Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/JC-hJ6TpiV5tupRbWNiPs1e1fJY.roa
File: JC-hJ6TpiV5tupRbWNiPs1e1fJY.roa (raw, json)
Hash identifier: GKv9NWw55d4tbPDjPP4OpwPJaB+/TvVgGoArlbqiFhQ=
Subject key identifier: 24:2F:A1:27:A4:E9:89:5E:6D:BA:94:5B:58:D8:8F:B3:57:B5:7C:96
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 01BA
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/JC-hJ6TpiV5tupRbWNiPs1e1fJY.roa
Signing time: Sat 06 May 2023 02:55:21 +0000
ROA not before: Sat 06 May 2023 02:55:21 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 35913
IP address blocks: 123.98.64.0/22 maxlen: 24
123.98.72.0/22 maxlen: 24
123.98.80.0/22 maxlen: 24
123.98.100.0/22 maxlen: 24
210.79.68.0/22 maxlen: 24
210.79.76.0/22 maxlen: 24
210.79.100.0/22 maxlen: 24
210.79.104.0/22 maxlen: 24
210.79.112.0/22 maxlen: 24
210.79.124.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 442 (0x1ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: May 6 02:55:21 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=242FA127A4E9895E6DBA945B58D88FB357B57C96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:64:08:a3:e2:6f:94:40:61:90:04:bd:e3:3a:
8f:f6:ff:c6:9c:f3:0e:cb:cc:f6:01:2e:df:d5:e7:
d8:c1:e7:dc:76:88:0a:d0:cb:dd:f9:0c:09:14:95:
fd:a3:13:ee:15:ca:35:8f:81:82:2a:fc:a4:92:73:
0e:c7:ca:1d:7b:b0:86:b7:45:67:ab:07:88:91:c3:
14:70:7f:0b:63:fc:a4:c6:e0:2c:75:10:91:9d:b3:
c7:17:de:64:20:b7:08:81:6d:28:3a:57:27:d0:2f:
81:7e:c5:3f:82:cb:c5:c5:29:c6:e2:84:51:e7:fc:
79:57:bf:a2:6b:e6:6a:0d:cf:09:95:45:f7:ad:09:
9b:33:7f:d9:e1:41:1a:a6:67:46:37:9e:cf:f6:0f:
21:36:7e:0a:fa:47:27:c1:02:b7:e9:a5:40:e2:cd:
a1:3f:e7:e3:c1:2c:ee:fe:71:59:66:41:38:27:c9:
38:69:c5:c8:3d:2b:93:1d:2b:f7:f9:75:7d:4b:25:
d5:d0:00:3f:a3:2d:02:f2:63:03:50:84:a4:a3:37:
68:20:ae:56:c9:bf:17:2a:8a:9f:f7:62:79:3b:38:
06:eb:16:3a:ea:83:8d:33:20:03:27:95:8c:f3:3f:
c6:63:bb:cc:bf:52:55:e3:f0:65:5a:0a:67:bf:fb:
b0:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:2F:A1:27:A4:E9:89:5E:6D:BA:94:5B:58:D8:8F:B3:57:B5:7C:96
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/JC-hJ6TpiV5tupRbWNiPs1e1fJY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.64.0/22
123.98.72.0/22
123.98.80.0/22
123.98.100.0/22
210.79.68.0/22
210.79.76.0/22
210.79.100.0-210.79.107.255
210.79.112.0/22
210.79.124.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:47:44:30:d8:64:35:6f:f4:5f:a4:9f:37:45:de:59:bf:59:
a0:d9:c7:bc:57:ee:ad:d4:7c:0a:21:71:72:df:cb:1e:28:5b:
c6:00:a5:22:a7:e4:39:fc:8d:47:a0:13:b2:ef:fc:8f:35:d0:
42:3d:04:1b:43:70:b3:b4:71:c7:09:1f:61:97:10:77:2c:e2:
17:78:9d:5d:66:a0:d6:f2:57:fb:7a:8e:97:83:25:58:f5:54:
77:a0:dd:19:36:4e:e3:b7:e9:7f:69:f8:74:3e:01:a3:66:46:
d7:44:73:49:0c:18:34:f4:43:a0:c7:e1:f4:8c:36:e9:bc:ab:
9a:8a:d1:03:5d:52:a6:42:19:b8:76:36:77:98:92:a1:2d:a3:
b1:15:31:ab:a6:53:6c:d0:e9:4c:12:79:24:dc:00:69:5b:2f:
17:bc:16:0d:e6:25:1a:7f:a9:d7:68:62:1b:37:70:02:eb:10:
f0:2e:58:85:3f:e3:24:81:92:d9:43:f6:ea:3a:05:c7:41:50:
81:5b:b6:a6:02:fd:cf:d0:19:ab:38:93:22:8e:bc:eb:aa:77:
d6:dc:3d:f5:03:f6:1a:ad:fe:2a:10:d1:0a:e4:2c:38:2b:9e:
8d:0e:85:bc:aa:46:d2:73:59:e2:13:4e:9f:2c:56:c0:75:43:
c3:af:1e:5e
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgICAbowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yMzA1MDYw
MjU1MjFaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDI0MkZBMTI3QTRFOTg5
NUU2REJBOTQ1QjU4RDg4RkIzNTdCNTdDOTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDZAij4m+UQGGQBL3jOo/2/8ac8w7LzPYBLt/V59jB59x2iArQ
y935DAkUlf2jE+4VyjWPgYIq/KSScw7Hyh17sIa3RWerB4iRwxRwfwtj/KTG4Cx1
EJGds8cX3mQgtwiBbSg6VyfQL4F+xT+Cy8XFKcbihFHn/HlXv6Jr5moNzwmVRfet
CZszf9nhQRqmZ0Y3ns/2DyE2fgr6RyfBArfppUDizaE/5+PBLO7+cVlmQTgnyThp
xcg9K5MdK/f5dX1LJdXQAD+jLQLyYwNQhKSjN2ggrlbJvxcqip/3Ynk7OAbrFjrq
g40zIAMnlYzzP8Zju8y/UlXj8GVaCme/+7BvAgMBAAGjggIpMIICJTAdBgNVHQ4E
FgQUJC+hJ6TpiV5tupRbWNiPs1e1fJYwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL0pDLWhKNlRwaVY1dHVw
UmJXTmlQczFlMWZKWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwVwYIKwYBBQUHAQcBAf8ESDBGMEQEAgABMD4D
BAJ7YkADBAJ7YkgDBAJ7YlADBAJ7YmQDBALST0QDBALST0wwDAMEAtJPZAMEAtJP
aAMEAtJPcAMEAtJPfDANBgkqhkiG9w0BAQsFAAOCAQEApUdEMNhkNW/0X6SfN0Xe
Wb9ZoNnHvFfurdR8CiFxct/LHihbxgClIqfkOfyNR6ATsu/8jzXQQj0EG0Nws7Rx
xwkfYZcQdyziF3idXWag1vJX+3qOl4MlWPVUd6DdGTZO47fpf2n4dD4Bo2ZG10Rz
SQwYNPRDoMfh9Iw26byrmorRA11SpkIZuHY2d5iSoS2jsRUxq6ZTbNDpTBJ5JNwA
aVsvF7wWDeYlGn+p12hiGzdwAusQ8C5YhT/jJIGS2UP26joFx0FQgVu2pgL9z9AZ
qziTIo6866p31tw99QP2Gq3+KhDRCuQsOCuejQ6FvKpG0nNZ4hNOnyxWwHVDw68e
Xg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:17 2023 by rpki-client on console-ams.rpki-client.org