Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/Aq-lIByoMKMF2FgcTRz1UsmbJKQ.roa
File: Aq-lIByoMKMF2FgcTRz1UsmbJKQ.roa (raw, json)
Hash identifier: sWxe4rU2uFA0IZwpbkkgj78JMrpBaVxeOxs7bPL2QqY=
Subject key identifier: 02:AF:A5:20:1C:A8:30:A3:05:D8:58:1C:4D:1C:F5:52:C9:9B:24:A4
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0762
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/Aq-lIByoMKMF2FgcTRz1UsmbJKQ.roa
Signing time: Tue 09 Jan 2024 04:20:57 +0000
ROA not before: Tue 09 Jan 2024 04:20:57 +0000
ROA not after: Tue 08 Oct 2024 00:16:33 +0000
asID: 53356
IP address blocks: 123.98.4.0/22 maxlen: 24
123.98.8.0/22 maxlen: 24
123.98.16.0/22 maxlen: 24
123.98.20.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1890 (0x762)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Jan 9 04:20:57 2024 GMT
Not After : Oct 8 00:16:33 2024 GMT
Subject: CN=02AFA5201CA830A305D8581C4D1CF552C99B24A4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:17:4b:29:fd:06:7e:aa:a3:bf:ed:fe:e0:c6:
57:90:79:94:ed:3c:a9:15:81:a8:85:c5:7f:63:a1:
0e:0b:cc:6d:17:b8:1d:c5:22:a5:01:6d:70:39:a2:
82:af:60:55:97:ff:f7:39:ba:3c:85:36:69:de:ae:
e1:04:11:55:da:02:09:53:e2:3e:5b:b0:f9:31:48:
25:22:a1:68:92:32:41:33:c3:a1:4d:c4:19:8b:72:
a6:c7:73:38:b1:d6:19:ce:b6:db:ea:8b:86:5c:64:
c1:9d:b0:3f:e2:a2:31:49:c4:db:f9:0a:f6:1b:a1:
29:4f:08:db:19:fe:59:55:2e:a4:fe:10:49:ee:05:
cc:eb:e9:83:e2:81:f3:7b:07:4d:86:9f:c7:13:95:
f6:69:22:a6:6a:66:f1:b1:3c:42:31:85:b1:54:36:
2a:0e:58:a6:3d:02:bc:a9:f0:33:d9:69:76:04:41:
e4:c9:2d:10:24:8b:34:d2:00:25:02:af:f4:b7:15:
f4:e5:e5:8d:4f:c7:d2:32:25:f1:2a:06:cf:ea:e1:
e7:09:15:37:72:57:88:b0:df:6c:1b:c3:84:9e:9d:
0f:20:f8:e1:1f:60:31:e4:ce:2c:f0:0a:d3:d2:53:
de:78:ec:ed:f2:a8:29:92:58:52:24:38:90:9c:73:
12:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:AF:A5:20:1C:A8:30:A3:05:D8:58:1C:4D:1C:F5:52:C9:9B:24:A4
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/Aq-lIByoMKMF2FgcTRz1UsmbJKQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.4.0-123.98.11.255
123.98.16.0/21
Signature Algorithm: sha256WithRSAEncryption
a0:aa:21:5b:58:9b:a1:3a:b5:b9:0d:62:ad:d3:f6:cf:a9:f8:
d7:f7:c3:ba:a0:f6:73:c1:ca:9e:10:db:3f:a6:1b:c3:6e:68:
2b:fc:34:e8:17:2b:5e:17:08:72:c1:8f:78:34:5a:b0:59:90:
dd:d7:b3:43:98:3e:0b:81:9c:83:27:98:f8:91:2f:f9:5b:71:
42:a8:7f:25:15:c8:8e:e5:f3:8b:c9:5f:b6:66:77:6c:ad:64:
a8:93:8c:26:91:1d:c5:5d:4e:ac:b7:c9:7c:1a:e6:c5:79:4d:
21:de:e6:31:f6:eb:06:8c:8e:c4:34:61:45:78:e4:0d:70:fc:
d0:ff:d3:59:51:60:1d:ea:e2:73:8a:d8:4f:b8:16:8f:50:5c:
1c:8b:ae:17:ee:c7:0c:25:6a:b3:1c:38:49:b6:8e:14:ae:f4:
a5:f5:bb:3a:4a:a7:b9:ef:e8:76:e3:51:4e:81:a5:7e:11:ff:
04:03:38:34:55:91:92:ef:2f:d7:c9:db:62:ac:34:ad:59:f5:
1c:81:05:10:a1:35:d4:fb:fa:52:9e:02:2a:fc:84:ed:a1:a0:
79:a6:c2:54:78:52:b1:bf:af:77:6c:7e:f0:0c:fe:c2:90:a2:
eb:06:b0:bc:3a:a0:e7:07:0d:54:79:f3:73:5b:7d:9b:45:17:
3d:66:f2:30
-----BEGIN CERTIFICATE-----
MIIE4zCCA8ugAwIBAgICB2IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDAxMDkw
NDIwNTdaFw0yNDEwMDgwMDE2MzNaMDMxMTAvBgNVBAMTKDAyQUZBNTIwMUNBODMw
QTMwNUQ4NTgxQzREMUNGNTUyQzk5QjI0QTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3F0sp/QZ+qqO/7f7gxleQeZTtPKkVgaiFxX9joQ4LzG0XuB3F
IqUBbXA5ooKvYFWX//c5ujyFNmneruEEEVXaAglT4j5bsPkxSCUioWiSMkEzw6FN
xBmLcqbHczix1hnOttvqi4ZcZMGdsD/iojFJxNv5CvYboSlPCNsZ/llVLqT+EEnu
Bczr6YPigfN7B02Gn8cTlfZpIqZqZvGxPEIxhbFUNioOWKY9Aryp8DPZaXYEQeTJ
LRAkizTSACUCr/S3FfTl5Y1Px9IyJfEqBs/q4ecJFTdyV4iw32wbw4SenQ8g+OEf
YDHkzizwCtPSU9547O3yqCmSWFIkOJCccxKzAgMBAAGjggH/MIIB+zAdBgNVHQ4E
FgQUAq+lIByoMKMF2FgcTRz1UsmbJKQwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL0FxLWxJQnlvTUtNRjJG
Z2NUUnoxVXNtYkpLUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwLQYIKwYBBQUHAQcBAf8EHjAcMBoEAgABMBQw
DAMEAntiBAMEAntiCAMEA3tiEDANBgkqhkiG9w0BAQsFAAOCAQEAoKohW1iboTq1
uQ1irdP2z6n41/fDuqD2c8HKnhDbP6Ybw25oK/w06BcrXhcIcsGPeDRasFmQ3dez
Q5g+C4GcgyeY+JEv+VtxQqh/JRXIjuXzi8lftmZ3bK1kqJOMJpEdxV1OrLfJfBrm
xXlNId7mMfbrBoyOxDRhRXjkDXD80P/TWVFgHeric4rYT7gWj1BcHIuuF+7HDCVq
sxw4SbaOFK70pfW7Okqnue/oduNRToGlfhH/BAM4NFWRku8v18nbYqw0rVn1HIEF
EKE11Pv6Up4CKvyE7aGgeabCVHhSsb+vd2x+8Az+wpCi6wawvDqg5wcNVHnzc1t9
m0UXPWbyMA==
-----END CERTIFICATE-----
Generated at Fri Jan 12 17:10:07 2024 by rpki-client on console-fra.rpki-client.org