Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/0CMgynkTR7No6eV0Fss_nxQLqak.roa
File: 0CMgynkTR7No6eV0Fss_nxQLqak.roa (raw, json)
Hash identifier: BHBkI5Lp8NuWUWOunbByZjTeDUbFADxbiKQcy4w3wBs=
Subject key identifier: D0:23:20:CA:79:13:47:B3:68:E9:E5:74:16:CB:3F:9F:14:0B:A9:A9
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4A37
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0CMgynkTR7No6eV0Fss_nxQLqak.roa
Signing time: Sat 27 Apr 2024 12:53:41 +0000
ROA not before: Sat 27 Apr 2024 12:53:41 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18999 (0x4a37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 27 12:53:41 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D02320CA791347B368E9E57416CB3F9F140BA9A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:55:96:85:d6:e0:07:8f:43:90:17:d8:b1:5f:
fb:10:b0:b0:c5:e1:4b:41:07:04:db:fc:5d:60:55:
07:ea:37:ea:e7:49:96:3d:0f:48:80:15:21:c0:e4:
40:c0:d8:74:44:2e:d4:45:2a:3d:08:a5:b4:24:7b:
1a:da:d3:da:02:82:74:5c:59:86:4c:47:4f:73:5e:
b9:fa:7b:2b:a1:56:20:69:de:40:f7:e9:ab:32:ec:
b2:1e:12:c5:d9:af:cd:cb:8d:d6:1a:a7:0c:82:ba:
97:ad:cb:40:43:2f:25:db:a5:9f:83:46:93:91:ff:
37:af:e9:6c:0f:b3:80:da:71:bc:ef:04:4c:b6:43:
28:a0:57:1c:2d:5a:78:15:2b:70:34:ca:64:62:d3:
e4:e2:e7:7a:0c:b3:35:2c:4f:d7:3c:6a:e5:a4:67:
bc:7c:4f:eb:e0:9b:a5:79:16:94:85:f3:22:d0:c3:
8a:59:f8:9c:15:a0:cc:d9:3d:ef:c5:4d:35:2c:3e:
06:13:fd:c8:9e:81:b4:2a:77:43:1b:61:86:b5:01:
0f:37:02:7d:66:b3:73:32:00:c2:3e:2e:7d:3a:52:
15:48:e3:d3:b5:d9:71:aa:74:70:13:da:9f:f7:b3:
1a:07:64:b3:49:fe:a5:5b:a0:82:1c:7b:2b:b1:3b:
32:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:23:20:CA:79:13:47:B3:68:E9:E5:74:16:CB:3F:9F:14:0B:A9:A9
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0CMgynkTR7No6eV0Fss_nxQLqak.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
ad:d2:69:8f:77:a4:24:98:f5:b7:88:d6:03:c4:e1:18:8b:c8:
71:1d:8c:5b:e6:91:60:6f:c6:f0:16:78:2d:00:e3:66:e2:31:
b4:6f:49:75:bf:dd:fd:45:ff:b5:dd:d8:97:0c:b0:34:e9:b6:
ea:90:c8:b8:fc:e5:fb:a2:1d:37:0f:76:73:e6:85:a0:04:90:
d9:62:a8:ef:c7:c9:6f:a3:1a:60:e2:e2:53:84:be:18:5b:09:
4c:cc:6d:e9:48:f2:b6:0d:2c:22:fd:28:48:99:6d:e3:6a:d0:
4b:4f:9f:f7:56:c0:f5:3b:56:66:a5:84:49:7f:9c:d2:9a:41:
3b:c9:de:dc:e0:98:7b:e3:35:bd:7f:90:59:aa:49:42:95:f8:
d7:28:18:38:b0:bd:cd:94:e1:6b:d1:a6:05:c9:01:c4:04:da:
8b:50:47:56:10:8d:90:be:7b:4f:b7:ee:62:cd:a5:b8:1b:19:
ee:0f:4e:e3:22:91:aa:99:3d:1e:84:ee:25:ff:de:6e:d3:5d:
c7:2c:97:de:0f:fb:40:0e:91:b1:e8:e7:41:88:cb:e0:26:4e:
bd:fd:71:c1:e9:03:07:21:fb:8a:3f:74:08:13:8f:c5:f6:63:
48:6d:52:c9:c3:c0:8e:65:f6:ef:5c:7f:03:83:de:69:60:b0:
3e:d0:c7:db
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICSjcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjcx
MjUzNDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQwMjMyMENBNzkxMzQ3
QjM2OEU5RTU3NDE2Q0IzRjlGMTQwQkE5QTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDnVZaF1uAHj0OQF9ixX/sQsLDF4UtBBwTb/F1gVQfqN+rnSZY9
D0iAFSHA5EDA2HRELtRFKj0IpbQkexra09oCgnRcWYZMR09zXrn6eyuhViBp3kD3
6asy7LIeEsXZr83LjdYapwyCupety0BDLyXbpZ+DRpOR/zev6WwPs4DacbzvBEy2
QyigVxwtWngVK3A0ymRi0+Ti53oMszUsT9c8auWkZ7x8T+vgm6V5FpSF8yLQw4pZ
+JwVoMzZPe/FTTUsPgYT/ciegbQqd0MbYYa1AQ83An1ms3MyAMI+Ln06UhVI49O1
2XGqdHAT2p/3sxoHZLNJ/qVboIIceyuxOzJxAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU0CMgynkTR7No6eV0Fss/nxQLqakwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzBDTWd5bmtUUjdObzZl
VjBGc3NfbnhRTHFhay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAK3SaY93pCSY9beI1gPE4RiLyHEdjFvm
kWBvxvAWeC0A42biMbRvSXW/3f1F/7Xd2JcMsDTptuqQyLj85fuiHTcPdnPmhaAE
kNliqO/HyW+jGmDi4lOEvhhbCUzMbelI8rYNLCL9KEiZbeNq0EtPn/dWwPU7Vmal
hEl/nNKaQTvJ3tzgmHvjNb1/kFmqSUKV+NcoGDiwvc2U4WvRpgXJAcQE2otQR1YQ
jZC+e0+37mLNpbgbGe4PTuMikaqZPR6E7iX/3m7TXccsl94P+0AOkbHo50GIy+Am
Tr39ccHpAwch+4o/dAgTj8X2Y0htUsnDwI5l9u9cfwOD3mlgsD7Qx9s=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:23:18 2025 by rpki-client