Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/ZMktb5Jj_lIFROgiPx5TubexwJ8.roa
File: ZMktb5Jj_lIFROgiPx5TubexwJ8.roa (raw, json)
Hash identifier: A//BtT7whWIYbbJMoe7GUMiFGUI15dOXQXGkTBTxHZk=
Subject key identifier: 64:C9:2D:6F:92:63:FE:52:05:44:E8:22:3F:1E:53:B9:B7:B1:C0:9F
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0122
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/ZMktb5Jj_lIFROgiPx5TubexwJ8.roa
Signing time: Thu 13 Apr 2023 14:24:05 +0000
ROA not before: Thu 13 Apr 2023 14:24:05 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 35913
IP address blocks: 123.98.64.0/22 maxlen: 24
123.98.72.0/22 maxlen: 24
123.98.80.0/22 maxlen: 24
123.98.88.0/22 maxlen: 24
123.98.100.0/22 maxlen: 24
210.79.68.0/22 maxlen: 24
210.79.72.0/22 maxlen: 24
210.79.76.0/22 maxlen: 24
210.79.84.0/22 maxlen: 24
210.79.88.0/22 maxlen: 24
210.79.92.0/22 maxlen: 24
210.79.100.0/22 maxlen: 24
210.79.104.0/22 maxlen: 24
210.79.112.0/22 maxlen: 24
210.79.116.0/22 maxlen: 24
210.79.124.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 290 (0x122)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Apr 13 14:24:05 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=64C92D6F9263FE520544E8223F1E53B9B7B1C09F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:65:82:db:7f:59:12:55:5e:6e:60:e1:e4:d6:
c9:da:68:03:2f:3e:7c:0a:3c:b2:80:56:41:d1:1a:
d2:4e:c1:d8:3d:41:fc:c8:84:24:53:01:e3:05:ef:
6d:8d:3c:eb:c4:eb:19:f6:97:15:48:44:1d:f4:8b:
f3:02:eb:e5:3e:e2:f2:a4:2f:9a:f5:ed:6e:7e:9a:
a6:58:1a:5b:f9:3f:32:26:49:75:1a:d1:c8:04:7d:
9b:cf:9b:5b:69:d3:8a:17:6c:ee:a7:1f:73:4a:65:
6a:f7:3e:66:a2:92:ff:08:7f:2a:e2:a8:2f:7e:50:
7e:fb:49:33:e7:31:67:a5:0a:a2:67:c9:8e:8c:8c:
d2:68:27:c8:a9:83:a8:fc:67:ad:32:25:6c:58:d1:
91:18:0e:09:1a:1b:f7:ec:4e:c6:d8:cc:87:bd:f8:
00:56:3b:fb:54:96:1f:46:ef:25:92:eb:d3:53:1b:
79:3d:1f:a6:48:1f:01:e9:a7:8a:fa:d5:79:02:3b:
e8:1b:1a:a9:ff:8d:34:c8:a7:50:40:1d:3d:a6:2a:
7a:5b:47:28:9c:a6:86:aa:2f:95:3b:c5:07:32:02:
46:82:49:2b:44:78:9c:df:d2:85:75:22:c7:3b:1e:
07:66:3d:10:30:c7:b3:ec:7f:de:0d:6b:ed:8d:de:
9b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:C9:2D:6F:92:63:FE:52:05:44:E8:22:3F:1E:53:B9:B7:B1:C0:9F
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/ZMktb5Jj_lIFROgiPx5TubexwJ8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.64.0/22
123.98.72.0/22
123.98.80.0/22
123.98.88.0/22
123.98.100.0/22
210.79.68.0-210.79.79.255
210.79.84.0-210.79.95.255
210.79.100.0-210.79.107.255
210.79.112.0/21
210.79.124.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:13:d2:98:9d:38:ca:c0:34:99:f4:56:73:c2:f8:65:48:88:
7e:14:3e:8d:94:17:19:95:fc:95:13:2a:72:e9:55:d9:4b:9d:
2e:45:86:07:7b:38:b4:7b:92:f4:45:45:85:5c:70:b2:1d:03:
a4:8c:19:70:cb:fa:dc:dd:1e:66:c3:83:54:5d:9c:e0:9a:d1:
07:4c:68:af:e1:7a:de:21:8c:4b:78:d6:68:d0:3d:b3:a6:26:
0c:3e:fa:79:35:b7:8a:5f:81:f6:5c:e2:05:9f:3f:b0:0a:fa:
8a:47:4e:b6:91:35:44:0e:98:47:24:f3:e3:b4:01:ee:10:80:
c4:79:d3:6e:9d:4e:a9:26:39:5a:c0:30:e0:c6:2f:01:86:f7:
84:c5:7b:cd:50:23:5d:bb:3d:1f:2e:35:37:c8:b1:89:9d:8c:
0a:d5:dc:de:a7:25:66:65:71:09:94:72:7d:76:71:63:97:26:
3b:fa:71:a2:59:46:99:cc:9a:13:26:2e:64:03:9d:20:bc:8e:
4b:fd:b2:c8:2c:e0:d6:d0:1a:0c:01:2f:13:4f:bf:f0:cb:4f:
82:87:d8:93:c8:c0:b8:93:fa:b2:4a:5a:24:e6:9a:c9:55:6e:
2b:e4:7c:ef:df:8e:32:ad:31:9a:c4:65:27:e9:3f:53:8e:9e:
59:d7:64:28
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgICASIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yMzA0MTMx
NDI0MDVaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDY0QzkyRDZGOTI2M0ZF
NTIwNTQ0RTgyMjNGMUU1M0I5QjdCMUMwOUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmZYLbf1kSVV5uYOHk1snaaAMvPnwKPLKAVkHRGtJOwdg9QfzI
hCRTAeMF722NPOvE6xn2lxVIRB30i/MC6+U+4vKkL5r17W5+mqZYGlv5PzImSXUa
0cgEfZvPm1tp04oXbO6nH3NKZWr3Pmaikv8IfyriqC9+UH77STPnMWelCqJnyY6M
jNJoJ8ipg6j8Z60yJWxY0ZEYDgkaG/fsTsbYzIe9+ABWO/tUlh9G7yWS69NTG3k9
H6ZIHwHpp4r61XkCO+gbGqn/jTTIp1BAHT2mKnpbRyicpoaqL5U7xQcyAkaCSStE
eJzf0oV1Isc7HgdmPRAwx7Psf94Na+2N3pvjAgMBAAGjggI/MIICOzAdBgNVHQ4E
FgQUZMktb5Jj/lIFROgiPx5TubexwJ8wHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL1pNa3RiNUpqX2xJRlJP
Z2lQeDVUdWJleHdKOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwbQYIKwYBBQUHAQcBAf8EXjBcMFoEAgABMFQD
BAJ7YkADBAJ7YkgDBAJ7YlADBAJ7YlgDBAJ7YmQwDAMEAtJPRAMEBNJPQDAMAwQC
0k9UAwQF0k9AMAwDBALST2QDBALST2gDBAPST3ADBALST3wwDQYJKoZIhvcNAQEL
BQADggEBAHwT0pidOMrANJn0VnPC+GVIiH4UPo2UFxmV/JUTKnLpVdlLnS5Fhgd7
OLR7kvRFRYVccLIdA6SMGXDL+tzdHmbDg1RdnOCa0QdMaK/het4hjEt41mjQPbOm
Jgw++nk1t4pfgfZc4gWfP7AK+opHTraRNUQOmEck8+O0Ae4QgMR5026dTqkmOVrA
MODGLwGG94TFe81QI127PR8uNTfIsYmdjArV3N6nJWZlcQmUcn12cWOXJjv6caJZ
RpnMmhMmLmQDnSC8jkv9ssgs4NbQGgwBLxNPv/DLT4KH2JPIwLiT+rJKWiTmmslV
bivkfO/fjjKtMZrEZSfpP1OOnlnXZCg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:22 2023 by rpki-client on console-fra.rpki-client.org