Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/3ARf5T1xbThVat9sAemLZKSx5x0.roa
File: 3ARf5T1xbThVat9sAemLZKSx5x0.roa (raw, json)
Hash identifier: 0AhQkkgy7HJBLLsk/6+ZiP/o+nIp5qMhu71qDcUXMvU=
Subject key identifier: DC:04:5F:E5:3D:71:6D:38:55:6A:DF:6C:01:E9:8B:64:A4:B1:E7:1D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 531B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3ARf5T1xbThVat9sAemLZKSx5x0.roa
Signing time: Thu 09 May 2024 09:24:02 +0000
ROA not before: Thu 09 May 2024 09:24:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21275 (0x531b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 9 09:24:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DC045FE53D716D38556ADF6C01E98B64A4B1E71D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:60:84:0f:ec:f0:63:10:bd:ce:fe:b2:b6:08:
03:a6:e4:ee:8f:98:c2:27:6c:96:1f:ec:00:cd:86:
3f:1e:06:c0:1f:08:61:00:13:0d:04:5a:32:8b:dc:
4c:7c:03:08:ef:5d:00:b1:84:06:0f:df:2f:6c:21:
3c:a2:f4:3b:51:88:f2:8a:d5:76:0e:17:bd:23:17:
7a:6f:24:11:80:2b:89:91:6c:f3:f2:75:ce:2d:c8:
96:15:7b:f3:24:c6:14:8b:20:5d:b1:5c:cf:ba:50:
64:21:5b:52:28:c5:62:9d:46:89:e1:69:64:7d:1a:
f7:d8:ce:82:fe:3c:06:e6:27:a5:c2:78:c3:4f:90:
14:15:75:5f:30:bb:28:67:9c:4d:52:d6:e3:45:7d:
c7:0b:56:bf:f8:28:2b:ed:93:ac:e5:a5:b6:4d:ac:
bd:12:dc:94:22:5b:56:a2:a1:6a:c3:46:71:74:37:
d7:35:50:8a:59:d9:b9:34:af:74:6a:fc:7b:05:cd:
cf:ae:94:8b:35:45:ee:b6:ff:42:9f:ae:11:9a:c6:
f7:37:ea:64:c8:50:22:f1:e1:ac:2b:d5:45:1f:01:
d4:18:ba:e6:78:dc:c6:28:a9:ff:32:3a:c5:0b:5d:
fc:25:62:7a:91:59:5d:83:61:77:fd:3e:c4:bd:d5:
72:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:04:5F:E5:3D:71:6D:38:55:6A:DF:6C:01:E9:8B:64:A4:B1:E7:1D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3ARf5T1xbThVat9sAemLZKSx5x0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
74:5d:11:b4:03:13:64:dc:99:4a:be:78:c7:84:a1:11:fb:67:
eb:eb:84:c7:e2:9e:46:40:65:c2:f7:35:c3:1a:f2:cf:69:e4:
00:19:d0:2d:6f:0c:07:ee:de:40:6f:7a:72:dc:5f:80:c9:86:
a4:4e:85:62:53:db:47:50:5a:82:15:af:d8:6d:f2:57:d0:cb:
db:a1:04:39:e9:89:4e:0a:37:e2:46:eb:f7:ab:8c:ca:ea:6a:
24:a7:52:4a:7d:8c:a3:f2:d0:3a:db:4c:fc:ec:45:d6:1a:cb:
54:37:e5:a7:87:21:cb:99:c7:49:ef:d3:e8:33:74:77:ad:ea:
41:57:a8:70:84:97:a5:a5:21:d7:54:f9:67:f2:85:67:c2:22:
73:ac:e2:59:4e:62:a5:de:e5:ac:f5:b2:81:be:48:50:2d:d2:
57:3b:b3:76:56:a3:72:47:ad:9d:73:33:f7:a8:f3:a6:91:4b:
4e:81:38:58:39:1b:c7:07:19:34:14:19:5d:ce:95:fa:80:45:
38:b9:4c:72:49:78:3a:10:2f:94:72:24:4b:07:f0:71:a4:64:
bc:4c:a4:91:5f:7c:84:8a:6c:6e:a8:f9:2a:f6:60:79:11:20:
9d:6f:16:a1:85:53:e2:6a:cb:d5:45:47:09:74:37:7f:a8:fe:
78:49:67:f8
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICUxswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDkw
OTI0MDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERDMDQ1RkU1M0Q3MTZE
Mzg1NTZBREY2QzAxRTk4QjY0QTRCMUU3MUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZYIQP7PBjEL3O/rK2CAOm5O6PmMInbJYf7ADNhj8eBsAfCGEA
Ew0EWjKL3Ex8AwjvXQCxhAYP3y9sITyi9DtRiPKK1XYOF70jF3pvJBGAK4mRbPPy
dc4tyJYVe/MkxhSLIF2xXM+6UGQhW1IoxWKdRonhaWR9GvfYzoL+PAbmJ6XCeMNP
kBQVdV8wuyhnnE1S1uNFfccLVr/4KCvtk6zlpbZNrL0S3JQiW1aioWrDRnF0N9c1
UIpZ2bk0r3Rq/HsFzc+ulIs1Re62/0KfrhGaxvc36mTIUCLx4awr1UUfAdQYuuZ4
3MYoqf8yOsULXfwlYnqRWV2DYXf9PsS91XL1AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU3ARf5T1xbThVat9sAemLZKSx5x0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzNBUmY1VDF4YlRoVmF0
OXNBZW1MWktTeDV4MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAHRdEbQDE2TcmUq+eMeEoRH7Z+vrhMfi
nkZAZcL3NcMa8s9p5AAZ0C1vDAfu3kBvenLcX4DJhqROhWJT20dQWoIVr9ht8lfQ
y9uhBDnpiU4KN+JG6/erjMrqaiSnUkp9jKPy0DrbTPzsRdYay1Q35aeHIcuZx0nv
0+gzdHet6kFXqHCEl6WlIddU+WfyhWfCInOs4llOYqXe5az1soG+SFAt0lc7s3ZW
o3JHrZ1zM/eo86aRS06BOFg5G8cHGTQUGV3OlfqARTi5THJJeDoQL5RyJEsH8HGk
ZLxMpJFffISKbG6o+Sr2YHkRIJ1vFqGFU+Jqy9VFRwl0N3+o/nhJZ/g=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:44:28 2025 by rpki-client