Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/-JiDC3geavQneH_umQSQ81ho1bA.roa
File: -JiDC3geavQneH_umQSQ81ho1bA.roa (raw, json)
Hash identifier: JMaxS2HUV9ZRlK/QLhpjlehnnr5EbbVYfhQ3L+1LaF4=
Subject key identifier: F8:98:83:0B:78:1E:6A:F4:27:78:7F:EE:99:04:90:F3:58:68:D5:B0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3883
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/-JiDC3geavQneH_umQSQ81ho1bA.roa
Signing time: Wed 03 Apr 2024 22:22:21 +0000
ROA not before: Wed 03 Apr 2024 22:22:21 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14467 (0x3883)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 3 22:22:21 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F898830B781E6AF427787FEE990490F35868D5B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:90:57:b6:f3:b4:a5:07:0f:94:9f:db:7f:e1:
53:b1:16:a8:d9:81:10:0a:f7:f6:9d:7f:7e:64:54:
63:8f:b5:3f:5d:10:8c:bb:02:d4:a5:7a:82:13:95:
a7:e6:1b:6e:f8:7a:cd:69:b9:40:6e:4b:b7:d1:6a:
68:61:65:6c:f3:3e:c3:61:3b:63:1a:39:c7:e8:44:
82:8a:70:7d:35:f7:f6:9c:b3:d9:05:6b:24:09:56:
5c:cd:4f:28:5b:fc:fa:6f:af:aa:25:a7:98:47:37:
e4:81:83:da:83:71:d1:ae:eb:5f:71:e9:24:27:2f:
a4:c5:ff:55:d5:fb:a5:67:3e:46:6f:cb:7b:89:5c:
a6:49:af:aa:4c:b3:f4:52:48:f5:32:35:40:c1:4d:
13:db:83:d1:5e:c3:94:f8:eb:3a:6d:59:6f:79:08:
1c:2e:09:e2:79:95:76:3d:bc:15:16:1d:c1:c9:19:
f8:ee:69:cc:f1:98:8c:bc:9e:65:cc:51:0c:13:73:
2f:40:41:6e:46:7a:eb:e2:5d:35:af:dd:fb:ba:96:
5e:17:ef:62:3d:2a:54:5b:5c:de:60:ea:89:78:d2:
e6:c6:88:b1:0c:f9:78:0f:55:b6:1b:11:3f:60:81:
64:cd:5a:6a:06:36:fd:87:fd:7d:e0:23:cd:94:1a:
1f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:98:83:0B:78:1E:6A:F4:27:78:7F:EE:99:04:90:F3:58:68:D5:B0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/-JiDC3geavQneH_umQSQ81ho1bA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
ae:b2:36:ef:3f:6a:1b:9d:b7:4c:bd:20:cb:5b:ca:69:0d:7c:
ed:af:05:37:5c:e5:a0:ac:44:15:01:d2:33:70:ff:de:d0:dc:
75:01:34:e3:86:8e:9c:30:19:b4:77:93:3f:cd:10:32:bc:04:
c3:79:44:a7:f4:b2:81:81:56:76:22:8c:93:5b:2d:c2:78:d3:
64:b9:a9:8e:38:3f:a8:cb:18:8e:14:11:fd:ae:26:3c:57:49:
1e:15:f7:1d:b9:dc:5a:b0:19:2f:4c:4b:d6:a1:11:05:d9:ea:
47:41:d3:e4:fa:42:95:5e:61:2b:3b:13:82:3f:55:e4:fa:38:
9c:b6:13:d1:18:f1:18:2c:b3:97:e8:40:60:f7:82:b4:a0:00:
17:aa:a3:4b:bc:2f:79:c0:db:d0:70:34:82:b1:74:5f:bd:56:
5e:ba:c3:06:03:8c:5e:db:92:42:ef:97:0e:d8:d7:04:11:c5:
73:9f:5c:88:6c:3b:86:a7:8b:97:c1:be:c2:d3:47:22:36:1c:
3c:e1:94:c6:3e:22:01:28:94:6c:a5:e2:1e:22:85:de:fa:b9:
c4:a9:90:26:94:0d:60:42:8b:ef:9b:44:dc:9a:82:a9:c6:31:
43:ee:74:c7:84:89:bb:32:15:1c:8e:9c:0f:d6:6d:51:31:61:
80:ce:7e:4e
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICOIMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDMy
MjIyMjFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY4OTg4MzBCNzgxRTZB
RjQyNzc4N0ZFRTk5MDQ5MEYzNTg2OEQ1QjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9kFe287SlBw+Un9t/4VOxFqjZgRAK9/adf35kVGOPtT9dEIy7
AtSleoITlafmG274es1puUBuS7fRamhhZWzzPsNhO2MaOcfoRIKKcH019/acs9kF
ayQJVlzNTyhb/Ppvr6olp5hHN+SBg9qDcdGu619x6SQnL6TF/1XV+6VnPkZvy3uJ
XKZJr6pMs/RSSPUyNUDBTRPbg9Few5T46zptWW95CBwuCeJ5lXY9vBUWHcHJGfju
aczxmIy8nmXMUQwTcy9AQW5GeuviXTWv3fu6ll4X72I9KlRbXN5g6ol40ubGiLEM
+XgPVbYbET9ggWTNWmoGNv2H/X3gI82UGh9VAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU+JiDC3geavQneH/umQSQ81ho1bAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3Ly1KaURDM2dlYXZRbmVI
X3VtUVNRODFobzFiQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAK6yNu8/ahudt0y9IMtbymkNfO2vBTdc
5aCsRBUB0jNw/97Q3HUBNOOGjpwwGbR3kz/NEDK8BMN5RKf0soGBVnYijJNbLcJ4
02S5qY44P6jLGI4UEf2uJjxXSR4V9x253FqwGS9MS9ahEQXZ6kdB0+T6QpVeYSs7
E4I/VeT6OJy2E9EY8Rgss5foQGD3grSgABeqo0u8L3nA29BwNIKxdF+9Vl66wwYD
jF7bkkLvlw7Y1wQRxXOfXIhsO4ani5fBvsLTRyI2HDzhlMY+IgEolGyl4h4ihd76
ucSpkCaUDWBCi++bRNyagqnGMUPudMeEibsyFRyOnA/WbVExYYDOfk4=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:39:56 2025 by rpki-client