Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/cgFgGuVAGU050RorXHk8wL_a5Gc.roa
File: cgFgGuVAGU050RorXHk8wL_a5Gc.roa (raw, json)
Hash identifier: oZht95N9G6h8JOgwC3aTIfeMZ26xZQmsVLJ6LN8wido=
Subject key identifier: 72:01:60:1A:E5:40:19:4D:39:D1:1A:2B:5C:79:3C:C0:BF:DA:E4:67
Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Certificate serial: 0C57
Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/cgFgGuVAGU050RorXHk8wL_a5Gc.roa
Signing time: Wed 28 Aug 2024 08:53:58 +0000
ROA not before: Wed 28 Aug 2024 08:53:58 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 62387
IP address blocks: 123.98.24.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3159 (0xc57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA
Validity
Not Before: Aug 28 08:53:58 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7201601AE540194D39D11A2B5C793CC0BFDAE467
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:71:51:5e:04:ba:85:0f:22:37:0a:ac:b8:1d:
39:d3:1d:16:18:e8:f1:b2:85:d5:65:c6:17:e4:06:
d2:6d:f4:db:0b:ef:74:c0:98:fc:4c:47:e3:13:02:
b7:1b:dd:93:2a:26:47:41:e9:fe:98:f7:1e:68:7e:
eb:83:94:cf:52:d1:19:d6:06:82:1a:93:cf:74:44:
f8:29:15:b4:70:33:72:c7:2a:e6:25:a4:55:d6:bf:
92:c9:34:3b:89:2d:b7:5b:45:f5:55:a3:52:ad:20:
d0:47:a7:68:bb:ab:36:bd:66:09:2a:19:07:f3:0b:
6a:f8:d8:4f:43:8d:37:9d:38:12:fc:65:79:ee:1c:
c6:c6:e2:29:85:14:f0:cc:d7:d7:5f:67:4d:5b:c5:
d6:08:7b:28:15:7c:08:6b:3b:71:85:89:3b:90:1d:
28:86:3d:d4:cf:27:99:ef:d3:25:cd:4f:74:b4:81:
e8:e9:94:cf:96:b7:0e:6f:91:c1:7e:5b:9b:8b:36:
7a:24:97:cf:f1:89:2c:24:95:f8:e0:fd:b2:23:bc:
f9:a3:13:3c:7e:6c:08:60:9b:b1:c1:e4:51:ba:6a:
42:8d:d0:3e:c9:80:48:63:b2:fd:7f:76:ae:3d:dd:
e9:f3:66:7e:26:99:3a:99:00:db:26:ca:4f:dc:92:
62:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:01:60:1A:E5:40:19:4D:39:D1:1A:2B:5C:79:3C:C0:BF:DA:E4:67
X509v3 Authority Key Identifier:
keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/cgFgGuVAGU050RorXHk8wL_a5Gc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.98.24.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:57:a1:72:c5:cc:90:12:ab:9a:39:c4:6b:61:66:ab:a9:e6:
57:4f:02:d8:e8:44:bc:bc:d4:65:fe:14:b9:d7:e3:ab:f5:1a:
21:05:6e:b7:f7:0b:6c:aa:96:c0:b7:de:5c:18:dd:7f:a5:7f:
75:67:24:a8:59:cd:31:92:7e:96:1f:86:94:13:58:3d:0c:13:
a8:7d:14:31:7c:6c:41:87:0c:c6:db:1a:2d:e0:c6:30:4d:10:
81:8e:1f:76:41:f2:79:65:b0:ea:b8:4b:18:b1:2a:7a:75:21:
cb:55:34:12:ce:71:4b:67:84:35:1d:54:a3:8d:05:32:d3:53:
ae:ac:03:e8:48:51:0e:e2:b2:f7:ce:cc:b7:85:45:d7:16:d4:
7a:b6:3d:98:dd:b0:4f:da:79:9a:f9:8a:55:5d:0b:83:56:53:
0d:64:dd:c8:9a:2c:8c:89:75:da:11:75:b3:f6:30:68:1e:80:
1d:77:19:64:24:0a:59:a1:d7:39:03:be:81:0e:9d:45:96:80:
1e:b9:93:2b:dd:9d:0d:57:c3:70:7f:e7:ca:56:c7:9b:95:b3:
45:5c:f5:3a:d9:5c:79:06:9c:10:f2:a4:3e:4b:f8:ef:93:62:
c8:81:49:d4:93:cd:37:8c:51:b5:2a:c1:cb:50:1e:90:29:3d:
2e:7e:09:79
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICDFcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1
QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNDA4Mjgw
ODUzNThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDcyMDE2MDFBRTU0MDE5
NEQzOUQxMUEyQjVDNzkzQ0MwQkZEQUU0NjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWcVFeBLqFDyI3Cqy4HTnTHRYY6PGyhdVlxhfkBtJt9NsL73TA
mPxMR+MTArcb3ZMqJkdB6f6Y9x5ofuuDlM9S0RnWBoIak890RPgpFbRwM3LHKuYl
pFXWv5LJNDuJLbdbRfVVo1KtINBHp2i7qza9ZgkqGQfzC2r42E9DjTedOBL8ZXnu
HMbG4imFFPDM19dfZ01bxdYIeygVfAhrO3GFiTuQHSiGPdTPJ5nv0yXNT3S0gejp
lM+Wtw5vkcF+W5uLNnokl8/xiSwklfjg/bIjvPmjEzx+bAhgm7HB5FG6akKN0D7J
gEhjsv1/dq493enzZn4mmTqZANsmyk/ckmJzAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUcgFgGuVAGU050RorXHk8wL/a5GcwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l
qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz
L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL2NnRmdHdVZBR1UwNTBS
b3JYSGs4d0xfYTVHYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJ7YhgwDQYJKoZIhvcNAQELBQADggEBAD9XoXLFzJASq5o5xGthZqup5ldPAtjo
RLy81GX+FLnX46v1GiEFbrf3C2yqlsC33lwY3X+lf3VnJKhZzTGSfpYfhpQTWD0M
E6h9FDF8bEGHDMbbGi3gxjBNEIGOH3ZB8nllsOq4SxixKnp1IctVNBLOcUtnhDUd
VKONBTLTU66sA+hIUQ7isvfOzLeFRdcW1Hq2PZjdsE/aeZr5ilVdC4NWUw1k3cia
LIyJddoRdbP2MGgegB13GWQkClmh1zkDvoEOnUWWgB65kyvdnQ1Xw3B/58pWx5uV
s0Vc9TrZXHkGnBDypD5L+O+TYsiBSdSTzTeMUbUqwctQHpApPS5+CXk=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:27 2025 by rpki-client