Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/Pp3HYoO9CbMXsPvLxTLQWMF7ZkM.roa
File: Pp3HYoO9CbMXsPvLxTLQWMF7ZkM.roa (raw, json)
Hash identifier: Eskkko2LwsdUJG0YuIq1rWhMVTxNyrCd5cyafcMwiVQ=
Subject key identifier: 3E:9D:C7:62:83:BD:09:B3:17:B0:FB:CB:C5:32:D0:58:C1:7B:66:43
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0FBA
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/Pp3HYoO9CbMXsPvLxTLQWMF7ZkM.roa
Signing time: Fri 17 Jan 2025 01:27:55 +0000
ROA not before: Fri 17 Jan 2025 01:27:55 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 34549
IP address blocks: 123.98.64.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4026 (0xfba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Jan 17 01:27:55 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=3E9DC76283BD09B317B0FBCBC532D058C17B6643
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:3d:ec:86:89:2d:16:a8:75:af:01:be:98:07:
3d:96:37:60:17:47:57:69:d1:a4:e8:b2:58:6c:13:
49:56:5f:56:7b:72:45:df:1d:30:ff:7a:3b:3c:95:
8c:63:57:be:f6:43:fd:cd:1c:ce:86:96:69:d4:89:
f6:9f:10:a3:e5:e4:a1:cf:bd:fc:22:92:7a:7c:18:
4c:3e:06:98:05:d9:42:7c:92:3b:f2:92:37:2a:bf:
92:17:1d:8f:c8:c1:45:6a:84:57:38:eb:1b:1a:a6:
41:82:04:b8:f6:0d:75:b5:b0:42:60:c3:61:df:72:
92:45:94:33:33:e1:00:a7:c9:91:36:6f:36:49:c8:
d4:74:2c:2d:2a:69:c4:d3:2c:33:19:92:e2:0e:84:
88:02:53:eb:08:5e:24:7a:fa:10:eb:86:28:f4:ee:
7b:35:eb:c3:00:98:64:59:ac:cc:26:51:0f:ac:b0:
77:12:9d:38:a8:5f:47:df:83:76:05:39:04:20:c4:
67:84:e9:bc:74:70:61:f6:8f:f9:71:6b:69:02:ea:
0f:72:26:50:bb:53:7f:28:ad:0f:73:6b:e3:db:25:
8b:93:a6:3c:77:3a:21:5c:9e:d7:1f:c4:f6:c4:33:
b5:4b:a6:c7:07:e7:f2:fd:b3:cc:64:48:bb:64:08:
b5:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:9D:C7:62:83:BD:09:B3:17:B0:FB:CB:C5:32:D0:58:C1:7B:66:43
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/Pp3HYoO9CbMXsPvLxTLQWMF7ZkM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.64.0/22
Signature Algorithm: sha256WithRSAEncryption
da:4c:ac:fa:17:7b:05:27:24:95:11:a3:48:b8:56:b5:db:4d:
ed:b0:26:2d:6b:9b:49:9b:82:0b:5d:7b:53:05:38:91:12:f0:
61:d8:3a:a2:ca:e7:01:1e:05:73:01:2f:3d:7e:ac:1a:d5:22:
46:0f:dd:75:4a:09:c4:05:74:df:c2:78:6b:2d:10:9a:74:33:
30:8c:11:d9:59:a8:1d:c0:41:13:4b:d5:00:f3:1f:9f:de:32:
40:74:92:8b:f5:19:45:26:96:8a:7e:9e:1f:dc:84:96:c1:d9:
b8:bc:bf:0b:73:db:97:c0:61:a4:a7:17:95:1c:38:38:9d:4f:
cf:fb:ea:33:49:cd:39:77:0a:c7:50:2d:c5:d5:1c:a1:cb:54:
82:ce:6c:7b:fc:1d:03:a6:31:cf:fb:e7:7a:1d:b7:df:d8:d7:
aa:e1:24:a2:dc:f8:d1:eb:50:2e:16:b1:2a:be:45:f2:ed:d3:
e8:3d:47:39:ff:f1:94:52:8a:32:b1:21:b7:8f:39:98:77:ac:
f5:86:e3:16:29:bb:7a:c4:50:b0:0c:50:b6:22:db:84:a6:7c:
94:ed:a5:d3:86:cf:a0:02:01:0e:a8:26:de:0e:14:6e:35:d9:
44:3a:6c:21:b0:ca:c6:5f:47:28:da:03:c9:32:02:50:ea:6c:
64:11:bc:8d
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICD7owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTAxMTcw
MTI3NTVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDNFOURDNzYyODNCRDA5
QjMxN0IwRkJDQkM1MzJEMDU4QzE3QjY2NDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMPeyGiS0WqHWvAb6YBz2WN2AXR1dp0aToslhsE0lWX1Z7ckXf
HTD/ejs8lYxjV772Q/3NHM6GlmnUifafEKPl5KHPvfwiknp8GEw+BpgF2UJ8kjvy
kjcqv5IXHY/IwUVqhFc46xsapkGCBLj2DXW1sEJgw2HfcpJFlDMz4QCnyZE2bzZJ
yNR0LC0qacTTLDMZkuIOhIgCU+sIXiR6+hDrhij07ns168MAmGRZrMwmUQ+ssHcS
nTioX0ffg3YFOQQgxGeE6bx0cGH2j/lxa2kC6g9yJlC7U38orQ9za+PbJYuTpjx3
OiFcntcfxPbEM7VLpscH5/L9s8xkSLtkCLV1AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUPp3HYoO9CbMXsPvLxTLQWMF7ZkMwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL1BwM0hZb085Q2JNWHNQ
dkx4VExRV01GN1prTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJ7YkAwDQYJKoZIhvcNAQELBQADggEBANpMrPoXewUnJJURo0i4VrXbTe2wJi1r
m0mbggtde1MFOJES8GHYOqLK5wEeBXMBLz1+rBrVIkYP3XVKCcQFdN/CeGstEJp0
MzCMEdlZqB3AQRNL1QDzH5/eMkB0kov1GUUmlop+nh/chJbB2bi8vwtz25fAYaSn
F5UcODidT8/76jNJzTl3CsdQLcXVHKHLVILObHv8HQOmMc/753odt9/Y16rhJKLc
+NHrUC4WsSq+RfLt0+g9Rzn/8ZRSijKxIbePOZh3rPWG4xYpu3rEULAMULYi24Sm
fJTtpdOGz6ACAQ6oJt4OFG412UQ6bCGwysZfRyjaA8kyAlDqbGQRvI0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:32:35 2025 by rpki-client