Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/L8Y0vOGAihdL58GqWiIr1_TW7dQ.roa
File: L8Y0vOGAihdL58GqWiIr1_TW7dQ.roa (raw, json)
Hash identifier: NuReFDDzY3wiHu626MIRNy15qYdUMIHTt2WgR/slCsM=
Subject key identifier: 2F:C6:34:BC:E1:80:8A:17:4B:E7:C1:AA:5A:22:2B:D7:F4:D6:ED:D4
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0299
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/L8Y0vOGAihdL58GqWiIr1_TW7dQ.roa
Signing time: Sat 03 Jun 2023 09:42:07 +0000
ROA not before: Sat 03 Jun 2023 09:42:07 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 35913
IP address blocks: 123.98.68.0/22 maxlen: 24
123.98.96.0/22 maxlen: 24
123.98.108.0/22 maxlen: 24
123.98.120.0/22 maxlen: 24
210.79.104.0/22 maxlen: 24
210.79.124.0/22 maxlen: 24
211.149.36.0/22 maxlen: 24
211.149.44.0/22 maxlen: 24
211.149.56.0/22 maxlen: 24
211.149.72.0/22 maxlen: 24
211.149.84.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 665 (0x299)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Jun 3 09:42:07 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=2FC634BCE1808A174BE7C1AA5A222BD7F4D6EDD4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:23:d1:55:7b:98:8a:d2:74:14:4c:f9:c4:d6:
f2:5e:dc:2b:9a:55:06:70:04:09:89:45:07:42:35:
d5:8a:0c:c2:9f:b9:66:a4:8a:e2:58:b2:29:a7:db:
65:a6:0d:bc:91:c2:4b:70:0f:fd:cd:fb:4b:65:8e:
2a:f2:0b:8c:cf:59:6d:45:bc:19:07:13:5e:fd:24:
e4:53:02:2f:bd:52:14:65:3b:20:84:fd:97:18:22:
a2:b2:48:b6:5a:82:ca:d1:a1:1a:e1:4c:04:f6:40:
7b:cd:41:8c:a5:0d:6d:ce:25:2d:64:3c:e9:d1:63:
2a:66:2c:d3:36:07:21:87:54:68:83:66:2a:46:7f:
9f:5e:1d:e9:7a:cd:b7:61:1e:7a:29:80:a1:d2:38:
fb:70:ba:ef:86:b1:f0:93:7f:dc:66:5e:9d:f5:09:
0a:cd:c2:0e:68:84:37:ab:ce:5a:da:ed:b8:9c:f1:
f1:e9:db:f4:47:96:ce:86:79:20:18:fc:84:b1:1b:
e3:8d:1d:36:57:23:ca:99:b4:c8:87:be:f4:16:27:
ca:df:16:3e:e5:2b:96:f9:85:b6:42:74:f3:e4:11:
2e:06:9b:8e:e7:63:d6:18:8f:dc:a7:13:f0:b4:f7:
b4:07:b9:f1:21:7a:4a:e7:aa:f8:3b:36:60:db:bd:
b7:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:C6:34:BC:E1:80:8A:17:4B:E7:C1:AA:5A:22:2B:D7:F4:D6:ED:D4
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/L8Y0vOGAihdL58GqWiIr1_TW7dQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.68.0/22
123.98.96.0/22
123.98.108.0/22
123.98.120.0/22
210.79.104.0/22
210.79.124.0/22
211.149.36.0/22
211.149.44.0/22
211.149.56.0/22
211.149.72.0/22
211.149.84.0/22
Signature Algorithm: sha256WithRSAEncryption
b1:16:d7:2b:38:96:dd:1d:32:5e:e3:cb:4f:6e:96:54:38:9b:
0a:e5:a5:f0:92:ae:99:5a:95:f3:a7:38:c7:f3:3f:c3:ee:ff:
0e:ec:45:24:06:e7:df:04:e9:d4:64:e6:7a:66:8e:3e:56:4a:
e9:68:87:11:57:95:d7:55:5a:49:85:e2:6c:5e:a9:4b:48:c3:
d9:c6:47:17:be:32:fc:47:a1:fe:0c:5f:60:63:9f:17:b2:08:
0e:93:5b:97:05:25:13:11:a4:79:22:1b:08:22:33:36:0e:42:
1b:78:0e:64:c7:0a:5e:85:e1:15:58:2f:71:a0:58:39:16:a7:
18:95:98:be:11:36:9a:18:ae:5a:e4:e2:ce:fe:62:7a:7e:e7:
a5:d1:7c:e4:4b:a6:1f:db:de:22:91:4a:ce:fa:8f:2f:d0:74:
a9:00:5a:7c:39:23:5a:04:2c:43:b0:e7:43:b3:51:92:61:19:
86:2b:b2:45:e5:85:9e:80:95:29:eb:99:32:06:37:ae:94:75:
04:b0:01:a0:98:b6:45:57:ab:89:2c:7d:8d:73:5c:7c:b7:8a:
7f:17:d7:b3:99:6a:a4:e4:33:ad:5a:02:31:85:a7:3c:59:3c:
d3:78:a8:af:d8:3c:57:b0:56:e8:84:7b:c9:72:31:2b:7a:33:
c9:48:d1:ca
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgICApkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yMzA2MDMw
OTQyMDdaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDJGQzYzNEJDRTE4MDhB
MTc0QkU3QzFBQTVBMjIyQkQ3RjRENkVERDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNI9FVe5iK0nQUTPnE1vJe3CuaVQZwBAmJRQdCNdWKDMKfuWak
iuJYsimn22WmDbyRwktwD/3N+0tljiryC4zPWW1FvBkHE179JORTAi+9UhRlOyCE
/ZcYIqKySLZagsrRoRrhTAT2QHvNQYylDW3OJS1kPOnRYypmLNM2ByGHVGiDZipG
f59eHel6zbdhHnopgKHSOPtwuu+GsfCTf9xmXp31CQrNwg5ohDerzlra7bic8fHp
2/RHls6GeSAY/ISxG+ONHTZXI8qZtMiHvvQWJ8rfFj7lK5b5hbZCdPPkES4Gm47n
Y9YYj9ynE/C097QHufEhekrnqvg7NmDbvberAgMBAAGjggItMIICKTAdBgNVHQ4E
FgQUL8Y0vOGAihdL58GqWiIr1/TW7dQwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL0w4WTB2T0dBaWhkTDU4
R3FXaUlyMV9UVzdkUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwWwYIKwYBBQUHAQcBAf8ETDBKMEgEAgABMEID
BAJ7YkQDBAJ7YmADBAJ7YmwDBAJ7YngDBALST2gDBALST3wDBALTlSQDBALTlSwD
BALTlTgDBALTlUgDBALTlVQwDQYJKoZIhvcNAQELBQADggEBALEW1ys4lt0dMl7j
y09ullQ4mwrlpfCSrplalfOnOMfzP8Pu/w7sRSQG598E6dRk5npmjj5WSulohxFX
lddVWkmF4mxeqUtIw9nGRxe+MvxHof4MX2BjnxeyCA6TW5cFJRMRpHkiGwgiMzYO
Qht4DmTHCl6F4RVYL3GgWDkWpxiVmL4RNpoYrlrk4s7+Ynp+56XRfORLph/b3iKR
Ss76jy/QdKkAWnw5I1oELEOw50OzUZJhGYYrskXlhZ6AlSnrmTIGN66UdQSwAaCY
tkVXq4ksfY1zXHy3in8X17OZaqTkM61aAjGFpzxZPNN4qK/YPFewVuiEe8lyMSt6
M8lI0co=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:21 2023 by rpki-client on console-fra.rpki-client.org