Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/-Cmtb38tFc4kilOLYNdJcTIAltU.roa
File: -Cmtb38tFc4kilOLYNdJcTIAltU.roa (raw, json)
Hash identifier: DnUpu6ptkPeNwDmWzFg1eoLTZRBbLlOlTKjGawEArQE=
Subject key identifier: F8:29:AD:6F:7F:2D:15:CE:24:8A:53:8B:60:D7:49:71:32:00:96:D5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 55D7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/-Cmtb38tFc4kilOLYNdJcTIAltU.roa
Signing time: Mon 13 May 2024 00:54:12 +0000
ROA not before: Mon 13 May 2024 00:54:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21975 (0x55d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 00:54:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F829AD6F7F2D15CE248A538B60D74971320096D5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:a6:0f:d1:60:28:bd:20:18:2f:8c:68:6a:68:
1e:e5:27:fc:2e:b2:39:fd:1a:ef:52:5e:16:39:ce:
7a:bf:ab:76:1d:b1:50:fe:9a:3e:b6:ef:ff:f4:65:
05:ee:de:15:b9:b3:a7:5f:a4:1e:48:c5:8b:8d:2d:
f4:b6:6e:ec:d4:b1:5a:b4:e3:e1:26:1c:38:fe:15:
69:91:37:83:ac:63:19:96:2c:4a:8f:26:b1:8f:87:
b9:22:74:63:d0:70:1f:85:59:ed:18:dd:18:0c:ba:
52:a7:6e:b1:ab:56:c5:77:6b:c2:7c:28:de:14:bd:
12:db:be:ef:44:1c:28:b4:2c:e9:0c:c5:d9:3f:1d:
fe:d7:f4:a0:89:f9:40:e6:47:75:09:cd:f4:5d:d1:
69:60:39:8f:de:53:b4:df:d4:66:ac:12:88:2f:96:
ad:22:85:bf:46:08:2b:00:c5:5e:9d:7d:24:7c:ff:
83:27:1e:96:e5:24:2f:b9:b5:a7:b8:7e:51:3c:78:
0b:17:08:ba:a2:b5:23:89:5b:b5:fc:00:dd:ec:a7:
41:60:4c:1a:d3:b3:3b:cc:77:96:cd:d3:35:4a:0a:
e9:a0:64:2f:d5:44:76:9c:f9:8f:e7:56:4c:08:fd:
59:97:d2:22:05:90:f0:9c:da:be:73:15:2a:71:07:
83:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:29:AD:6F:7F:2D:15:CE:24:8A:53:8B:60:D7:49:71:32:00:96:D5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/-Cmtb38tFc4kilOLYNdJcTIAltU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
53:a6:17:31:49:7d:73:41:c0:7c:0e:ca:51:87:a6:b7:32:fb:
45:74:73:d3:88:f3:9e:c1:f5:bd:a4:6c:d3:06:0a:66:be:55:
ef:68:7a:6d:04:ef:92:16:de:90:50:81:a9:6f:fd:9c:6b:80:
98:65:d0:44:d1:cd:f1:83:d1:33:a2:dd:cb:e2:05:bd:2f:64:
26:5a:06:36:97:f3:02:38:45:a2:08:d2:94:f9:b2:6e:7f:cc:
34:ec:cf:82:61:e2:4e:71:b5:79:3d:35:44:93:bf:a7:02:e4:
15:f7:7b:56:fd:5c:95:d6:0a:89:ab:0a:d5:e4:53:fe:9e:de:
15:a5:6b:23:91:85:0c:9e:11:ee:5a:4f:94:95:f2:31:ac:4e:
31:fe:99:f8:2d:1a:93:0d:40:a7:9c:28:86:1c:71:1e:20:6c:
44:79:0f:60:a5:48:88:93:fd:aa:43:54:43:f0:76:3c:e9:35:
29:2a:ed:7d:54:d2:7c:b9:64:3f:4b:a4:fb:8c:cb:f7:17:e1:
11:9a:d9:6b:8c:da:91:31:46:9b:66:04:83:3d:53:67:d8:9a:
2f:8c:32:da:16:25:d1:5d:8f:eb:10:db:c8:55:2f:fc:fb:9a:
0a:45:67:97:a1:a1:6c:63:ec:bc:68:ba:65:33:3c:f0:e5:e2:
67:b7:38:b2
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICVdcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTMw
MDU0MTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY4MjlBRDZGN0YyRDE1
Q0UyNDhBNTM4QjYwRDc0OTcxMzIwMDk2RDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDspg/RYCi9IBgvjGhqaB7lJ/wusjn9Gu9SXhY5znq/q3YdsVD+
mj627//0ZQXu3hW5s6dfpB5IxYuNLfS2buzUsVq04+EmHDj+FWmRN4OsYxmWLEqP
JrGPh7kidGPQcB+FWe0Y3RgMulKnbrGrVsV3a8J8KN4UvRLbvu9EHCi0LOkMxdk/
Hf7X9KCJ+UDmR3UJzfRd0WlgOY/eU7Tf1GasEogvlq0ihb9GCCsAxV6dfSR8/4Mn
HpblJC+5tae4flE8eAsXCLqitSOJW7X8AN3sp0FgTBrTszvMd5bN0zVKCumgZC/V
RHac+Y/nVkwI/VmX0iIFkPCc2r5zFSpxB4ODAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU+Cmtb38tFc4kilOLYNdJcTIAltUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3Ly1DbXRiMzh0RmM0a2ls
T0xZTmRKY1RJQWx0VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFOmFzFJfXNBwHwOylGHprcy+0V0c9OI
857B9b2kbNMGCma+Ve9oem0E75IW3pBQgalv/ZxrgJhl0ETRzfGD0TOi3cviBb0v
ZCZaBjaX8wI4RaII0pT5sm5/zDTsz4Jh4k5xtXk9NUSTv6cC5BX3e1b9XJXWComr
CtXkU/6e3hWlayORhQyeEe5aT5SV8jGsTjH+mfgtGpMNQKecKIYccR4gbER5D2Cl
SIiT/apDVEPwdjzpNSkq7X1U0ny5ZD9LpPuMy/cX4RGa2WuM2pExRptmBIM9U2fY
mi+MMtoWJdFdj+sQ28hVL/z7mgpFZ5ehoWxj7LxoumUzPPDl4me3OLI=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:40:18 2025 by rpki-client