Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/LxTN4j5b2xVxzy0kGFgfrE_XYI4.roa
File: LxTN4j5b2xVxzy0kGFgfrE_XYI4.roa (raw, json)
Hash identifier: qHtPKuhCfUrwhihLEN8cTlo61tTwaj9nsX8QbNU+6i0=
Subject key identifier: 2F:14:CD:E2:3E:5B:DB:15:71:CF:2D:24:18:58:1F:AC:4F:D7:60:8E
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0D11
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/LxTN4j5b2xVxzy0kGFgfrE_XYI4.roa
Signing time: Tue 24 Sep 2024 11:42:15 +0000
ROA not before: Tue 24 Sep 2024 11:42:15 +0000
ROA not after: Sat 20 Sep 2025 07:41:26 +0000
asID: 34549
IP address blocks: 123.98.102.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3345 (0xd11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Sep 24 11:42:15 2024 GMT
Not After : Sep 20 07:41:26 2025 GMT
Subject: CN=2F14CDE23E5BDB1571CF2D2418581FAC4FD7608E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:6d:7d:71:f1:be:69:96:7a:44:4b:41:58:23:
39:9a:d1:9e:52:2d:65:6d:be:99:9f:82:50:88:2b:
72:0f:a3:55:6b:1d:0b:16:27:ae:50:8e:c1:5e:47:
ca:27:7f:e6:73:cf:18:7a:7e:a9:a0:98:07:f4:b7:
a7:f1:8e:07:1a:3a:46:6c:64:27:b1:07:5e:0d:07:
cf:c6:88:7d:7d:34:8e:d4:c2:d3:23:f9:f4:18:fa:
1e:ec:8e:eb:f4:56:9a:99:95:9b:7d:1a:3c:6d:7d:
1b:6d:36:2e:12:9e:75:bb:45:7d:d4:6b:1a:8d:f7:
63:ab:bb:23:4f:b1:f5:8b:e8:54:d2:e2:d6:54:a8:
1a:6d:6f:d5:ee:dc:25:26:d0:00:03:2f:68:4d:0d:
08:fd:0e:0c:3a:d7:8e:6d:69:5c:16:89:db:98:c4:
d9:0e:56:76:32:9a:d6:46:52:09:18:a9:d8:de:1e:
81:65:ee:fb:57:db:ab:9d:30:21:0c:20:ba:fc:e1:
ee:03:19:b7:03:c9:0e:7c:b0:f0:b7:9a:1d:c7:ad:
40:57:e1:ca:8a:c3:d9:aa:39:c5:e3:ba:08:1b:74:
35:85:21:18:d5:a6:69:ff:36:e4:1d:c7:18:29:e0:
22:8c:91:2b:2b:00:2c:fc:e7:92:00:99:35:2b:64:
7f:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:14:CD:E2:3E:5B:DB:15:71:CF:2D:24:18:58:1F:AC:4F:D7:60:8E
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/LxTN4j5b2xVxzy0kGFgfrE_XYI4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.102.0/23
Signature Algorithm: sha256WithRSAEncryption
63:80:5b:bb:2f:ff:df:69:44:e5:2b:ef:7d:79:3a:89:bc:b6:
3f:c6:d6:d0:9d:da:50:c3:4e:93:9c:d6:ec:93:81:65:b5:56:
32:a3:4b:3c:4e:11:ce:41:18:63:4a:c9:d0:86:74:a6:9c:86:
f6:83:9f:7a:5a:f4:39:8e:84:62:3a:10:90:81:58:2a:1b:6b:
69:08:6d:9c:06:9b:a3:cd:96:04:e3:9c:d9:04:66:af:20:a6:
76:46:c3:09:cc:b9:41:00:90:b8:7e:c3:bd:f9:97:0f:14:32:
69:26:bb:7a:12:cc:88:f1:0a:31:fe:08:f3:2b:06:bb:15:f6:
ee:06:71:87:44:cb:49:03:d2:9e:2c:e7:97:fd:aa:50:7e:29:
d9:69:9f:08:6d:7c:fd:94:e3:97:3c:d0:c1:57:65:4e:24:74:
05:44:c7:89:63:5c:19:0d:2e:18:ab:68:97:12:67:dc:bf:59:
39:1e:a5:b1:fc:72:0f:df:88:93:a0:c5:75:80:61:89:79:52:
15:a9:dc:d1:db:28:ae:07:6c:f5:ed:64:55:8e:f4:2d:23:4d:
26:62:ef:06:bc:51:10:c9:a2:18:7a:fb:15:b0:46:eb:7e:80:
21:5a:94:c9:2f:c3:a9:39:2c:67:f8:bc:10:31:0c:f9:c9:dc:
9a:fe:29:4b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDREwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDA5MjQx
MTQyMTVaFw0yNTA5MjAwNzQxMjZaMDMxMTAvBgNVBAMTKDJGMTRDREUyM0U1QkRC
MTU3MUNGMkQyNDE4NTgxRkFDNEZENzYwOEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUbX1x8b5plnpES0FYIzma0Z5SLWVtvpmfglCIK3IPo1VrHQsW
J65QjsFeR8onf+Zzzxh6fqmgmAf0t6fxjgcaOkZsZCexB14NB8/GiH19NI7UwtMj
+fQY+h7sjuv0VpqZlZt9GjxtfRttNi4SnnW7RX3UaxqN92OruyNPsfWL6FTS4tZU
qBptb9Xu3CUm0AADL2hNDQj9Dgw6145taVwWiduYxNkOVnYymtZGUgkYqdjeHoFl
7vtX26udMCEMILr84e4DGbcDyQ58sPC3mh3HrUBX4cqKw9mqOcXjuggbdDWFIRjV
pmn/NuQdxxgp4CKMkSsrACz855IAmTUrZH/jAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQULxTN4j5b2xVxzy0kGFgfrE/XYI4wHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL0x4VE40ajViMnhWeHp5
MGtHRmdmckVfWFlJNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAF7YmYwDQYJKoZIhvcNAQELBQADggEBAGOAW7sv/99pROUr7315Oom8tj/G1tCd
2lDDTpOc1uyTgWW1VjKjSzxOEc5BGGNKydCGdKachvaDn3pa9DmOhGI6EJCBWCob
a2kIbZwGm6PNlgTjnNkEZq8gpnZGwwnMuUEAkLh+w735lw8UMmkmu3oSzIjxCjH+
CPMrBrsV9u4GcYdEy0kD0p4s55f9qlB+KdlpnwhtfP2U45c80MFXZU4kdAVEx4lj
XBkNLhiraJcSZ9y/WTkepbH8cg/fiJOgxXWAYYl5UhWp3NHbKK4HbPXtZFWO9C0j
TSZi7wa8URDJohh6+xWwRut+gCFalMkvw6k5LGf4vBAxDPnJ3Jr+KUs=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:40:04 2025 by rpki-client