Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/-xDPH-71_6IlRejWosfS-PonN5g.roa
File: -xDPH-71_6IlRejWosfS-PonN5g.roa (raw, json)
Hash identifier: b5uPq3lwBvqKlrWfWyjBA1GJAgsINuZjPQvwxHfQQkI=
Subject key identifier: FB:10:CF:1F:EE:F5:FF:A2:25:45:E8:D6:A2:C7:D2:F8:FA:27:37:98
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0D5F
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/-xDPH-71_6IlRejWosfS-PonN5g.roa
Signing time: Thu 03 Oct 2024 15:04:32 +0000
ROA not before: Thu 03 Oct 2024 15:04:32 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 215784
IP address blocks: 123.98.28.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3423 (0xd5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Oct 3 15:04:32 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=FB10CF1FEEF5FFA22545E8D6A2C7D2F8FA273798
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:c1:42:89:25:26:81:14:db:c5:2a:5f:e3:2f:
a2:c9:9b:e3:64:03:68:41:96:0f:e6:d1:88:68:2a:
a6:bd:dc:df:c1:91:24:85:9a:fd:1f:a9:98:33:0c:
c2:6a:a4:89:f4:fb:c7:bd:72:03:4f:22:2c:fb:23:
e8:55:3f:f0:0d:3d:3f:7d:11:fa:6d:dd:8e:23:46:
ee:f3:f5:47:79:b8:fa:70:1c:4e:3f:60:99:ef:13:
62:f6:17:55:85:72:45:11:83:01:5c:fe:6e:c2:b6:
91:ce:57:19:d1:07:44:70:d2:8e:1d:fa:61:00:f2:
c1:0b:54:5b:e0:8c:72:b5:2f:9d:1a:43:23:fc:99:
91:71:c0:21:b5:99:69:ac:37:a5:b7:d0:12:f7:d1:
e4:80:31:f4:e3:ea:de:5b:82:01:2e:87:09:66:75:
c8:ca:b1:aa:63:46:ee:6e:01:b9:e5:4a:5f:6f:a1:
06:4f:e7:8d:9f:f0:62:da:fb:54:e3:d5:1b:1f:c1:
23:f7:7b:58:b7:fa:68:cf:42:97:6d:2e:1a:cf:88:
cc:2c:61:c7:83:8d:9f:62:7e:91:33:e6:3a:da:b6:
a5:55:87:ce:91:6c:72:fe:49:d1:3a:47:8e:74:e4:
8b:97:93:c8:4e:28:40:18:89:8f:b9:a8:b2:bb:1a:
c0:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:10:CF:1F:EE:F5:FF:A2:25:45:E8:D6:A2:C7:D2:F8:FA:27:37:98
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/-xDPH-71_6IlRejWosfS-PonN5g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.28.0/22
Signature Algorithm: sha256WithRSAEncryption
d0:6e:1c:9e:d2:86:36:40:00:dc:b5:53:fe:ec:f3:88:b3:40:
53:73:d3:f8:ba:66:41:4f:6e:6f:c1:b2:a8:f2:59:2c:42:a1:
9d:a8:2f:a8:db:23:1c:07:4b:31:de:f9:71:95:1b:99:f1:02:
c9:4a:42:de:38:20:af:e5:ef:0f:bd:51:41:1c:d1:c5:33:f8:
86:d1:80:dc:98:56:bd:81:9b:ee:23:c3:92:93:24:e4:69:ca:
86:ff:ad:39:9e:6e:b5:17:c8:0c:4c:1f:17:75:3c:c4:94:63:
ae:63:9d:3d:36:74:f2:a5:ed:fa:76:2f:3a:b8:66:0a:1a:e4:
fc:1c:c0:c7:9c:ce:35:48:57:bb:32:d2:73:09:04:29:f2:d0:
29:93:06:5c:3d:ef:0a:23:ac:c9:e1:01:7f:41:ae:b8:20:fb:
72:2e:3b:b0:db:85:77:e4:b5:57:48:99:12:ca:78:6d:68:b0:
da:d0:51:06:52:eb:20:23:16:fc:6b:6b:be:27:e9:ba:37:d5:
5d:f7:13:3d:6f:fe:e1:4a:59:dc:17:51:05:0b:0b:fa:c2:63:
34:40:6d:fc:e7:0a:f5:b9:fd:03:56:2c:4e:44:d2:36:7a:93:
46:8e:74:dd:2e:be:2b:92:62:5d:55:c6:7e:0e:1c:9a:9f:50:
23:0c:0f:91
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDV8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDEwMDMx
NTA0MzJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEZCMTBDRjFGRUVGNUZG
QTIyNTQ1RThENkEyQzdEMkY4RkEyNzM3OTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCZwUKJJSaBFNvFKl/jL6LJm+NkA2hBlg/m0YhoKqa93N/BkSSF
mv0fqZgzDMJqpIn0+8e9cgNPIiz7I+hVP/ANPT99Efpt3Y4jRu7z9Ud5uPpwHE4/
YJnvE2L2F1WFckURgwFc/m7CtpHOVxnRB0Rw0o4d+mEA8sELVFvgjHK1L50aQyP8
mZFxwCG1mWmsN6W30BL30eSAMfTj6t5bggEuhwlmdcjKsapjRu5uAbnlSl9voQZP
542f8GLa+1Tj1RsfwSP3e1i3+mjPQpdtLhrPiMwsYceDjZ9ifpEz5jratqVVh86R
bHL+SdE6R4505IuXk8hOKEAYiY+5qLK7GsBrAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU+xDPH+71/6IlRejWosfS+PonN5gwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzLy14RFBILTcxXzZJbFJl
aldvc2ZTLVBvbk41Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJ7YhwwDQYJKoZIhvcNAQELBQADggEBANBuHJ7ShjZAANy1U/7s84izQFNz0/i6
ZkFPbm/BsqjyWSxCoZ2oL6jbIxwHSzHe+XGVG5nxAslKQt44IK/l7w+9UUEc0cUz
+IbRgNyYVr2Bm+4jw5KTJORpyob/rTmebrUXyAxMHxd1PMSUY65jnT02dPKl7fp2
Lzq4Zgoa5PwcwMeczjVIV7sy0nMJBCny0CmTBlw97wojrMnhAX9Brrgg+3IuO7Db
hXfktVdImRLKeG1osNrQUQZS6yAjFvxra74n6bo31V33Ez1v/uFKWdwXUQULC/rC
YzRAbfznCvW5/QNWLE5E0jZ6k0aOdN0uviuSYl1Vxn4OHJqfUCMMD5E=
-----END CERTIFICATE-----
Generated at Tue Nov 5 19:59:38 2024 by rpki-client on console-fra.rpki-client.org