Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/4ToCtlI8R0waXrNXbP0bxqLMC5c.roa
File: 4ToCtlI8R0waXrNXbP0bxqLMC5c.roa (raw, json)
Hash identifier: WtdQ3wnZ56no2U1gAb7/govhHC+TaH/IBJohDQBiXZQ=
Subject key identifier: E1:3A:02:B6:52:3C:47:4C:1A:5E:B3:57:6C:FD:1B:C6:A2:CC:0B:97
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4197
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4ToCtlI8R0waXrNXbP0bxqLMC5c.roa
Signing time: Tue 16 Apr 2024 00:53:04 +0000
ROA not before: Tue 16 Apr 2024 00:53:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16791 (0x4197)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 16 00:53:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E13A02B6523C474C1A5EB3576CFD1BC6A2CC0B97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:2c:c6:20:4d:5b:46:a2:3d:2a:1f:7a:66:0a:
31:5e:e7:64:61:75:d3:5d:e0:3b:91:31:c4:52:c3:
1c:b9:91:a2:d0:ac:ad:dc:36:d7:e5:57:d2:7b:a7:
d7:86:bc:96:05:0a:af:84:f1:0e:c9:1e:56:8f:3d:
15:fb:eb:25:78:98:fc:ea:0c:3f:7f:a6:11:b6:71:
09:a8:1a:cf:4c:b2:3d:72:51:b2:86:e7:a5:60:75:
32:33:09:a6:9a:08:4a:b6:f7:46:f7:8b:ab:fd:5c:
7c:95:27:90:47:32:36:78:d1:5e:dd:59:64:4f:33:
2f:12:3a:d4:7d:08:25:ae:0c:c9:bf:5c:44:15:c2:
a6:32:76:4c:74:ab:c0:67:ce:4c:e0:47:c0:b4:b3:
af:8a:c2:71:89:76:96:7f:83:c9:26:2d:20:a4:d8:
c1:da:2a:89:58:9c:69:e9:ac:94:75:81:9b:a1:25:
b8:09:55:f7:c1:ae:40:58:56:a0:36:c6:52:77:2f:
22:70:85:13:bc:0a:c0:88:fd:bf:5e:01:64:e3:a3:
03:e6:97:af:3b:ac:de:9d:c5:63:4e:0c:a9:3b:e8:
b3:f8:84:3b:8f:22:33:a1:b1:57:e6:e4:95:73:86:
80:26:6b:f5:f2:41:9f:3a:69:b3:3e:fe:3c:f4:03:
a8:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:3A:02:B6:52:3C:47:4C:1A:5E:B3:57:6C:FD:1B:C6:A2:CC:0B:97
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4ToCtlI8R0waXrNXbP0bxqLMC5c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
5c:bc:b8:f0:e2:11:f8:ca:f8:a1:3e:54:41:9b:7f:ca:88:e5:
95:59:25:06:b0:c2:63:45:f3:1f:74:98:8f:43:60:39:65:e3:
9e:23:fc:9b:bb:a0:0f:c4:1c:9b:7b:7d:aa:5e:aa:00:c4:92:
97:4d:a7:8c:92:d8:f1:23:96:e4:d2:b5:00:d0:4a:3d:14:dd:
68:8d:09:4e:5e:dd:17:7f:7a:d1:e5:c4:67:fd:c6:48:3f:e1:
df:24:55:0d:e2:51:6c:fa:32:01:15:86:49:5d:99:e3:34:6d:
17:2d:6c:99:44:2f:06:8f:6a:ee:ae:bd:a8:d2:a1:0e:23:98:
40:a7:07:5c:a9:5d:0e:49:b4:94:a8:2c:7a:5d:bd:66:22:60:
b2:cf:47:51:48:3b:42:c5:d6:30:0b:a2:cc:74:6d:60:1e:6a:
b7:85:64:83:a3:82:23:d7:b0:38:44:5b:c9:e1:1a:ae:5c:37:
ea:c4:b1:2f:13:f4:02:7f:dc:a8:e4:8c:ec:b4:fa:76:20:e3:
7e:de:86:e5:87:39:9d:6f:00:83:7b:b2:f8:c5:fd:f1:07:af:
f6:d0:b4:4d:ca:8a:02:c4:4f:b4:30:46:17:75:fe:5b:38:21:
dd:fd:39:f5:85:63:d8:38:0e:ad:b6:e1:c0:8f:f6:42:7b:16:
14:71:f4:c9
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQZcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTYw
MDUzMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEUxM0EwMkI2NTIzQzQ3
NEMxQTVFQjM1NzZDRkQxQkM2QTJDQzBCOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDqLMYgTVtGoj0qH3pmCjFe52RhddNd4DuRMcRSwxy5kaLQrK3c
NtflV9J7p9eGvJYFCq+E8Q7JHlaPPRX76yV4mPzqDD9/phG2cQmoGs9Msj1yUbKG
56VgdTIzCaaaCEq290b3i6v9XHyVJ5BHMjZ40V7dWWRPMy8SOtR9CCWuDMm/XEQV
wqYydkx0q8BnzkzgR8C0s6+KwnGJdpZ/g8kmLSCk2MHaKolYnGnprJR1gZuhJbgJ
VffBrkBYVqA2xlJ3LyJwhRO8CsCI/b9eAWTjowPml687rN6dxWNODKk76LP4hDuP
IjOhsVfm5JVzhoAma/XyQZ86abM+/jz0A6inAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU4ToCtlI8R0waXrNXbP0bxqLMC5cwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzRUb0N0bEk4UjB3YVhy
TlhiUDBieHFMTUM1Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFy8uPDiEfjK+KE+VEGbf8qI5ZVZJQaw
wmNF8x90mI9DYDll454j/Ju7oA/EHJt7fapeqgDEkpdNp4yS2PEjluTStQDQSj0U
3WiNCU5e3Rd/etHlxGf9xkg/4d8kVQ3iUWz6MgEVhkldmeM0bRctbJlELwaPau6u
vajSoQ4jmECnB1ypXQ5JtJSoLHpdvWYiYLLPR1FIO0LF1jALosx0bWAeareFZIOj
giPXsDhEW8nhGq5cN+rEsS8T9AJ/3KjkjOy0+nYg437ehuWHOZ1vAIN7svjF/fEH
r/bQtE3KigLET7QwRhd1/ls4Id39OfWFY9g4Dq224cCP9kJ7FhRx9Mk=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:42:23 2025 by rpki-client