Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/65T1OCdzu9lYerBKIBFeqtPWNoc.roa
File: 65T1OCdzu9lYerBKIBFeqtPWNoc.roa (raw, json)
Hash identifier: C8QTVElr1g8DGhy8zHav1IAFur7bfYGgWKQbnqIxqCw=
Subject key identifier: EB:94:F5:38:27:73:BB:D9:58:7A:B0:4A:20:11:5E:AA:D3:D6:36:87
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 350B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/65T1OCdzu9lYerBKIBFeqtPWNoc.roa
Signing time: Sat 30 Mar 2024 07:22:09 +0000
ROA not before: Sat 30 Mar 2024 07:22:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13579 (0x350b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 07:22:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=EB94F5382773BBD9587AB04A20115EAAD3D63687
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:76:68:f5:96:94:fd:11:01:55:45:18:ef:7c:
52:c0:59:d8:27:ad:68:e1:69:4e:f9:b8:e3:98:f1:
4c:d5:84:cc:a0:5b:47:e5:80:8a:b3:53:6c:3b:ad:
c5:e4:ba:a3:64:f6:78:2a:01:9b:d2:e5:3b:c7:75:
1a:29:f4:1f:dd:b0:c2:19:d4:c9:68:f7:0f:9a:08:
29:f1:4e:89:4a:2a:43:8b:cd:ca:83:4b:7b:2c:28:
9f:e8:78:22:ff:36:e0:a3:61:f0:c3:86:17:95:37:
d4:5b:d4:74:ee:49:a3:e7:50:bb:6e:1c:81:94:4e:
ca:b8:78:48:af:f5:04:f2:d2:00:47:ab:bb:a6:2a:
1c:f6:1e:a7:22:00:36:6f:11:a8:3f:2b:a7:ca:a9:
f4:40:59:9d:8b:8b:2c:f4:17:30:b3:55:17:d2:d7:
13:cc:b4:48:bf:8e:e3:74:a0:d4:de:7c:72:3a:67:
03:f8:b5:ed:e6:71:0c:e0:20:3b:23:b8:09:b1:b1:
83:bf:72:b4:f7:de:ee:52:a5:f1:7c:73:73:b9:70:
c5:fb:34:b1:7b:0d:31:c7:ce:d6:18:5e:1e:f1:9a:
41:ec:71:14:0a:6e:09:32:9b:07:2b:fd:f6:5b:d1:
98:61:6b:a0:d5:4c:79:b8:ed:8b:3a:5f:cc:06:e7:
c8:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:94:F5:38:27:73:BB:D9:58:7A:B0:4A:20:11:5E:AA:D3:D6:36:87
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/65T1OCdzu9lYerBKIBFeqtPWNoc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
12:6a:31:b2:de:3c:c8:bd:a4:6f:78:b9:cb:5f:80:14:9b:90:
b5:9f:08:d3:e8:6c:3a:b5:7d:38:98:19:cf:3d:9f:24:71:70:
1a:9c:aa:3c:5e:e0:cf:cb:f3:81:b5:8e:a1:41:4f:97:fb:41:
45:53:25:ee:8e:e2:e4:73:61:8f:13:d4:c0:c8:81:03:5e:92:
70:95:4f:8a:46:59:b1:48:a5:51:4c:7a:8f:2d:ef:4e:9b:79:
6a:9e:7d:30:c5:d7:43:6a:55:c0:12:fe:7f:dd:3a:a0:84:b1:
6d:f5:07:45:c3:d0:a8:fd:82:e7:b2:c6:ce:1c:04:21:07:25:
15:79:4b:52:9d:2a:c0:7b:23:64:f7:f3:8b:4f:99:91:b1:0b:
41:f2:98:a1:81:9e:de:df:3b:b0:07:2b:c3:4b:4f:5f:af:8b:
db:17:4c:66:ac:f6:b7:db:69:fe:3e:5c:62:23:72:59:28:f6:
42:06:1a:12:a8:d9:ce:92:f3:b6:7b:b3:1f:e0:f2:12:be:af:
23:ae:92:11:8c:4c:36:0a:89:4f:1c:32:00:36:6d:20:59:9b:
75:d7:9b:b2:ee:cd:01:00:8c:3e:ae:0f:91:03:15:71:05:58:
34:95:6a:42:89:fe:32:db:69:bd:29:c9:04:5f:6c:5c:14:75:
83:d8:43:af
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNQswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAw
NzIyMDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVCOTRGNTM4Mjc3M0JC
RDk1ODdBQjA0QTIwMTE1RUFBRDNENjM2ODcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZdmj1lpT9EQFVRRjvfFLAWdgnrWjhaU75uOOY8UzVhMygW0fl
gIqzU2w7rcXkuqNk9ngqAZvS5TvHdRop9B/dsMIZ1Mlo9w+aCCnxTolKKkOLzcqD
S3ssKJ/oeCL/NuCjYfDDhheVN9Rb1HTuSaPnULtuHIGUTsq4eEiv9QTy0gBHq7um
Khz2HqciADZvEag/K6fKqfRAWZ2Liyz0FzCzVRfS1xPMtEi/juN0oNTefHI6ZwP4
te3mcQzgIDsjuAmxsYO/crT33u5SpfF8c3O5cMX7NLF7DTHHztYYXh7xmkHscRQK
bgkymwcr/fZb0Zhha6DVTHm47Ys6X8wG58idAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU65T1OCdzu9lYerBKIBFeqtPWNocwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzY1VDFPQ2R6dTlsWWVy
QktJQkZlcXRQV05vYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBABJqMbLePMi9pG94uctfgBSbkLWfCNPo
bDq1fTiYGc89nyRxcBqcqjxe4M/L84G1jqFBT5f7QUVTJe6O4uRzYY8T1MDIgQNe
knCVT4pGWbFIpVFMeo8t706beWqefTDF10NqVcAS/n/dOqCEsW31B0XD0Kj9guey
xs4cBCEHJRV5S1KdKsB7I2T384tPmZGxC0HymKGBnt7fO7AHK8NLT1+vi9sXTGas
9rfbaf4+XGIjclko9kIGGhKo2c6S87Z7sx/g8hK+ryOukhGMTDYKiU8cMgA2bSBZ
m3XXm7LuzQEAjD6uD5EDFXEFWDSVakKJ/jLbab0pyQRfbFwUdYPYQ68=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:35:15 2025 by rpki-client