Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/ac-8YY1tO-qMwLEPRIwFG1LD8ik.roa
File: ac-8YY1tO-qMwLEPRIwFG1LD8ik.roa (raw, json)
Hash identifier: xeVbeaqzTUqfAKqTqGpvbYa0YoRGB7O/d8MGDcdrR6s=
Subject key identifier: 69:CF:BC:61:8D:6D:3B:EA:8C:C0:B1:0F:44:8C:05:1B:52:C3:F2:29
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0C48
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/ac-8YY1tO-qMwLEPRIwFG1LD8ik.roa
Signing time: Wed 28 Aug 2024 08:53:52 +0000
ROA not before: Wed 28 Aug 2024 08:53:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 62387
IP address blocks: 123.98.52.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3144 (0xc48)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Aug 28 08:53:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=69CFBC618D6D3BEA8CC0B10F448C051B52C3F229
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:63:b3:bd:54:94:94:52:c2:38:d9:19:aa:65:
72:a8:5f:af:27:ff:dc:c9:e4:0b:7b:6a:1e:dd:15:
ca:3f:31:7f:49:b0:88:63:b6:81:f1:bd:fb:01:95:
ef:39:1c:4f:d0:53:10:77:d5:86:91:5f:29:63:3a:
dd:3c:d4:09:25:ad:0f:f1:1f:43:23:5d:eb:60:42:
c2:c2:c0:2e:1c:18:92:1a:df:3a:5f:eb:17:59:37:
33:72:4d:fd:8f:1f:e4:a1:7c:d7:a6:54:bb:3b:a0:
06:b8:40:56:bd:ea:c5:24:21:91:5c:3d:12:2e:13:
89:e0:19:3f:c5:2e:34:b2:88:c5:f9:68:b1:13:7a:
35:5d:5d:b6:17:0f:5b:e2:ee:1e:f7:77:73:73:da:
8f:d6:f0:69:86:53:b2:b6:b7:2d:12:55:e2:16:61:
0a:d7:26:73:3f:e0:4e:2e:0b:d5:76:3d:7b:3c:23:
c1:d5:91:69:c5:6f:c3:1d:27:86:2d:80:b4:3b:be:
60:fa:4c:49:6e:a9:ac:35:b7:f5:e1:27:d5:65:65:
0e:3e:83:bc:84:fe:e8:c6:1e:fe:31:6d:7c:a3:f0:
7c:53:ad:54:1e:23:10:9a:9a:38:97:b5:7c:f8:ad:
2b:8e:25:43:81:d7:ba:fe:1d:b4:ae:5a:6a:01:b7:
d2:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:CF:BC:61:8D:6D:3B:EA:8C:C0:B1:0F:44:8C:05:1B:52:C3:F2:29
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/ac-8YY1tO-qMwLEPRIwFG1LD8ik.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.52.0/22
Signature Algorithm: sha256WithRSAEncryption
64:9d:7a:7e:a0:8b:a2:25:54:4f:4a:85:8e:b3:88:c7:5e:68:
f7:da:b7:27:7e:fe:6e:3f:59:e3:dd:e7:00:16:92:09:b3:f3:
37:22:59:1b:48:e2:ad:ee:0c:2f:8f:5f:a6:a4:a4:42:8a:54:
f2:c6:5f:c4:21:c3:9b:8f:1f:77:05:90:9c:30:41:04:74:47:
f0:bc:cd:05:6b:dc:08:8b:72:e6:59:b3:36:bb:19:af:3a:5d:
1b:74:63:7c:77:98:9b:3e:26:8b:ab:41:84:a1:21:29:4e:33:
1b:f7:54:d1:49:7a:af:32:4f:c4:b1:fe:2c:c5:68:4e:3a:4f:
6c:9a:54:3d:35:be:cd:72:83:86:c4:01:64:2a:1b:0a:03:7a:
92:df:b9:77:60:5a:f7:a8:33:8c:f2:5b:60:68:a6:37:66:14:
71:ff:61:49:cd:b7:27:af:33:96:8b:16:ba:25:d3:7d:94:51:
32:f2:79:18:2c:8e:cd:33:4f:08:ae:e7:29:92:7b:50:6a:40:
4f:a4:72:54:89:59:be:91:69:1a:54:f4:dc:98:ce:74:7c:b2:
8a:dd:8e:f5:ad:7f:61:0d:dd:a0:60:77:9a:dd:78:5f:0e:e2:
86:7a:4f:0e:b9:8f:73:ed:e0:75:c5:b5:0d:5a:8e:be:df:35:
91:a1:0e:a4
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDEgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDA4Mjgw
ODUzNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY5Q0ZCQzYxOEQ2RDNC
RUE4Q0MwQjEwRjQ0OEMwNTFCNTJDM0YyMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSY7O9VJSUUsI42RmqZXKoX68n/9zJ5At7ah7dFco/MX9JsIhj
toHxvfsBle85HE/QUxB31YaRXyljOt081AklrQ/xH0MjXetgQsLCwC4cGJIa3zpf
6xdZNzNyTf2PH+ShfNemVLs7oAa4QFa96sUkIZFcPRIuE4ngGT/FLjSyiMX5aLET
ejVdXbYXD1vi7h73d3Nz2o/W8GmGU7K2ty0SVeIWYQrXJnM/4E4uC9V2PXs8I8HV
kWnFb8MdJ4YtgLQ7vmD6TEluqaw1t/XhJ9VlZQ4+g7yE/ujGHv4xbXyj8HxTrVQe
IxCamjiXtXz4rSuOJUOB17r+HbSuWmoBt9J9AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUac+8YY1tO+qMwLEPRIwFG1LD8ikwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL2FjLThZWTF0Ty1xTXdM
RVBSSXdGRzFMRDhpay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJ7YjQwDQYJKoZIhvcNAQELBQADggEBAGSden6gi6IlVE9KhY6ziMdeaPfatyd+
/m4/WePd5wAWkgmz8zciWRtI4q3uDC+PX6akpEKKVPLGX8Qhw5uPH3cFkJwwQQR0
R/C8zQVr3AiLcuZZsza7Ga86XRt0Y3x3mJs+JourQYShISlOMxv3VNFJeq8yT8Sx
/izFaE46T2yaVD01vs1yg4bEAWQqGwoDepLfuXdgWveoM4zyW2BopjdmFHH/YUnN
tyevM5aLFrol032UUTLyeRgsjs0zTwiu5ymSe1BqQE+kclSJWb6RaRpU9NyYznR8
sordjvWtf2EN3aBgd5rdeF8O4oZ6Tw65j3Pt4HXFtQ1ajr7fNZGhDqQ=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:29:38 2025 by rpki-client