Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2122/zmIhxBvHBy4qpsk44i5pRdXQDWQ.roa
File: zmIhxBvHBy4qpsk44i5pRdXQDWQ.roa (raw, json)
Hash identifier: wG2T/xlWAwlRTxRujtpx0LpzUgOHeFgOLDQGv36JKFc=
Subject key identifier: CE:62:21:C4:1B:C7:07:2E:2A:A6:C9:38:E2:2E:69:45:D5:D0:0D:64
Certificate issuer: /CN=E441F2CCF2E5D3EB1637EEF8EE803CB53DD1EAFE
Certificate serial: 0331
Authority key identifier: E4:41:F2:CC:F2:E5:D3:EB:16:37:EE:F8:EE:80:3C:B5:3D:D1:EA:FE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5EHyzPLl0-sWN-747oA8tT3R6v4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/zmIhxBvHBy4qpsk44i5pRdXQDWQ.roa
Signing time: Wed 03 Nov 2021 06:14:36 +0000
ROA not before: Wed 03 Nov 2021 06:14:36 +0000
ROA not after: Fri 27 May 2022 04:59:52 +0000
asID: 63641
IP address blocks: 123.49.242.0/24 maxlen: 24
123.49.245.0/24 maxlen: 24
123.49.246.0/24 maxlen: 24
123.49.247.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 817 (0x331)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E441F2CCF2E5D3EB1637EEF8EE803CB53DD1EAFE
Validity
Not Before: Nov 3 06:14:36 2021 GMT
Not After : May 27 04:59:52 2022 GMT
Subject: CN=CE6221C41BC7072E2AA6C938E22E6945D5D00D64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:66:00:bb:46:98:e1:9c:c9:41:d5:e2:25:d2:
0b:04:82:17:43:bf:b4:6c:4b:ee:20:aa:bf:78:77:
3d:4d:17:d8:47:3b:d2:17:24:4c:c2:db:0b:6b:d0:
e9:fd:65:bc:a9:b9:32:2a:8f:18:7b:93:08:98:6f:
c1:5d:3c:8f:57:71:b9:09:d3:57:c3:cc:b1:df:ff:
fb:b9:07:de:87:56:0e:36:61:72:3c:25:a0:d7:38:
74:4c:c8:44:ec:91:70:38:3e:bb:e5:0e:1d:88:bd:
b2:5e:d6:79:64:e8:c6:ff:c9:01:23:61:1c:c8:95:
52:d7:8f:5d:90:89:76:c2:a3:c9:b2:5d:f2:40:9c:
9e:9c:82:f0:98:73:27:cf:d9:9a:fa:8b:ce:26:29:
82:44:0c:dd:44:fe:08:a8:31:ca:57:9d:f5:0c:ec:
78:57:40:66:07:1f:ca:00:de:9e:02:56:d1:b0:f4:
d9:4a:4f:db:3b:8b:54:5c:9d:b7:c9:d7:3a:33:e0:
a7:08:f6:95:3a:29:35:26:88:64:b2:20:19:24:d5:
81:51:f5:be:f9:78:a2:1e:c6:1f:e7:cb:92:7c:b8:
c4:61:a4:37:43:aa:ce:03:13:45:23:40:f2:7c:cf:
f2:42:d4:c5:bb:ca:08:70:4d:60:ba:84:19:83:2e:
71:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:62:21:C4:1B:C7:07:2E:2A:A6:C9:38:E2:2E:69:45:D5:D0:0D:64
X509v3 Authority Key Identifier:
keyid:E4:41:F2:CC:F2:E5:D3:EB:16:37:EE:F8:EE:80:3C:B5:3D:D1:EA:FE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/5EHyzPLl0-sWN-747oA8tT3R6v4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5EHyzPLl0-sWN-747oA8tT3R6v4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/zmIhxBvHBy4qpsk44i5pRdXQDWQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.49.242.0/24
123.49.245.0-123.49.247.255
Signature Algorithm: sha256WithRSAEncryption
c1:b9:de:65:4f:eb:ed:cd:65:21:7f:ab:32:66:9b:51:f6:dc:
21:0f:f9:99:7a:5c:75:35:39:dd:a6:a1:a9:e5:88:c6:1d:74:
8f:a2:30:c3:bc:97:44:e7:79:dc:57:d0:25:80:eb:d2:c8:22:
0c:11:5a:27:f9:37:12:ca:c0:44:59:81:3b:77:e6:2f:da:54:
52:2a:1f:b0:7a:44:28:a9:7a:58:bf:62:2c:3e:4f:d0:0e:c5:
63:5a:b5:2f:21:02:8b:01:f3:e8:0f:69:d5:d2:81:55:f2:c5:
fb:23:2c:06:ed:a4:72:79:24:0a:9f:89:3a:a9:8b:0a:b4:07:
3f:ab:4c:30:45:4f:6a:cd:ea:82:c0:8b:07:9f:a7:70:a0:90:
53:78:75:07:1b:2c:f6:2a:37:ce:b9:f7:15:6f:57:b6:c7:07:
fe:fc:4f:31:47:b2:b5:75:e6:ad:ee:d9:64:6a:b4:3e:e8:8e:
88:2f:27:64:e7:7d:8d:01:c9:bb:c7:8d:26:7b:35:18:5a:8d:
7e:55:dd:c2:41:c1:c8:55:b2:ef:a1:90:31:76:f2:52:b8:9b:
0f:af:34:bc:a7:e3:fe:fd:34:7f:3f:16:3b:c5:9b:22:5d:f6:
86:9c:48:e4:70:ef:e6:39:23:d1:23:ef:03:6e:f2:29:9f:4c:
b0:97:ad:4d
-----BEGIN CERTIFICATE-----
MIIE5TCCA82gAwIBAgICAzEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTQ0
MUYyQ0NGMkU1RDNFQjE2MzdFRUY4RUU4MDNDQjUzREQxRUFGRTAeFw0yMTExMDMw
NjE0MzZaFw0yMjA1MjcwNDU5NTJaMDMxMTAvBgNVBAMTKENFNjIyMUM0MUJDNzA3
MkUyQUE2QzkzOEUyMkU2OTQ1RDVEMDBENjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcZgC7RpjhnMlB1eIl0gsEghdDv7RsS+4gqr94dz1NF9hHO9IX
JEzC2wtr0On9ZbypuTIqjxh7kwiYb8FdPI9XcbkJ01fDzLHf//u5B96HVg42YXI8
JaDXOHRMyETskXA4PrvlDh2IvbJe1nlk6Mb/yQEjYRzIlVLXj12QiXbCo8myXfJA
nJ6cgvCYcyfP2Zr6i84mKYJEDN1E/gioMcpXnfUM7HhXQGYHH8oA3p4CVtGw9NlK
T9s7i1RcnbfJ1zoz4KcI9pU6KTUmiGSyIBkk1YFR9b75eKIexh/ny5J8uMRhpDdD
qs4DE0UjQPJ8z/JC1MW7yghwTWC6hBmDLnF/AgMBAAGjggIBMIIB/TAdBgNVHQ4E
FgQUzmIhxBvHBy4qpsk44i5pRdXQDWQwHwYDVR0jBBgwFoAU5EHyzPLl0+sWN+74
7oA8tT3R6v4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjEy
Mi81RUh5elBMbDAtc1dOLTc0N29BOHRUM1I2djQuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzVFSHl6UExsMC1zV04tNzQ3b0E4dFQzUjZ2NC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIxMjIvem1JaHhCdkhCeTRx
cHNrNDRpNXBSZFhRRFdRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAtBggrBgEFBQcBBwEB/wQeMBwwGgQCAAEw
FAMEAHsx8jAMAwQAezH1AwQDezHwMA0GCSqGSIb3DQEBCwUAA4IBAQDBud5lT+vt
zWUhf6syZptR9twhD/mZelx1NTndpqGp5YjGHXSPojDDvJdE53ncV9AlgOvSyCIM
EVon+TcSysBEWYE7d+Yv2lRSKh+wekQoqXpYv2IsPk/QDsVjWrUvIQKLAfPoD2nV
0oFV8sX7IywG7aRyeSQKn4k6qYsKtAc/q0wwRU9qzeqCwIsHn6dwoJBTeHUHGyz2
KjfOufcVb1e2xwf+/E8xR7K1deat7tlkarQ+6I6ILydk532NAcm7x40mezUYWo1+
Vd3CQcHIVbLvoZAxdvJSuJsPrzS8p+P+/TR/PxY7xZsiXfaGnEjkcO/mOSPRI+8D
bvIpn0ywl61N
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:58 2024 by rpki-client on console-fra.rpki-client.org