Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/Y4VBtOkUxKYdPDIVLmlovL6pSS4.roa
File: Y4VBtOkUxKYdPDIVLmlovL6pSS4.roa (raw, json)
Hash identifier: K77DGxFia4ksvI6DSpqgHvc7VxNMWsqmu1x1td6hEwg=
Subject key identifier: 63:85:41:B4:E9:14:C4:A6:1D:3C:32:15:2E:69:68:BC:BE:A9:49:2E
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0FB9
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/Y4VBtOkUxKYdPDIVLmlovL6pSS4.roa
Signing time: Fri 17 Jan 2025 01:27:55 +0000
ROA not before: Fri 17 Jan 2025 01:27:55 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 62387
IP address blocks: 123.98.52.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4025 (0xfb9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Jan 17 01:27:55 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=638541B4E914C4A61D3C32152E6968BCBEA9492E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b4:a9:af:8e:2c:43:43:6e:b8:6e:62:ff:7e:
ef:7d:6b:cb:e4:ca:b9:a4:c4:da:8a:db:ca:b9:96:
d6:53:db:77:c3:40:3e:a6:ba:85:35:82:65:53:58:
1d:df:63:44:c5:60:4c:ce:02:43:57:51:40:57:f5:
b9:1e:04:1f:a1:de:e6:7d:8e:61:72:9c:ba:6d:1e:
ab:20:67:4b:a4:aa:03:2c:52:a3:38:25:90:50:bf:
53:4a:36:7e:8b:45:40:3c:23:fa:40:0c:da:62:07:
c7:65:46:a7:18:50:da:df:b8:b9:95:a0:62:1f:e9:
b6:cf:fd:62:b5:bc:d1:5f:00:02:0a:1f:68:9e:c8:
44:c8:38:1c:25:09:6a:7c:d2:45:a3:d6:61:d1:16:
c9:64:78:c1:ff:19:2e:a9:ba:2d:7e:73:8c:ba:9e:
2f:39:29:53:74:0c:58:aa:fd:f5:c4:69:c9:d5:4b:
5b:7d:b3:77:20:4b:cb:1d:3b:a2:f4:f7:a4:1d:81:
99:c6:2d:dd:19:a3:0c:5d:c7:14:61:a6:60:f1:13:
de:43:30:f9:07:59:2e:7f:e8:e4:1e:d4:34:b1:21:
0d:ef:c2:8a:16:33:41:ad:eb:c6:13:e6:ff:17:28:
0a:ad:0f:4e:00:1e:ee:da:cc:03:95:93:1c:55:e6:
27:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:85:41:B4:E9:14:C4:A6:1D:3C:32:15:2E:69:68:BC:BE:A9:49:2E
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/Y4VBtOkUxKYdPDIVLmlovL6pSS4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.52.0/22
Signature Algorithm: sha256WithRSAEncryption
22:18:5b:0d:36:76:29:f1:a9:3d:64:35:78:9b:90:03:fe:52:
1a:96:f1:a4:07:e9:69:25:fe:a4:ef:31:b8:cc:04:76:2f:0b:
a0:31:ce:8a:23:02:4d:54:f3:5a:de:75:61:73:d5:bb:85:35:
48:9f:fa:ee:c0:e0:2e:cf:88:7c:bf:fe:d3:95:b1:5d:9e:2b:
e9:0d:11:18:f2:04:ff:3a:b7:bf:6a:49:51:bf:fb:ac:f9:d6:
1d:fd:13:37:88:31:2f:82:ce:a4:c5:b7:a2:e8:46:8e:ca:8e:
96:c3:16:e4:67:da:55:0d:a8:72:1c:f6:da:38:ea:a9:73:54:
58:40:f9:4e:2f:f6:b7:a5:fa:ee:8d:a4:95:2c:26:e9:b8:b8:
63:51:df:34:7e:70:9a:66:1b:4e:a0:5a:34:08:cd:9d:4c:c7:
4d:f0:ad:3f:a8:29:86:86:eb:db:f4:af:1b:d4:67:2a:48:12:
f9:4e:14:63:d4:41:35:c7:72:02:42:95:ea:3b:84:7a:01:5f:
46:34:c8:8b:4c:58:6e:a0:31:22:26:98:04:f2:0b:c6:3a:41:
3f:21:4f:f8:2e:b2:83:82:2d:ea:73:17:8a:6a:e8:29:30:f3:
9f:c4:47:a0:c1:ab:ba:de:30:f3:12:30:ec:40:71:3c:47:a6:
1a:7d:c0:0f
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICD7kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTAxMTcw
MTI3NTVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDYzODU0MUI0RTkxNEM0
QTYxRDNDMzIxNTJFNjk2OEJDQkVBOTQ5MkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCptKmvjixDQ264bmL/fu99a8vkyrmkxNqK28q5ltZT23fDQD6m
uoU1gmVTWB3fY0TFYEzOAkNXUUBX9bkeBB+h3uZ9jmFynLptHqsgZ0ukqgMsUqM4
JZBQv1NKNn6LRUA8I/pADNpiB8dlRqcYUNrfuLmVoGIf6bbP/WK1vNFfAAIKH2ie
yETIOBwlCWp80kWj1mHRFslkeMH/GS6pui1+c4y6ni85KVN0DFiq/fXEacnVS1t9
s3cgS8sdO6L096QdgZnGLd0ZowxdxxRhpmDxE95DMPkHWS5/6OQe1DSxIQ3vwooW
M0Gt68YT5v8XKAqtD04AHu7azAOVkxxV5id5AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUY4VBtOkUxKYdPDIVLmlovL6pSS4wHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL1k0VkJ0T2tVeEtZZFBE
SVZMbWxvdkw2cFNTNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJ7YjQwDQYJKoZIhvcNAQELBQADggEBACIYWw02dinxqT1kNXibkAP+UhqW8aQH
6Wkl/qTvMbjMBHYvC6AxzoojAk1U81redWFz1buFNUif+u7A4C7PiHy//tOVsV2e
K+kNERjyBP86t79qSVG/+6z51h39EzeIMS+CzqTFt6LoRo7KjpbDFuRn2lUNqHIc
9to46qlzVFhA+U4v9rel+u6NpJUsJum4uGNR3zR+cJpmG06gWjQIzZ1Mx03wrT+o
KYaG69v0rxvUZypIEvlOFGPUQTXHcgJCleo7hHoBX0Y0yItMWG6gMSImmATyC8Y6
QT8hT/gusoOCLepzF4pq6Ckw85/ER6DBq7reMPMSMOxAcTxHphp9wA8=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:27:16 2025 by rpki-client