Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/SqO49G9J9DTeyj2pKSJGSAfjelE.roa
File: SqO49G9J9DTeyj2pKSJGSAfjelE.roa (raw, json)
Hash identifier: cVWnLsspiNsfvzcK1m65lgC8lKPpMDIHogDiL1O9yiY=
Subject key identifier: 4A:A3:B8:F4:6F:49:F4:34:DE:CA:3D:A9:29:22:46:48:07:E3:7A:51
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0144
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/SqO49G9J9DTeyj2pKSJGSAfjelE.roa
Signing time: Tue 18 Apr 2023 23:58:26 +0000
ROA not before: Tue 18 Apr 2023 23:58:26 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 35913
IP address blocks: 123.98.64.0/22 maxlen: 24
123.98.72.0/22 maxlen: 24
123.98.80.0/22 maxlen: 24
123.98.100.0/22 maxlen: 24
210.79.68.0/22 maxlen: 24
210.79.72.0/22 maxlen: 24
210.79.76.0/22 maxlen: 24
210.79.84.0/22 maxlen: 24
210.79.88.0/22 maxlen: 24
210.79.92.0/22 maxlen: 24
210.79.100.0/22 maxlen: 24
210.79.104.0/22 maxlen: 24
210.79.112.0/22 maxlen: 24
210.79.116.0/22 maxlen: 24
210.79.124.0/22 maxlen: 24
211.149.32.0/19 maxlen: 24
211.149.64.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 324 (0x144)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Apr 18 23:58:26 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=4AA3B8F46F49F434DECA3DA92922464807E37A51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:4f:4a:88:b9:a7:c2:b5:07:c7:ac:f5:67:76:
53:24:69:05:15:7a:7c:58:83:88:c6:52:66:42:ba:
8d:77:af:12:a4:8e:bc:ba:cd:20:44:7d:af:31:39:
66:31:c2:99:fa:b9:ac:c4:16:80:b3:65:04:ce:ee:
17:d7:b6:24:f6:9c:04:4f:d6:f7:87:f4:fa:95:6a:
dc:51:e0:3c:86:99:7a:2d:cb:f7:0b:14:fc:45:90:
d2:63:16:7f:03:bf:15:83:78:72:8f:8a:b2:97:e9:
2a:16:8d:61:7f:44:21:e0:85:0c:f8:2b:56:4d:e0:
27:52:f1:e0:32:05:3b:d7:c1:17:6c:30:ce:f5:2b:
49:38:5c:55:1d:f0:cf:6d:fe:84:b6:a5:bd:6e:b5:
03:f6:f0:19:c9:99:e1:28:33:c2:76:a9:37:f7:1f:
eb:4d:4e:32:fa:b7:df:13:b0:21:ec:cf:7b:e3:5f:
95:fd:e3:f4:d1:ee:2c:40:65:da:dd:0a:38:87:73:
68:77:70:57:dc:6e:be:e4:f7:21:67:ee:7d:c9:b8:
0a:f1:da:44:f9:d9:ea:8c:6b:7b:49:56:cb:b7:e9:
6c:b4:0a:e8:d5:dc:8a:dc:d8:16:02:cc:c1:6c:02:
f9:23:95:a9:93:89:52:d8:8a:85:f6:3a:44:4e:a5:
89:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:A3:B8:F4:6F:49:F4:34:DE:CA:3D:A9:29:22:46:48:07:E3:7A:51
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/SqO49G9J9DTeyj2pKSJGSAfjelE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.64.0/22
123.98.72.0/22
123.98.80.0/22
123.98.100.0/22
210.79.68.0-210.79.79.255
210.79.84.0-210.79.95.255
210.79.100.0-210.79.107.255
210.79.112.0/21
210.79.124.0/22
211.149.32.0-211.149.95.255
Signature Algorithm: sha256WithRSAEncryption
db:c1:28:42:16:6d:e7:42:27:6d:ec:4e:ea:32:cc:e3:c4:81:
97:86:9c:06:6a:b8:c0:92:57:9f:df:80:08:80:85:54:93:3d:
27:3f:ff:fa:0e:44:e7:45:79:15:c6:31:bd:65:f1:fb:85:24:
e9:7f:70:cf:f1:ad:79:54:84:04:fd:61:1f:62:f1:4e:68:fd:
8c:bf:43:9c:81:51:fb:70:ba:89:0c:26:82:d1:4a:f7:3f:b9:
b8:4e:fe:2f:d3:eb:32:ad:ad:9c:42:09:82:90:65:2f:66:0b:
c9:75:eb:6e:19:e3:da:ff:96:18:ea:8e:0b:65:7a:f0:12:1c:
8c:74:83:e7:76:80:e4:77:f1:96:bd:8e:c1:6c:13:38:0a:a2:
48:c7:cc:94:5e:dc:a5:3d:c9:32:43:4e:63:b2:e3:31:32:d7:
00:a3:0e:9e:29:a4:21:c9:66:bc:66:f1:64:fe:02:4b:ec:8e:
c3:cb:1d:0b:4e:0f:e9:ea:90:5e:24:7e:b2:96:0e:23:63:3e:
b4:95:e7:04:62:23:0e:3b:df:28:e3:ad:0a:32:67:fe:84:d1:
88:01:8a:2f:7a:77:f5:ed:e3:88:44:f5:07:df:15:76:6c:93:
34:2d:66:26:46:8f:4a:0b:51:2a:ae:3a:d0:d6:7c:60:67:91:
8f:b8:93:57
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgICAUQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yMzA0MTgy
MzU4MjZaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDRBQTNCOEY0NkY0OUY0
MzRERUNBM0RBOTI5MjI0NjQ4MDdFMzdBNTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWT0qIuafCtQfHrPVndlMkaQUVenxYg4jGUmZCuo13rxKkjry6
zSBEfa8xOWYxwpn6uazEFoCzZQTO7hfXtiT2nARP1veH9PqVatxR4DyGmXoty/cL
FPxFkNJjFn8DvxWDeHKPirKX6SoWjWF/RCHghQz4K1ZN4CdS8eAyBTvXwRdsMM71
K0k4XFUd8M9t/oS2pb1utQP28BnJmeEoM8J2qTf3H+tNTjL6t98TsCHsz3vjX5X9
4/TR7ixAZdrdCjiHc2h3cFfcbr7k9yFn7n3JuArx2kT52eqMa3tJVsu36Wy0CujV
3Irc2BYCzMFsAvkjlamTiVLYioX2OkROpYkVAgMBAAGjggJHMIICQzAdBgNVHQ4E
FgQUSqO49G9J9DTeyj2pKSJGSAfjelEwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL1NxTzQ5RzlKOURUZXlq
MnBLU0pHU0FmamVsRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwdQYIKwYBBQUHAQcBAf8EZjBkMGIEAgABMFwD
BAJ7YkADBAJ7YkgDBAJ7YlADBAJ7YmQwDAMEAtJPRAMEBNJPQDAMAwQC0k9UAwQF
0k9AMAwDBALST2QDBALST2gDBAPST3ADBALST3wwDAMEBdOVIAMEBdOVQDANBgkq
hkiG9w0BAQsFAAOCAQEA28EoQhZt50InbexO6jLM48SBl4acBmq4wJJXn9+ACICF
VJM9Jz//+g5E50V5FcYxvWXx+4Uk6X9wz/GteVSEBP1hH2LxTmj9jL9DnIFR+3C6
iQwmgtFK9z+5uE7+L9PrMq2tnEIJgpBlL2YLyXXrbhnj2v+WGOqOC2V68BIcjHSD
53aA5Hfxlr2OwWwTOAqiSMfMlF7cpT3JMkNOY7LjMTLXAKMOnimkIclmvGbxZP4C
S+yOw8sdC04P6eqQXiR+spYOI2M+tJXnBGIjDjvfKOOtCjJn/oTRiAGKL3p39e3j
iET1B98VdmyTNC1mJkaPSgtRKq460NZ8YGeRj7iTVw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:18 2023 by rpki-client on console-ams.rpki-client.org