Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/-8M7rkAWhp2MZSdUS8OqSNX28dU.roa
File: -8M7rkAWhp2MZSdUS8OqSNX28dU.roa (raw, json)
Hash identifier: 2fxGd5EigatW6+sRXur798EJu6M0ZqordkHhdjqStJg=
Subject key identifier: FB:C3:3B:AE:40:16:86:9D:8C:65:27:54:4B:C3:AA:48:D5:F6:F1:D5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 34B7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/-8M7rkAWhp2MZSdUS8OqSNX28dU.roa
Signing time: Fri 29 Mar 2024 20:52:08 +0000
ROA not before: Fri 29 Mar 2024 20:52:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13495 (0x34b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 20:52:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FBC33BAE4016869D8C6527544BC3AA48D5F6F1D5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:be:e4:da:da:07:f0:93:69:e1:49:72:98:51:
fe:46:4c:f2:5b:78:63:49:04:5c:44:75:d1:c4:5c:
2a:6d:f4:fc:4a:8f:31:15:76:85:9a:ea:52:e1:3a:
e2:6d:c7:55:56:c8:19:88:ca:c5:d4:3a:a0:ca:e7:
15:fc:83:7e:47:3b:6e:a0:2b:a9:ad:04:31:52:69:
ce:96:a5:3f:04:22:60:31:52:33:eb:47:d4:2b:25:
1b:c3:bc:79:1b:f9:b4:30:c5:51:bd:66:08:13:94:
52:62:ea:f6:a7:43:d3:d7:25:03:87:36:24:96:88:
36:2f:0d:75:e5:6b:5d:9a:59:0c:34:b3:6c:ee:51:
4b:b8:80:4d:85:7c:ef:90:fc:42:b9:86:62:14:2f:
06:13:a9:c3:b0:2a:75:70:63:cc:1e:7c:9b:23:69:
3e:e7:98:8d:f6:fa:15:ea:48:db:96:3e:b0:f1:9e:
26:51:62:cd:76:10:d9:d7:06:9c:2c:3a:52:16:75:
29:18:0d:18:05:1b:97:ca:78:56:c3:a7:d3:b4:fa:
f3:72:7f:31:05:58:b6:91:86:da:6b:80:df:c3:c2:
6a:41:6b:4f:17:31:33:49:eb:25:c9:11:d9:cd:67:
a0:fa:47:2d:95:26:ca:6e:1e:66:43:47:b1:38:19:
c6:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:C3:3B:AE:40:16:86:9D:8C:65:27:54:4B:C3:AA:48:D5:F6:F1:D5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/-8M7rkAWhp2MZSdUS8OqSNX28dU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
8a:0f:2d:29:67:1b:87:fe:43:e7:75:70:55:6d:a2:49:6c:5d:
1a:2c:ef:ef:87:8a:ca:46:c4:3c:73:01:c3:b1:4b:95:ae:ec:
43:bd:0f:2f:3f:df:df:ea:a3:08:1c:5d:4b:f8:d8:96:2b:5c:
64:d2:5d:77:0c:73:40:1f:6c:34:ab:57:d8:b4:12:b5:32:7a:
a3:00:d9:bc:9e:c5:12:00:ac:73:1b:e0:8c:5e:6a:9f:58:74:
cf:33:cc:67:2f:3c:e1:29:3a:a6:ed:e6:98:75:c2:1a:9c:4d:
56:6b:73:73:3c:f0:86:69:08:66:a9:6f:1f:eb:fa:92:8a:32:
89:98:96:26:6f:a4:e0:ef:56:ac:35:95:bb:63:2e:19:28:ca:
79:e5:6c:dd:3b:dc:c5:98:4f:a5:87:7e:a9:7c:a9:33:a7:b3:
4a:1b:54:c8:0c:41:76:45:b5:0d:f4:05:e6:25:1e:bd:46:9f:
96:3a:0d:4b:9c:bd:fe:d1:1e:29:bc:60:b9:77:38:5c:e1:5d:
19:e2:64:5d:46:65:dc:b3:fd:bc:20:ee:e6:10:a0:e3:2f:ae:
6b:39:60:39:48:fc:5f:3e:92:2a:9d:4c:c0:e5:8d:77:9a:e1:
65:5c:5d:a0:db:03:eb:89:6d:95:2a:67:01:f7:55:84:f8:6d:
52:3d:b1:4c
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNLcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjky
MDUyMDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZCQzMzQkFFNDAxNjg2
OUQ4QzY1Mjc1NDRCQzNBQTQ4RDVGNkYxRDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdvuTa2gfwk2nhSXKYUf5GTPJbeGNJBFxEddHEXCpt9PxKjzEV
doWa6lLhOuJtx1VWyBmIysXUOqDK5xX8g35HO26gK6mtBDFSac6WpT8EImAxUjPr
R9QrJRvDvHkb+bQwxVG9ZggTlFJi6vanQ9PXJQOHNiSWiDYvDXXla12aWQw0s2zu
UUu4gE2FfO+Q/EK5hmIULwYTqcOwKnVwY8wefJsjaT7nmI32+hXqSNuWPrDxniZR
Ys12ENnXBpwsOlIWdSkYDRgFG5fKeFbDp9O0+vNyfzEFWLaRhtprgN/DwmpBa08X
MTNJ6yXJEdnNZ6D6Ry2VJspuHmZDR7E4GcYNAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU+8M7rkAWhp2MZSdUS8OqSNX28dUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3Ly04TTdya0FXaHAyTVpT
ZFVTOE9xU05YMjhkVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAIoPLSlnG4f+Q+d1cFVtoklsXRos7++H
ispGxDxzAcOxS5Wu7EO9Dy8/39/qowgcXUv42JYrXGTSXXcMc0AfbDSrV9i0ErUy
eqMA2byexRIArHMb4Ixeap9YdM8zzGcvPOEpOqbt5ph1whqcTVZrc3M88IZpCGap
bx/r+pKKMomYliZvpODvVqw1lbtjLhkoynnlbN073MWYT6WHfql8qTOns0obVMgM
QXZFtQ30BeYlHr1Gn5Y6DUucvf7RHim8YLl3OFzhXRniZF1GZdyz/bwg7uYQoOMv
rms5YDlI/F8+kiqdTMDljXea4WVcXaDbA+uJbZUqZwH3VYT4bVI9sUw=
-----END CERTIFICATE-----
Generated at Fri Apr 11 10:02:44 2025 by rpki-client