Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/0gLMzN7Kgz1cuUHE-tsHCAkUIEE.roa
File: 0gLMzN7Kgz1cuUHE-tsHCAkUIEE.roa (raw, json)
Hash identifier: fUhS/BV9C6sle2A077JKXQ3KUsVthvS8I8WOU2aJ14U=
Subject key identifier: D2:02:CC:CC:DE:CA:83:3D:5C:B9:41:C4:FA:DB:07:08:09:14:20:41
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3C87
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0gLMzN7Kgz1cuUHE-tsHCAkUIEE.roa
Signing time: Tue 09 Apr 2024 06:52:36 +0000
ROA not before: Tue 09 Apr 2024 06:52:36 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15495 (0x3c87)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 9 06:52:36 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D202CCCCDECA833D5CB941C4FADB070809142041
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:05:fb:9a:5a:93:dc:3e:2e:76:66:3d:fd:c1:
53:eb:21:a4:3f:90:d0:9e:e3:b2:60:00:c2:8f:b4:
a4:79:2b:b4:7f:2b:a9:3d:e5:91:25:80:7a:55:bd:
de:ac:75:c9:09:8e:3d:3c:e7:a1:b6:41:3a:91:c6:
a7:e8:49:93:48:3e:4f:db:93:57:32:97:38:c7:c2:
38:9c:6f:76:40:63:c9:03:f3:1d:f1:89:a2:bf:31:
f7:54:a6:c8:9d:16:3c:80:64:1c:fa:e7:04:08:47:
1a:b8:31:57:fa:1a:e8:57:5c:84:ee:23:ff:75:27:
09:7f:ee:ca:67:4c:4e:33:58:1c:53:df:3b:22:0f:
e5:84:65:fb:28:a9:9b:3e:c5:eb:23:44:dd:c4:83:
94:22:66:0d:6a:3f:3c:63:56:76:3c:da:7a:c0:68:
09:e4:8d:e7:a5:9d:bc:9b:1e:8e:ef:9d:d0:6c:45:
c4:4e:b0:2a:fc:a2:45:95:7e:08:51:c9:0c:e4:b6:
a9:6c:2c:2c:2b:68:8d:fa:02:5d:11:59:a3:6b:87:
65:b4:9a:b8:9b:3e:6f:b1:f3:4f:d1:b3:52:c8:e6:
37:a9:b2:d9:be:9a:f0:ab:59:0b:28:1a:95:5b:d2:
70:6b:15:13:76:59:d2:5a:8e:60:02:d5:32:75:bd:
eb:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:02:CC:CC:DE:CA:83:3D:5C:B9:41:C4:FA:DB:07:08:09:14:20:41
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0gLMzN7Kgz1cuUHE-tsHCAkUIEE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
10:6f:c4:fc:56:58:80:2f:2a:bc:9b:7b:e6:b3:3a:1b:60:c8:
d9:54:d7:6f:e8:ae:49:1e:fb:da:1a:53:65:21:14:b1:95:37:
e5:a5:ea:1b:ad:42:0b:54:1f:e9:05:30:dd:c3:2a:7b:be:a8:
72:59:58:f0:23:ae:13:85:91:d2:ba:32:b9:54:34:bd:4e:54:
d8:df:0e:4a:a6:d5:e0:39:5c:7d:66:bf:8e:90:d4:c5:ba:27:
f0:a7:a3:46:e2:02:78:97:63:ac:85:4d:7d:a4:7f:14:68:44:
38:08:2b:24:96:b1:56:71:f1:d9:da:af:01:48:b3:1d:8f:cf:
d9:38:e7:aa:a3:3b:3f:ea:ff:5f:02:97:53:27:a2:5a:56:9d:
dc:6d:5b:79:82:1c:c7:3e:cd:00:a8:c4:6e:40:b3:34:8c:8c:
85:1f:4c:85:32:6d:6a:94:24:dd:a5:4e:5f:89:a1:23:64:0c:
4a:90:63:fe:93:49:7e:fb:4e:9c:9c:8d:81:39:8c:4a:29:3d:
f2:64:8a:01:d1:96:5c:7e:e7:47:6d:92:ae:38:43:82:59:a9:
10:90:ee:91:e3:9c:f8:5f:2a:03:43:b1:37:01:18:e7:a2:d6:
c9:37:a6:77:22:2e:74:d1:09:6e:54:d4:4b:b2:a2:ca:db:e2:
d9:38:b1:a7
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPIcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDkw
NjUyMzZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQyMDJDQ0NDREVDQTgz
M0Q1Q0I5NDFDNEZBREIwNzA4MDkxNDIwNDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDpBfuaWpPcPi52Zj39wVPrIaQ/kNCe47JgAMKPtKR5K7R/K6k9
5ZElgHpVvd6sdckJjj0856G2QTqRxqfoSZNIPk/bk1cylzjHwjicb3ZAY8kD8x3x
iaK/MfdUpsidFjyAZBz65wQIRxq4MVf6GuhXXITuI/91Jwl/7spnTE4zWBxT3zsi
D+WEZfsoqZs+xesjRN3Eg5QiZg1qPzxjVnY82nrAaAnkjeelnbybHo7vndBsRcRO
sCr8okWVfghRyQzktqlsLCwraI36Al0RWaNrh2W0mribPm+x80/Rs1LI5jepstm+
mvCrWQsoGpVb0nBrFRN2WdJajmAC1TJ1vevlAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU0gLMzN7Kgz1cuUHE+tsHCAkUIEEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzBnTE16TjdLZ3oxY3VV
SEUtdHNIQ0FrVUlFRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBABBvxPxWWIAvKrybe+azOhtgyNlU12/o
rkke+9oaU2UhFLGVN+Wl6hutQgtUH+kFMN3DKnu+qHJZWPAjrhOFkdK6MrlUNL1O
VNjfDkqm1eA5XH1mv46Q1MW6J/Cno0biAniXY6yFTX2kfxRoRDgIKySWsVZx8dna
rwFIsx2Pz9k456qjOz/q/18Cl1MnolpWndxtW3mCHMc+zQCoxG5AszSMjIUfTIUy
bWqUJN2lTl+JoSNkDEqQY/6TSX77TpycjYE5jEopPfJkigHRllx+50dtkq44Q4JZ
qRCQ7pHjnPhfKgNDsTcBGOei1sk3pnciLnTRCW5U1Euyosrb4tk4sac=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:29:33 2025 by rpki-client