Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/UEtT7JxTiRLa2x9y4duIND8WKpc.roa
File: UEtT7JxTiRLa2x9y4duIND8WKpc.roa (raw, json)
Hash identifier: ei7S8WT4lR+kqDrb9pxmANq+uyDyMUmUWx2dphc2zDc=
Subject key identifier: 50:4B:53:EC:9C:53:89:12:DA:DB:1F:72:E1:DB:88:34:3F:16:2A:97
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0159
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/UEtT7JxTiRLa2x9y4duIND8WKpc.roa
Signing time: Thu 20 Apr 2023 04:14:02 +0000
ROA not before: Thu 20 Apr 2023 04:14:02 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 35913
IP address blocks: 123.98.64.0/22 maxlen: 24
123.98.72.0/22 maxlen: 24
123.98.80.0/22 maxlen: 24
123.98.100.0/22 maxlen: 24
210.79.68.0/22 maxlen: 24
210.79.72.0/22 maxlen: 24
210.79.76.0/22 maxlen: 24
210.79.84.0/22 maxlen: 24
210.79.88.0/22 maxlen: 24
210.79.92.0/22 maxlen: 24
210.79.100.0/22 maxlen: 24
210.79.104.0/22 maxlen: 24
210.79.112.0/22 maxlen: 24
210.79.116.0/22 maxlen: 24
210.79.124.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 345 (0x159)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Apr 20 04:14:02 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=504B53EC9C538912DADB1F72E1DB88343F162A97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e3:08:42:7f:ad:3b:96:c9:21:5e:96:4a:24:
88:8d:58:47:38:19:a4:87:48:a0:32:f3:23:ef:be:
f4:ea:bd:d3:64:df:17:e6:7a:92:ee:d8:01:ca:dc:
09:91:9e:18:5a:d5:9f:88:5c:d7:6b:04:22:d1:fe:
1b:45:ce:b0:a7:88:cf:b2:6e:37:a8:dc:24:3c:f7:
40:d8:15:2a:48:f7:3c:17:b7:55:78:ac:d8:0c:68:
98:c9:0b:2d:2d:16:55:b2:8c:29:20:06:00:12:a5:
ec:33:dd:77:89:dc:b7:c0:6c:9d:7d:59:b8:bd:79:
ca:dc:24:30:f1:f9:29:1c:ec:ff:92:5c:e9:5a:ae:
e8:bd:c0:2f:b5:55:25:3c:ea:c1:8c:bf:91:d8:92:
19:35:dc:7a:ae:48:ea:74:33:b7:fa:13:4f:2d:1e:
8e:fe:2d:db:17:4b:c9:f1:30:b6:9f:8b:fb:ec:09:
da:67:fe:09:80:bc:17:fa:e8:5f:21:41:0e:1c:d9:
3f:a6:29:05:20:ce:94:a6:39:ba:d3:1e:dc:23:a2:
11:6e:12:4a:57:fe:ac:aa:7a:2f:a4:bf:81:d9:c8:
0b:e9:0c:37:8a:ab:d0:5e:cd:b2:43:32:34:75:54:
8b:87:6f:d2:a5:87:bd:e3:b7:7e:40:4a:78:be:67:
05:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:4B:53:EC:9C:53:89:12:DA:DB:1F:72:E1:DB:88:34:3F:16:2A:97
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/UEtT7JxTiRLa2x9y4duIND8WKpc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.64.0/22
123.98.72.0/22
123.98.80.0/22
123.98.100.0/22
210.79.68.0-210.79.79.255
210.79.84.0-210.79.95.255
210.79.100.0-210.79.107.255
210.79.112.0/21
210.79.124.0/22
Signature Algorithm: sha256WithRSAEncryption
ba:13:cf:68:23:b6:c5:e3:57:82:91:51:13:bd:c7:13:7f:39:
89:25:ec:fb:08:8e:f3:a1:ea:5b:60:fa:23:72:27:64:92:41:
54:05:37:dd:3d:3a:99:31:4d:38:41:11:1f:2c:2d:da:c5:94:
3b:bf:b6:5c:81:11:05:15:69:ee:73:fe:2e:e5:a5:4d:15:85:
54:17:01:4c:dd:87:a5:63:35:91:8f:97:89:6f:bf:07:ed:62:
f9:cf:81:0d:ef:38:14:3e:aa:79:0b:27:b1:72:d0:5b:4c:88:
4a:20:a1:a2:37:9a:8d:57:c4:97:3a:a3:a3:32:55:44:d6:f9:
81:da:7c:f8:d8:63:9c:06:e5:29:a7:f7:b2:51:f4:c2:52:54:
b9:7a:25:c8:c8:6a:86:d2:a9:39:ba:9f:c6:14:bf:98:6a:25:
93:06:29:97:0b:58:10:d3:04:96:b9:00:1c:0b:e6:1a:14:5b:
7f:4c:b5:5c:4e:70:5c:91:57:30:36:62:5d:05:d1:62:3b:4f:
bf:b4:22:09:f4:5b:b8:e2:c5:71:c1:eb:17:eb:f8:65:b3:b9:
49:2b:6e:e4:fa:0a:a4:df:9a:ef:ba:41:37:2e:d2:89:47:4e:
60:4c:95:7e:4f:c4:f1:0c:33:2e:7e:72:a9:29:af:1e:c9:7c:
1a:06:bf:1c
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgICAVkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yMzA0MjAw
NDE0MDJaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDUwNEI1M0VDOUM1Mzg5
MTJEQURCMUY3MkUxREI4ODM0M0YxNjJBOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDA4whCf607lskhXpZKJIiNWEc4GaSHSKAy8yPvvvTqvdNk3xfm
epLu2AHK3AmRnhha1Z+IXNdrBCLR/htFzrCniM+ybjeo3CQ890DYFSpI9zwXt1V4
rNgMaJjJCy0tFlWyjCkgBgASpewz3XeJ3LfAbJ19Wbi9ecrcJDDx+Skc7P+SXOla
rui9wC+1VSU86sGMv5HYkhk13HquSOp0M7f6E08tHo7+LdsXS8nxMLafi/vsCdpn
/gmAvBf66F8hQQ4c2T+mKQUgzpSmObrTHtwjohFuEkpX/qyqei+kv4HZyAvpDDeK
q9BezbJDMjR1VIuHb9Klh73jt35ASni+ZwXtAgMBAAGjggI5MIICNTAdBgNVHQ4E
FgQUUEtT7JxTiRLa2x9y4duIND8WKpcwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL1VFdFQ3SnhUaVJMYTJ4
OXk0ZHVJTkQ4V0twYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwZwYIKwYBBQUHAQcBAf8EWDBWMFQEAgABME4D
BAJ7YkADBAJ7YkgDBAJ7YlADBAJ7YmQwDAMEAtJPRAMEBNJPQDAMAwQC0k9UAwQF
0k9AMAwDBALST2QDBALST2gDBAPST3ADBALST3wwDQYJKoZIhvcNAQELBQADggEB
ALoTz2gjtsXjV4KRURO9xxN/OYkl7PsIjvOh6ltg+iNyJ2SSQVQFN909OpkxTThB
ER8sLdrFlDu/tlyBEQUVae5z/i7lpU0VhVQXAUzdh6VjNZGPl4lvvwftYvnPgQ3v
OBQ+qnkLJ7Fy0FtMiEogoaI3mo1XxJc6o6MyVUTW+YHafPjYY5wG5Smn97JR9MJS
VLl6JcjIaobSqTm6n8YUv5hqJZMGKZcLWBDTBJa5ABwL5hoUW39MtVxOcFyRVzA2
Yl0F0WI7T7+0Ign0W7jixXHB6xfr+GWzuUkrbuT6CqTfmu+6QTcu0olHTmBMlX5P
xPEMMy5+cqkprx7JfBoGvxw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:18 2023 by rpki-client on console-ams.rpki-client.org