Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/sRZ1GyqrsN319TlGrYm2KA8x41U.roa
File: sRZ1GyqrsN319TlGrYm2KA8x41U.roa (raw, json)
Hash identifier: FayjxVsojIsHIxUu6d1QfSOc0Ac3U07LdERps5mqY48=
Subject key identifier: B1:16:75:1B:2A:AB:B0:DD:F5:F5:39:46:AD:89:B6:28:0F:31:E3:55
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 39
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/sRZ1GyqrsN319TlGrYm2KA8x41U.roa
Signing time: Tue 14 Mar 2023 02:55:08 +0000
ROA not before: Tue 14 Mar 2023 02:55:08 +0000
ROA not after: Wed 06 Mar 2024 10:22:30 +0000
asID: 21700
IP address blocks: 210.79.64.0/22 maxlen: 24
210.79.68.0/22 maxlen: 24
210.79.76.0/22 maxlen: 24
210.79.80.0/22 maxlen: 24
210.79.88.0/22 maxlen: 24
210.79.96.0/22 maxlen: 24
210.79.100.0/22 maxlen: 24
210.79.108.0/22 maxlen: 24
210.79.112.0/22 maxlen: 24
210.79.120.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57 (0x39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Mar 14 02:55:08 2023 GMT
Not After : Mar 6 10:22:30 2024 GMT
Subject: CN=B116751B2AABB0DDF5F53946AD89B6280F31E355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:0d:c6:21:c5:c8:b2:15:5b:7c:c1:64:30:0a:
9a:eb:92:02:43:58:bb:5e:c1:8b:d1:c1:52:da:d4:
c6:0b:0e:f7:6a:ca:7c:f8:ee:31:7b:75:d1:f8:0a:
cf:8e:18:1e:e9:8f:d6:b0:f1:d1:8d:b7:64:33:ff:
62:14:df:fe:79:3b:7b:31:06:16:be:3b:54:0d:f7:
82:ed:82:25:5e:91:ef:e3:88:0a:d7:3b:aa:62:d0:
09:8e:f3:42:a9:a4:fa:23:29:b3:d1:62:19:02:7d:
de:fe:c2:0d:cc:66:9d:ff:c3:84:f2:6d:dc:98:86:
83:78:64:9a:f2:7f:59:9e:4e:7f:23:99:cf:44:91:
fe:96:fd:f2:02:33:e4:e8:63:a8:2a:3e:5c:f1:21:
34:16:bc:53:f2:ef:d4:65:3b:ee:20:27:16:2c:6c:
8f:43:c6:1d:45:9a:aa:b4:cc:a7:3b:51:b9:6f:99:
4a:22:6c:92:70:47:4f:bc:d3:e4:31:c4:d1:cd:76:
c8:d1:01:dc:76:0b:1b:ea:f1:61:19:b0:92:0c:9e:
15:0f:bb:53:da:61:eb:3b:6c:b4:92:ec:60:27:15:
f9:df:7c:94:03:45:7b:1e:60:43:15:50:3c:86:fd:
d4:93:00:77:13:0c:8b:a4:56:16:ed:7c:a0:ce:c5:
22:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:16:75:1B:2A:AB:B0:DD:F5:F5:39:46:AD:89:B6:28:0F:31:E3:55
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/sRZ1GyqrsN319TlGrYm2KA8x41U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.79.64.0/21
210.79.76.0-210.79.83.255
210.79.88.0/22
210.79.96.0/21
210.79.108.0-210.79.115.255
210.79.120.0/22
Signature Algorithm: sha256WithRSAEncryption
79:26:51:ef:0d:ff:a9:18:af:19:24:5f:eb:e9:7f:e0:91:a3:
2a:43:6a:29:a7:65:5d:28:ab:d0:b5:76:f1:87:ae:05:56:64:
02:a2:77:80:b1:f3:65:36:94:63:5a:bf:de:f8:bb:9e:14:7d:
d8:91:9b:71:18:cf:66:a8:39:31:50:77:b0:f5:8c:8c:18:d2:
83:62:c1:88:ab:55:45:45:fc:1e:94:53:af:f7:56:81:be:b0:
40:92:5a:f5:9b:0c:b6:06:a5:30:b9:fa:5e:d5:03:38:31:85:
fc:cc:e7:f1:ce:ab:2f:93:d5:79:81:e4:3f:89:30:0a:ea:6b:
93:f7:e4:1b:de:e9:12:3a:e3:85:cd:29:97:ff:34:b2:78:63:
02:83:0d:32:1b:e8:e5:52:4c:f8:64:79:76:30:ae:53:81:48:
1c:e2:84:06:76:69:3e:1f:bb:63:5b:94:32:e0:61:4b:da:3e:
16:9d:40:68:e6:53:ee:f0:f0:e6:fe:26:1a:01:96:4f:f9:f0:
bb:4d:18:af:dc:cf:47:39:dc:e6:a4:dd:5b:00:bb:f6:83:f3:
5f:01:2b:92:76:20:aa:8a:0f:6d:26:87:54:01:52:b5:57:51:
58:ab:b9:9c:98:55:45:e1:ef:e3:0f:dd:4b:f9:6e:b1:81:a3:
4d:2f:e9:ef
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIBOTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhDNjVC
RjU3QkRDOUI1QkU3RDk3RTBENjVBQTQyMjJCMUVGQUFCRUFBMB4XDTIzMDMxNDAy
NTUwOFoXDTI0MDMwNjEwMjIzMFowMzExMC8GA1UEAxMoQjExNjc1MUIyQUFCQjBE
REY1RjUzOTQ2QUQ4OUI2MjgwRjMxRTM1NTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMUNxiHFyLIVW3zBZDAKmuuSAkNYu17Bi9HBUtrUxgsO92rKfPju
MXt10fgKz44YHumP1rDx0Y23ZDP/YhTf/nk7ezEGFr47VA33gu2CJV6R7+OICtc7
qmLQCY7zQqmk+iMps9FiGQJ93v7CDcxmnf/DhPJt3JiGg3hkmvJ/WZ5OfyOZz0SR
/pb98gIz5OhjqCo+XPEhNBa8U/Lv1GU77iAnFixsj0PGHUWaqrTMpztRuW+ZSiJs
knBHT7zT5DHE0c12yNEB3HYLG+rxYRmwkgyeFQ+7U9ph6ztstJLsYCcV+d98lANF
ex5gQxVQPIb91JMAdxMMi6RWFu18oM7FIl8CAwEAAaOCAh8wggIbMB0GA1UdDgQW
BBSxFnUbKquw3fX1OUatibYoDzHjVTAfBgNVHSMEGDAWgBTGW/V73Jtb59l+DWWq
QiKx76q+qjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFwGA1UdHwRVMFMwUaBP
oE2GS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC80MTMv
eGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC94bHYxZTl5YlctZlpmZzFscWtJaXNlLXF2cW8uY2VyMA4GA1UdDwEB/wQE
AwIHgDCBnAYIKwYBBQUHAQsEgY8wgYwwVwYIKwYBBQUHMAuGS3JzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC80MTMvc1JaMUd5cXJzTjMxOVRs
R3JZbTJLQTh4NDFVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmlj
LmNuL3JyZHAvbm90aWZ5LnhtbDBNBggrBgEFBQcBBwEB/wQ+MDwwOgQCAAEwNAME
A9JPQDAMAwQC0k9MAwQC0k9QAwQC0k9YAwQD0k9gMAwDBALST2wDBALST3ADBALS
T3gwDQYJKoZIhvcNAQELBQADggEBAHkmUe8N/6kYrxkkX+vpf+CRoypDaimnZV0o
q9C1dvGHrgVWZAKid4Cx82U2lGNav974u54UfdiRm3EYz2aoOTFQd7D1jIwY0oNi
wYirVUVF/B6UU6/3VoG+sECSWvWbDLYGpTC5+l7VAzgxhfzM5/HOqy+T1XmB5D+J
MArqa5P35Bve6RI644XNKZf/NLJ4YwKDDTIb6OVSTPhkeXYwrlOBSBzihAZ2aT4f
u2NblDLgYUvaPhadQGjmU+7w8Ob+JhoBlk/58LtNGK/cz0c53Oak3VsAu/aD818B
K5J2IKqKD20mh1QBUrVXUViruZyYVUXh7+MP3Uv5brGBo00v6e8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:22 2023 by rpki-client on console-fra.rpki-client.org