Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/25mLorIyyLB_lK22rzQ1SHh-bjg.roa
File: 25mLorIyyLB_lK22rzQ1SHh-bjg.roa (raw, json)
Hash identifier: I0fV6XKTxH8ITVfXGPpvs7cNB3xHkjnxXAGs2XofLbM=
Subject key identifier: DB:99:8B:A2:B2:32:C8:B0:7F:94:AD:B6:AF:34:35:48:78:7E:6E:38
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3A8F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/25mLorIyyLB_lK22rzQ1SHh-bjg.roa
Signing time: Sat 06 Apr 2024 15:52:29 +0000
ROA not before: Sat 06 Apr 2024 15:52:29 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14991 (0x3a8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 6 15:52:29 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DB998BA2B232C8B07F94ADB6AF343548787E6E38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:78:ea:fc:ae:32:92:b7:1f:df:4e:78:85:19:
7e:b1:00:b0:e9:85:7b:4a:05:66:15:06:74:40:37:
67:15:80:1d:3c:a7:d9:a4:26:a4:d4:75:85:b4:db:
cb:95:b6:17:cc:23:08:b2:bd:b2:84:88:99:ad:9c:
85:fe:59:1b:6f:28:94:a4:fc:27:a4:10:18:1a:c4:
2f:73:3f:8f:61:9d:82:a0:d6:b5:f8:3c:56:d6:5a:
d2:c1:31:b3:6f:11:60:72:93:9d:06:b4:f1:a4:72:
8a:4d:cf:84:84:81:1e:55:1b:94:f1:f9:66:df:c3:
6a:7f:ef:c5:9b:43:c5:20:3d:7b:93:eb:f9:a7:28:
09:79:55:b8:5d:19:5f:05:da:f2:08:3d:6a:a4:b2:
19:32:8a:be:f8:4e:21:e9:03:b4:a7:9e:77:6d:f5:
8c:3a:fb:04:21:8b:0d:4a:e1:15:1a:a9:16:05:c7:
92:fa:9e:c2:b7:fc:56:43:2a:d6:2c:70:16:dd:2d:
d1:4f:3a:4c:80:70:65:6b:ff:4a:2b:79:b0:7f:04:
1c:e5:08:ad:5d:ad:ee:d6:0d:e5:1d:47:70:bb:1a:
5e:86:6d:7b:ac:3f:e5:11:b4:51:e7:0b:aa:37:d8:
b1:c0:d3:7b:a5:ed:9e:17:e8:e2:db:9e:d7:56:de:
8e:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:99:8B:A2:B2:32:C8:B0:7F:94:AD:B6:AF:34:35:48:78:7E:6E:38
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/25mLorIyyLB_lK22rzQ1SHh-bjg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
b8:e1:b4:a9:22:44:9b:73:b0:67:47:a2:67:76:96:ee:fb:f0:
3b:34:3d:04:d7:39:2e:cc:5e:0c:6c:0a:07:21:23:9b:b7:b4:
a8:df:bb:3f:36:5b:ad:4e:9f:86:b9:bd:7d:4f:da:e2:9a:a3:
d8:6e:ee:ca:bd:92:84:ad:7a:6c:e3:f5:26:5e:c2:75:9b:42:
d4:b8:3c:54:72:9b:ae:bb:f1:d0:e3:9d:41:a9:cc:b2:01:0e:
f1:be:40:04:7a:24:65:3c:0b:a8:30:01:7b:1c:e8:cd:ed:4a:
21:c6:79:fd:82:e7:2c:a8:e0:76:d4:23:9c:6b:c8:12:79:d7:
a2:0c:01:58:52:36:68:4d:13:0c:5d:d1:97:d5:fd:ea:2c:7f:
0f:ea:b0:f7:c2:20:fd:ba:2a:41:93:c1:22:97:c1:8c:9c:65:
d8:70:77:88:35:da:d5:0c:68:d1:64:2b:3d:eb:4d:d0:5e:43:
84:4b:0e:2b:f4:a3:8a:be:68:31:5c:ee:6e:c0:df:b9:d9:5e:
a8:97:a2:96:6e:18:2c:eb:1e:4f:b0:55:4b:6b:22:d2:02:1f:
69:1c:86:d3:e2:40:c1:49:9b:a6:58:b0:47:cc:c8:6e:e1:38:
b4:39:97:4b:61:f6:f1:fe:98:28:28:5f:57:65:e4:c6:20:6c:
ad:a3:bc:dd
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICOo8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDYx
NTUyMjlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERCOTk4QkEyQjIzMkM4
QjA3Rjk0QURCNkFGMzQzNTQ4Nzg3RTZFMzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7eOr8rjKStx/fTniFGX6xALDphXtKBWYVBnRAN2cVgB08p9mk
JqTUdYW028uVthfMIwiyvbKEiJmtnIX+WRtvKJSk/CekEBgaxC9zP49hnYKg1rX4
PFbWWtLBMbNvEWByk50GtPGkcopNz4SEgR5VG5Tx+Wbfw2p/78WbQ8UgPXuT6/mn
KAl5VbhdGV8F2vIIPWqkshkyir74TiHpA7Snnndt9Yw6+wQhiw1K4RUaqRYFx5L6
nsK3/FZDKtYscBbdLdFPOkyAcGVr/0orebB/BBzlCK1dre7WDeUdR3C7Gl6GbXus
P+URtFHnC6o32LHA03ul7Z4X6OLbntdW3o7HAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU25mLorIyyLB/lK22rzQ1SHh+bjgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzI1bUxvckl5eUxCX2xL
MjJyelExU0hoLWJqZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALjhtKkiRJtzsGdHomd2lu778Ds0PQTX
OS7MXgxsCgchI5u3tKjfuz82W61On4a5vX1P2uKao9hu7sq9koStemzj9SZewnWb
QtS4PFRym6678dDjnUGpzLIBDvG+QAR6JGU8C6gwAXsc6M3tSiHGef2C5yyo4HbU
I5xryBJ516IMAVhSNmhNEwxd0ZfV/eosfw/qsPfCIP26KkGTwSKXwYycZdhwd4g1
2tUMaNFkKz3rTdBeQ4RLDiv0o4q+aDFc7m7A37nZXqiXopZuGCzrHk+wVUtrItIC
H2kchtPiQMFJm6ZYsEfMyG7hOLQ5l0th9vH+mCgoX1dl5MYgbK2jvN0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:45:06 2025 by rpki-client