Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/18u4j_78BDLmZ9J9Ns-9WlUsPes.roa
File: 18u4j_78BDLmZ9J9Ns-9WlUsPes.roa (raw, json)
Hash identifier: vXZGy+cb1dLnGdz0+2TBJmTIkyhbwLf1b+XtLWs9Urs=
Subject key identifier: D7:CB:B8:8F:FE:FC:04:32:E6:67:D2:7D:36:CF:BD:5A:55:2C:3D:EB
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0DC5
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/18u4j_78BDLmZ9J9Ns-9WlUsPes.roa
Signing time: Thu 17 Oct 2024 01:54:22 +0000
ROA not before: Thu 17 Oct 2024 01:54:22 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 62387
IP address blocks: 123.98.12.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3525 (0xdc5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Oct 17 01:54:22 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=D7CBB88FFEFC0432E667D27D36CFBD5A552C3DEB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:2c:c2:0a:68:9f:0a:08:be:81:05:21:5a:c5:
d6:c8:45:74:fa:f2:ee:41:d0:44:3c:bb:ad:00:29:
59:fa:d8:de:53:cf:f0:5d:10:a9:df:e1:a6:71:24:
f8:47:89:66:5e:5d:3e:a9:73:3a:cd:84:3e:ff:cd:
95:a3:e2:17:7f:ba:5a:8d:72:f9:f0:d9:77:86:61:
0e:eb:72:e8:bf:d5:d9:e9:4f:6e:29:11:7f:04:fa:
30:6e:41:8d:c4:47:58:71:53:7f:27:f4:d0:a8:b6:
f1:57:01:43:a8:13:33:db:3d:0b:5f:3e:32:12:1c:
79:3a:30:8d:47:58:3b:0d:ca:d9:27:86:f5:45:04:
c7:c1:2e:52:78:16:30:37:59:6e:89:e4:1e:1e:77:
4b:2d:76:29:6f:e1:44:ab:4a:0f:f7:48:19:a6:1b:
23:e3:36:00:ea:4d:f0:89:a5:d8:b3:39:d8:3c:d0:
5e:85:dd:d4:27:4f:05:05:21:01:d8:04:d7:c0:fd:
53:97:9a:7d:06:af:14:e7:33:f7:7e:a6:2f:b4:ad:
a6:54:f0:be:48:56:59:e7:29:0b:96:09:2c:15:a5:
ea:c1:68:34:e4:dc:cb:46:ef:06:b1:e3:0c:e0:e3:
d9:99:78:ae:f4:98:e5:f3:9f:5a:46:83:be:10:c3:
eb:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:CB:B8:8F:FE:FC:04:32:E6:67:D2:7D:36:CF:BD:5A:55:2C:3D:EB
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/18u4j_78BDLmZ9J9Ns-9WlUsPes.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.12.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:99:fa:b1:29:f8:b1:27:bb:3f:c7:db:94:b2:bf:b6:8e:8e:
78:b5:1b:b1:2f:a6:f2:23:af:c3:2b:ef:98:11:b3:7c:1d:cd:
4a:06:f3:20:54:53:c7:30:52:5c:52:88:f3:a8:8e:71:40:0a:
9b:f0:e5:7e:34:41:68:9b:8e:d3:6b:59:83:1d:22:cd:9b:ba:
b3:65:8d:80:68:15:3f:ce:2e:24:9e:e0:27:3a:97:7e:ab:ff:
80:d7:c6:61:ec:0a:60:04:39:45:3d:41:f9:1d:42:3f:65:02:
31:b6:eb:ae:ed:2b:f6:6c:00:23:cc:9f:fc:51:82:b3:a8:88:
f4:f3:d1:d5:14:1b:03:05:6f:1a:90:3c:58:59:b5:0e:7f:b4:
25:28:de:e2:e0:29:df:9e:02:cd:6e:bc:48:e4:6a:a1:74:7f:
9b:e7:8f:bd:61:0c:05:fd:9e:6b:51:8b:b8:9f:4e:42:8f:78:
fd:e0:20:d2:2a:c2:98:af:94:66:5b:ce:68:67:1d:78:06:d9:
ab:87:aa:99:b6:32:90:f1:e0:53:cf:f7:74:b2:13:bb:5b:7a:
51:c8:22:9d:24:4a:9d:51:a3:f7:df:0e:30:87:9d:75:a8:ca:
0c:0e:07:cb:59:18:ed:02:d6:5f:b0:bf:7a:22:bb:49:2c:ba:
d6:50:b8:0b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDcUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDEwMTcw
MTU0MjJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEQ3Q0JCODhGRkVGQzA0
MzJFNjY3RDI3RDM2Q0ZCRDVBNTUyQzNERUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCYLMIKaJ8KCL6BBSFaxdbIRXT68u5B0EQ8u60AKVn62N5Tz/Bd
EKnf4aZxJPhHiWZeXT6pczrNhD7/zZWj4hd/ulqNcvnw2XeGYQ7rcui/1dnpT24p
EX8E+jBuQY3ER1hxU38n9NCotvFXAUOoEzPbPQtfPjISHHk6MI1HWDsNytknhvVF
BMfBLlJ4FjA3WW6J5B4ed0stdilv4USrSg/3SBmmGyPjNgDqTfCJpdizOdg80F6F
3dQnTwUFIQHYBNfA/VOXmn0GrxTnM/d+pi+0raZU8L5IVlnnKQuWCSwVperBaDTk
3MtG7wax4wzg49mZeK70mOXzn1pGg74Qw+sZAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU18u4j/78BDLmZ9J9Ns+9WlUsPeswHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzLzE4dTRqXzc4QkRMbVo5
SjlOcy05V2xVc1Blcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJ7YgwwDQYJKoZIhvcNAQELBQADggEBAFyZ+rEp+LEnuz/H25Syv7aOjni1G7Ev
pvIjr8Mr75gRs3wdzUoG8yBUU8cwUlxSiPOojnFACpvw5X40QWibjtNrWYMdIs2b
urNljYBoFT/OLiSe4Cc6l36r/4DXxmHsCmAEOUU9QfkdQj9lAjG2667tK/ZsACPM
n/xRgrOoiPTz0dUUGwMFbxqQPFhZtQ5/tCUo3uLgKd+eAs1uvEjkaqF0f5vnj71h
DAX9nmtRi7ifTkKPeP3gINIqwpivlGZbzmhnHXgG2auHqpm2MpDx4FPP93SyE7tb
elHIIp0kSp1Ro/ffDjCHnXWoygwOB8tZGO0C1l+wv3oiu0ksutZQuAs=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:47:25 2025 by rpki-client