Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/phhwKKaZeDG0EaanYFJyBFOyZ40.roa
File: phhwKKaZeDG0EaanYFJyBFOyZ40.roa (raw, json)
Hash identifier: 7oi7s++STIbqwWli/v1ttwAriIwaUhGHqNZrOWKDYY8=
Subject key identifier: A6:18:70:28:A6:99:78:31:B4:11:A6:A7:60:52:72:04:53:B2:67:8D
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 01F7
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/phhwKKaZeDG0EaanYFJyBFOyZ40.roa
Signing time: Wed 10 May 2023 04:44:19 +0000
ROA not before: Wed 10 May 2023 04:44:19 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 34549
IP address blocks: 123.98.64.0/22 maxlen: 24
123.98.72.0/22 maxlen: 24
123.98.80.0/22 maxlen: 24
123.98.100.0/22 maxlen: 24
210.79.68.0/22 maxlen: 24
210.79.76.0/22 maxlen: 24
210.79.88.0/22 maxlen: 24
210.79.100.0/22 maxlen: 24
210.79.112.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 503 (0x1f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: May 10 04:44:19 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=A6187028A6997831B411A6A76052720453B2678D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a2:0a:47:a8:48:8c:4a:6e:39:21:d9:bb:2d:
0c:27:d9:97:57:25:1e:d0:ed:fb:11:42:8a:a1:10:
a1:24:57:80:82:17:94:cf:59:2c:c0:ef:5b:40:9d:
7e:43:3a:48:d2:63:76:43:a9:52:6e:0e:0b:43:12:
fb:62:59:ac:f7:4a:a1:39:ac:1e:91:b2:4b:8c:b1:
bc:50:6e:01:18:63:77:d8:77:51:06:07:07:43:8b:
d8:60:79:f8:b0:f2:35:bf:fd:38:81:4c:0e:23:cd:
51:93:4c:80:dd:67:09:c1:8c:ea:0b:33:48:d1:8b:
53:a6:fb:bb:5c:ce:76:66:41:10:2c:07:22:10:61:
e4:e3:3b:98:e1:12:e4:b6:64:3c:a3:4c:9e:fa:86:
2c:7b:71:91:04:ae:00:bd:62:60:51:5d:5b:84:0a:
cd:b1:89:68:92:ca:a9:b8:3d:b9:80:63:57:0e:b7:
7d:cd:e4:76:d0:96:49:2c:ff:19:5d:fd:49:9f:b1:
39:3f:98:04:9e:96:1c:51:92:b6:b3:32:6a:3c:30:
fa:a8:a6:20:d8:ce:89:21:a9:0d:de:a6:36:df:f3:
f8:e4:8c:65:e7:9e:c7:bf:d6:fb:2d:4f:ab:ac:1b:
75:cd:4b:9a:f1:80:a5:44:4c:e3:46:d6:86:b1:9e:
c0:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:18:70:28:A6:99:78:31:B4:11:A6:A7:60:52:72:04:53:B2:67:8D
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/phhwKKaZeDG0EaanYFJyBFOyZ40.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.64.0/22
123.98.72.0/22
123.98.80.0/22
123.98.100.0/22
210.79.68.0/22
210.79.76.0/22
210.79.88.0/22
210.79.100.0/22
210.79.112.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:b7:d2:f8:97:7c:b5:61:82:d1:4c:cf:10:9e:48:ca:f2:15:
b7:1b:19:b5:06:08:30:27:b3:b3:35:94:40:db:17:6c:77:6f:
82:a8:61:9c:61:5a:22:09:6b:bb:c2:3f:6c:d2:2d:ef:84:38:
fc:83:12:23:c2:20:f3:ec:f7:8e:9b:50:33:4d:b5:82:8a:40:
f8:3f:56:79:fd:7e:e3:bb:0e:c3:5c:b2:aa:3b:7c:42:93:b7:
95:c7:33:4d:69:1b:18:79:10:48:74:7b:d4:c3:f1:1f:2b:18:
e6:16:e4:53:dc:f5:59:df:06:e2:3b:c8:c7:7e:5e:69:1c:9e:
ae:c9:e8:67:88:e4:f1:61:67:b4:2a:8d:aa:53:a2:64:2a:ca:
34:73:3d:62:e5:5b:71:86:c5:62:e1:d0:02:f6:eb:a3:39:5f:
09:03:dc:55:b4:af:a0:98:f3:13:e2:2f:32:0a:cd:0f:de:ed:
94:cb:81:35:44:41:00:a8:6c:32:df:e5:e2:58:31:7b:64:30:
1b:5b:89:ce:87:ab:72:fe:e3:48:ae:36:30:7e:8b:50:e8:4a:
f6:36:96:08:68:3b:14:95:6f:02:d3:b3:47:8b:4c:eb:6b:3a:
7c:30:77:60:b3:02:5a:2b:4a:56:5c:33:f2:15:f4:91:08:a8:
fe:3a:ac:12
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgICAfcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yMzA1MTAw
NDQ0MTlaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKEE2MTg3MDI4QTY5OTc4
MzFCNDExQTZBNzYwNTI3MjA0NTNCMjY3OEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2ogpHqEiMSm45Idm7LQwn2ZdXJR7Q7fsRQoqhEKEkV4CCF5TP
WSzA71tAnX5DOkjSY3ZDqVJuDgtDEvtiWaz3SqE5rB6RskuMsbxQbgEYY3fYd1EG
BwdDi9hgefiw8jW//TiBTA4jzVGTTIDdZwnBjOoLM0jRi1Om+7tcznZmQRAsByIQ
YeTjO5jhEuS2ZDyjTJ76hix7cZEErgC9YmBRXVuECs2xiWiSyqm4PbmAY1cOt33N
5HbQlkks/xld/UmfsTk/mASelhxRkrazMmo8MPqopiDYzokhqQ3epjbf8/jkjGXn
nse/1vstT6usG3XNS5rxgKVETONG1oaxnsDPAgMBAAGjggIhMIICHTAdBgNVHQ4E
FgQUphhwKKaZeDG0EaanYFJyBFOyZ40wHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL3BoaHdLS2FaZURHMEVh
YW5ZRkp5QkZPeVo0MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwTwYIKwYBBQUHAQcBAf8EQDA+MDwEAgABMDYD
BAJ7YkADBAJ7YkgDBAJ7YlADBAJ7YmQDBALST0QDBALST0wDBALST1gDBALST2QD
BALST3AwDQYJKoZIhvcNAQELBQADggEBAHq30viXfLVhgtFMzxCeSMryFbcbGbUG
CDAns7M1lEDbF2x3b4KoYZxhWiIJa7vCP2zSLe+EOPyDEiPCIPPs946bUDNNtYKK
QPg/Vnn9fuO7DsNcsqo7fEKTt5XHM01pGxh5EEh0e9TD8R8rGOYW5FPc9VnfBuI7
yMd+Xmkcnq7J6GeI5PFhZ7QqjapTomQqyjRzPWLlW3GGxWLh0AL266M5XwkD3FW0
r6CY8xPiLzIKzQ/e7ZTLgTVEQQCobDLf5eJYMXtkMBtbic6Hq3L+40iuNjB+i1Do
SvY2lghoOxSVbwLTs0eLTOtrOnwwd2CzAlorSlZcM/IV9JEIqP46rBI=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:18 2023 by rpki-client on console-ams.rpki-client.org