a8:c5:aa:d2:f9:54:40:57:17:da:3c:a7:d9:97:34:79:7c:91:
1a:da:d5:c4:f5:61:9a:61:1d:9a:bd:fc:ab:d5:f7:ab:95:c1:
44:25:37:46:5f:a0:b1:df:c5:d5:c8:6f:b3:28:c4:ad:10:6b:
a0:54:7d:78:97:81:d4:85:9a:a4:c7:68:59:f1:47:46:35:17:
67:19:ab:0c:c4:a9:6d:f9:d8:9c:a6:d7:dc:b2:f2:43:e2:aa:
a3:9b:cd:dc:0d:99:4c:50:1e:45:f5:62:57:67:6b:c9:8e:56:
24:d5:4e:8a:f2:b8:e0:d1:8d:8a:55:e3:7c:24:74:bd:7e:2d:
79:25:8d:5f:9c:fe:d6:19:c3:59:3d:34:2a:67:28:39:d1:17:
f1:f8:d3:36:d4:e5:2c:1f:c7:6f:a2:1d:c5:11:80:eb:ec:b7:
e9:94:40:a7:e0:03:e3:5a:0a:e3:e8:61:fc:7e:27:3f:d1:a4:
b1:4d:30:9f:9c:ac:ea:93:5f:e9:7f:5b:e9:5f:ec:83:59:0c:
ce:31:24:33:22:35:b0:93:80:6c:92:b7:a9:38:74:36:4d:01:
c7:be:51:e1:b6:64:af:a6:0b:47:11:7b:45:a7:00:d3:29:fc:
03:e6:97:e0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIBBzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3NUI0
NzE0QzRGNjFCRUEwNEEwMkNGOUNGNTYzQUUxMzRGNDc5Qzg1MB4XDTIyMDYwMTA3
MDczNFoXDTIzMDYwMTA2NTg1NFowMzExMC8GA1UEAxMoQjgyMDI2MTg5NUMxNkFF
MjlGRjZENTRCOEU0MEE3QzJBRUNCNTBFODCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANoTve/19s7wIZiS+tUgXyOZo7dxH20lukL+oE7mscfer+xFy0oP
1OPxdDJiqZmxEgLamIPItbP2u4OSlj9Cmfy6v+/zAyioXIAMRtJwEfGeOueJMrmb
uH4c6MhNKY6F0x7Uqnqh0jSbn//ZWwcoJ+3KJc7/CK3BbWBGbwayJeqX/38N6bE7
8EwQp9ZG4MmtKxUs6OFr3g/xDXlt/6egbX5Mo8cPUjk3M4Nk356gFgiXPvUfbvT3
tmEcGkC5lOvgNVpRtN/54FR2RVV0UWOEdJp9N5QCUPCfU3aBe1sLTM0BN05i9a0R
0U3rEAtoa0IERH1OLAg9r/J/4x7+N860alkCAwEAAaOCAjUwggIxMB0GA1UdDgQW
BBS4ICYYlcFq4p/21UuOQKfCrstQ6DAfBgNVHSMEGDAWgBR1tHFMT2G+oEoCz5z1
Y64TT0echTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFwGA1UdHwRVMFMwUaBP
oE2GS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC81Nzcv
ZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9kYlJ4VEU5aHZxQktBcy1jOVdPdUUwOUhuSVUuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBnAYIKwYBBQUHAQsEgY8wgYwwVwYIKwYBBQUHMAuGS3JzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC81NzcvdUNBbUdKWEJhdUtmOXRW
TGprQ253cTdMVU9nLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmlj
LmNuL3JyZHAvbm90aWZ5LnhtbDBjBggrBgEFBQcBBwEB/wRUMFIwUAQCAAEwSgME
Aiv+mDAMAwQCO5mkAwQBO5moAwQCZweMAwQCZwoAAwQCZxh0AwQBlvLsAwQCylls
AwQCyoj4AwQCyoyMAwQCyq58AwQCy1oMMA0GCSqGSIb3DQEBCwUAA4IBAQCVod5r
cxKg7EHgek3G138TONSoxarS+VRAVxfaPKfZlzR5fJEa2tXE9WGaYR2avfyr1fer
lcFEJTdGX6Cx38XVyG+zKMStEGugVH14l4HUhZqkx2hZ8UdGNRdnGasMxKlt+dic
ptfcsvJD4qqjm83cDZlMUB5F9WJXZ2vJjlYk1U6K8rjg0Y2KVeN8JHS9fi15JY1f
nP7WGcNZPTQqZyg50Rfx+NM21OUsH8dvoh3FEYDr7LfplECn4APjWgrj6GH8fic/
0aSxTTCfnKzqk1/pf1vpX+yDWQzOMSQzIjWwk4BskrepOHQ2TQHHvlHhtmSvpgtH
EXtFpwDTKfwD5pfg
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:23 2023 by rpki-client on console-fra.rpki-client.org