Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/2aegnffd9uGKWKHt1VX1Ga3mKNQ.roa
File: 2aegnffd9uGKWKHt1VX1Ga3mKNQ.roa (raw, json)
Hash identifier: qWnG/7Itt9A0gNDNCswHYYbYI6yUGAVaStTgttw2HmE=
Subject key identifier: D9:A7:A0:9D:F7:DD:F6:E1:8A:58:A1:ED:D5:55:F5:19:AD:E6:28:D4
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 505B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2aegnffd9uGKWKHt1VX1Ga3mKNQ.roa
Signing time: Sun 05 May 2024 17:23:56 +0000
ROA not before: Sun 05 May 2024 17:23:56 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20571 (0x505b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 5 17:23:56 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D9A7A09DF7DDF6E18A58A1EDD555F519ADE628D4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:df:7e:2c:26:f6:24:06:46:9b:41:37:f6:11:
ed:9b:e7:9a:f0:64:36:fc:b9:8d:88:45:d3:56:32:
d2:cc:2f:15:b4:9e:5e:0a:22:fb:b4:bf:91:6a:3a:
e6:5e:92:8d:b6:53:f6:5f:de:86:c7:ea:a4:d4:d9:
24:09:2e:e5:07:0f:2a:31:08:b0:f5:11:11:7a:7b:
65:a2:79:ce:62:fc:01:23:cb:1a:30:12:c8:ed:1b:
46:ab:4b:63:7d:b2:2f:64:e6:bd:fc:79:ae:af:5e:
63:97:79:46:cc:31:1b:3d:1b:98:31:e0:17:d3:41:
33:5a:35:e3:9e:f5:30:78:2f:e9:77:81:33:73:64:
f7:e5:9e:db:08:43:e7:03:18:63:ca:84:fe:14:5b:
85:7b:0e:fd:28:df:18:f0:0f:48:43:77:f5:cd:b4:
26:f6:4e:1a:52:5a:a9:93:9c:32:fb:17:dc:1a:e5:
16:11:df:75:80:31:39:ff:52:16:3f:38:5c:fc:79:
38:93:83:e9:d3:19:37:ef:3e:5b:a9:db:33:cf:4e:
3c:8a:89:4c:a8:1f:94:71:a5:75:5f:1a:f6:12:b4:
b2:5f:c0:90:bc:9a:fd:b0:88:07:bf:16:e7:73:5c:
4b:51:da:71:49:3d:73:35:c1:b8:e7:da:97:9e:b0:
e7:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:A7:A0:9D:F7:DD:F6:E1:8A:58:A1:ED:D5:55:F5:19:AD:E6:28:D4
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2aegnffd9uGKWKHt1VX1Ga3mKNQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
83:46:67:71:21:7d:0b:bf:11:f8:fb:da:b2:77:3b:b5:41:36:
d6:f7:a4:da:4d:82:9a:d5:5d:0f:65:c5:05:c7:09:9d:f7:81:
43:a0:94:e0:54:54:b7:11:e6:1c:65:d2:7f:00:be:a7:32:ad:
0b:e1:e8:ca:3b:7d:56:eb:ff:aa:95:e1:78:f8:2f:65:b4:4c:
c8:90:4f:2e:fc:f7:05:d3:c4:f5:5b:d6:88:7f:bf:5e:a4:2e:
09:c4:26:d3:22:2a:ae:30:3d:36:a0:98:fe:54:09:8b:a4:89:
60:90:35:56:60:44:c8:96:bf:e7:61:55:8d:f6:87:6b:16:cf:
b0:f4:42:1f:9f:7b:bd:4b:dc:58:e6:dc:b0:28:33:63:3c:7d:
a2:9b:d1:b1:80:9a:aa:8e:20:a3:5f:05:63:fb:4b:c8:df:23:
39:0a:51:a2:ca:b6:9a:67:40:2e:5b:2c:38:88:93:ac:f5:46:
5b:09:92:d9:f5:12:7a:f2:8d:7c:9e:93:19:53:89:8e:38:79:
94:bb:61:e9:52:fa:08:44:89:c1:e4:ec:4a:50:9e:97:49:74:
ec:0e:4f:0e:6b:5f:ca:1a:82:2b:47:00:7e:65:14:96:09:4f:
c8:82:26:48:17:84:03:19:ae:f7:2d:d4:95:1f:78:47:70:ee:
7a:fa:9f:bc
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICUFswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDUx
NzIzNTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ5QTdBMDlERjdEREY2
RTE4QTU4QTFFREQ1NTVGNTE5QURFNjI4RDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDX334sJvYkBkabQTf2Ee2b55rwZDb8uY2IRdNWMtLMLxW0nl4K
Ivu0v5FqOuZeko22U/Zf3obH6qTU2SQJLuUHDyoxCLD1ERF6e2Wiec5i/AEjyxow
EsjtG0arS2N9si9k5r38ea6vXmOXeUbMMRs9G5gx4BfTQTNaNeOe9TB4L+l3gTNz
ZPflntsIQ+cDGGPKhP4UW4V7Dv0o3xjwD0hDd/XNtCb2ThpSWqmTnDL7F9wa5RYR
33WAMTn/UhY/OFz8eTiTg+nTGTfvPlup2zPPTjyKiUyoH5RxpXVfGvYStLJfwJC8
mv2wiAe/FudzXEtR2nFJPXM1wbjn2peesOdNAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU2aegnffd9uGKWKHt1VX1Ga3mKNQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzJhZWduZmZkOXVHS1dL
SHQxVlgxR2EzbUtOUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAINGZ3EhfQu/Efj72rJ3O7VBNtb3pNpN
gprVXQ9lxQXHCZ33gUOglOBUVLcR5hxl0n8AvqcyrQvh6Mo7fVbr/6qV4Xj4L2W0
TMiQTy789wXTxPVb1oh/v16kLgnEJtMiKq4wPTagmP5UCYukiWCQNVZgRMiWv+dh
VY32h2sWz7D0Qh+fe71L3Fjm3LAoM2M8faKb0bGAmqqOIKNfBWP7S8jfIzkKUaLK
tppnQC5bLDiIk6z1RlsJktn1EnryjXyekxlTiY44eZS7YelS+ghEicHk7EpQnpdJ
dOwOTw5rX8oagitHAH5lFJYJT8iCJkgXhAMZrvct1JUfeEdw7nr6n7w=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:37:47 2025 by rpki-client