Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/4laJXAtzYQ-6JeNGx_nvM5BFFvs.roa
File: 4laJXAtzYQ-6JeNGx_nvM5BFFvs.roa (raw, json)
Hash identifier: Nj2TirZn3cDynLS/u/j/lMng0L9UvdEpIWeQp8UEU3s=
Subject key identifier: E2:56:89:5C:0B:73:61:0F:BA:25:E3:46:C7:F9:EF:33:90:45:16:FB
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 02FE
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/4laJXAtzYQ-6JeNGx_nvM5BFFvs.roa
Signing time: Wed 21 Jun 2023 12:22:13 +0000
ROA not before: Wed 21 Jun 2023 12:22:13 +0000
ROA not after: Fri 07 Jun 2024 02:16:11 +0000
asID: 34549
IP address blocks: 123.98.64.0/22 maxlen: 24
123.98.72.0/22 maxlen: 24
123.98.80.0/22 maxlen: 24
123.98.100.0/22 maxlen: 24
211.149.32.0/22 maxlen: 24
211.149.40.0/22 maxlen: 24
211.149.48.0/22 maxlen: 24
211.149.52.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 766 (0x2fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Jun 21 12:22:13 2023 GMT
Not After : Jun 7 02:16:11 2024 GMT
Subject: CN=E256895C0B73610FBA25E346C7F9EF33904516FB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:52:fe:57:da:50:5b:82:08:b7:77:7b:a7:53:
1a:b6:9c:fb:7c:ac:89:5a:65:75:f2:36:72:b5:d3:
74:f1:1a:96:93:9d:33:16:29:17:b1:e4:ba:e4:af:
07:74:26:3e:77:20:bb:26:ba:7c:fa:99:d9:49:d9:
ee:c7:07:1d:38:96:8a:1e:3b:c7:21:97:20:3c:8c:
41:59:0b:8d:5a:44:d6:61:5a:be:d6:7b:dd:49:cc:
c7:28:3c:bf:ab:93:61:17:31:89:03:79:1e:ef:10:
02:9f:c0:c4:9c:29:29:ad:d2:ad:d8:07:c4:df:b6:
4b:c3:0f:a2:1d:40:f3:78:06:a7:7b:65:48:93:b4:
7d:7f:5b:7a:51:c1:ff:bf:4c:99:90:db:e2:f7:bd:
e6:f3:d0:9d:2a:92:1c:2c:24:47:a0:e9:78:8f:99:
b9:a7:a7:ac:23:6c:97:ff:d8:b0:44:c9:ea:1f:9c:
04:2a:b7:98:e0:76:71:26:46:9c:64:8e:22:9d:e2:
77:b8:6e:fd:4c:3a:e5:5a:b3:4a:f3:36:16:0c:f4:
5b:cd:ee:3a:99:63:2f:32:f0:08:31:3b:6d:84:52:
42:33:bf:5b:9d:de:0b:21:c9:b4:99:bf:78:b0:b1:
ac:4f:b4:f8:d9:42:f9:ed:d1:08:ff:d5:6a:4d:d3:
ed:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:56:89:5C:0B:73:61:0F:BA:25:E3:46:C7:F9:EF:33:90:45:16:FB
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/4laJXAtzYQ-6JeNGx_nvM5BFFvs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.64.0/22
123.98.72.0/22
123.98.80.0/22
123.98.100.0/22
211.149.32.0/22
211.149.40.0/22
211.149.48.0/21
Signature Algorithm: sha256WithRSAEncryption
20:bf:1e:fa:6d:1c:53:ee:d3:01:5c:bb:cd:b3:dd:e1:c8:7c:
21:71:98:a5:25:6b:0a:2b:11:2b:33:fa:8d:f8:7d:c0:4f:89:
b8:6d:5c:1c:a0:d6:53:16:d1:aa:6e:97:a2:18:81:91:7b:b4:
9d:18:27:97:88:54:20:28:da:ac:60:a4:12:c0:e3:4e:06:82:
29:ac:3c:f3:94:33:78:ec:21:70:51:99:68:a9:ec:9f:c7:5b:
eb:89:a6:b7:6b:f7:38:95:2f:a5:b2:ef:c8:aa:fb:c3:fb:ab:
91:58:f4:fd:67:f1:d6:74:64:4e:d6:ce:69:4b:46:84:47:39:
4b:31:72:fe:93:d1:2a:32:84:ea:84:a4:96:ae:8f:2e:8f:72:
42:e2:17:bf:8f:62:a5:f5:62:a5:fb:f3:ef:6c:72:8c:b5:dd:
4f:38:6d:50:0b:5c:14:4b:0f:6c:ce:6f:cf:98:b2:09:99:0b:
55:70:ec:05:a0:b9:cc:97:ad:5d:f8:97:35:5e:c1:ae:64:b0:
3b:45:54:c7:a6:9c:5d:5f:aa:0f:1b:bf:93:55:72:bc:f7:a2:
cf:0b:ea:d5:c9:38:1d:ba:b5:25:ab:49:d4:27:cc:66:9a:b4:
50:32:fb:27:58:c4:02:e4:23:5c:d6:f1:8a:4c:79:06:b8:98:
2a:c5:2b:17
-----BEGIN CERTIFICATE-----
MIIE+TCCA+GgAwIBAgICAv4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yMzA2MjEx
MjIyMTNaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKEUyNTY4OTVDMEI3MzYx
MEZCQTI1RTM0NkM3RjlFRjMzOTA0NTE2RkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3Uv5X2lBbggi3d3unUxq2nPt8rIlaZXXyNnK103TxGpaTnTMW
KRex5Lrkrwd0Jj53ILsmunz6mdlJ2e7HBx04looeO8chlyA8jEFZC41aRNZhWr7W
e91JzMcoPL+rk2EXMYkDeR7vEAKfwMScKSmt0q3YB8TftkvDD6IdQPN4Bqd7ZUiT
tH1/W3pRwf+/TJmQ2+L3vebz0J0qkhwsJEeg6XiPmbmnp6wjbJf/2LBEyeofnAQq
t5jgdnEmRpxkjiKd4ne4bv1MOuVas0rzNhYM9FvN7jqZYy8y8AgxO22EUkIzv1ud
3gshybSZv3iwsaxPtPjZQvnt0Qj/1WpN0+15AgMBAAGjggIVMIICETAdBgNVHQ4E
FgQU4laJXAtzYQ+6JeNGx/nvM5BFFvswHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzLzRsYUpYQXR6WVEtNkpl
Tkd4X252TTVCRkZ2cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwQwYIKwYBBQUHAQcBAf8ENDAyMDAEAgABMCoD
BAJ7YkADBAJ7YkgDBAJ7YlADBAJ7YmQDBALTlSADBALTlSgDBAPTlTAwDQYJKoZI
hvcNAQELBQADggEBACC/HvptHFPu0wFcu82z3eHIfCFxmKUlaworESsz+o34fcBP
ibhtXByg1lMW0apul6IYgZF7tJ0YJ5eIVCAo2qxgpBLA404GgimsPPOUM3jsIXBR
mWip7J/HW+uJprdr9ziVL6Wy78iq+8P7q5FY9P1n8dZ0ZE7WzmlLRoRHOUsxcv6T
0SoyhOqEpJaujy6PckLiF7+PYqX1YqX78+9scoy13U84bVALXBRLD2zOb8+YsgmZ
C1Vw7AWgucyXrV34lzVewa5ksDtFVMemnF1fqg8bv5NVcrz3os8L6tXJOB26tSWr
SdQnzGaatFAy+ydYxALkI1zW8YpMeQa4mCrFKxc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:17 2023 by rpki-client on console-ams.rpki-client.org