Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/68wgwSwaK2I5-r84tZ-D9qyX5Dk.roa
File: 68wgwSwaK2I5-r84tZ-D9qyX5Dk.roa (raw, json)
Hash identifier: 0d09+NMy7kiSBpA7GyXiVR4YHhcuOTnemdOpRBQbPPo=
Subject key identifier: EB:CC:20:C1:2C:1A:2B:62:39:FA:BF:38:B5:9F:83:F6:AC:97:E4:39
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5103
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/68wgwSwaK2I5-r84tZ-D9qyX5Dk.roa
Signing time: Mon 06 May 2024 14:24:03 +0000
ROA not before: Mon 06 May 2024 14:24:03 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20739 (0x5103)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 6 14:24:03 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=EBCC20C12C1A2B6239FABF38B59F83F6AC97E439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:3a:29:cf:f4:ea:03:01:9c:41:0d:f7:28:8e:
5c:66:1b:c0:e5:57:0a:b6:1b:e4:e6:2e:62:06:2a:
f0:38:43:47:21:5a:66:54:58:e9:60:9d:33:8e:31:
1e:81:33:94:b1:28:4d:f6:bf:23:90:a7:61:bb:23:
71:a9:db:c1:77:f2:d4:ce:47:01:c6:47:20:d7:ba:
68:ed:01:c8:87:62:d9:39:45:82:cc:94:3f:22:1f:
c4:05:aa:40:fd:34:6a:5f:2b:5a:8c:47:58:68:b5:
44:0c:99:4c:76:11:c6:ec:bf:f4:5a:b1:6c:98:a4:
f6:0d:00:35:75:6d:cf:0c:d6:95:ef:1a:49:90:29:
8e:1c:ac:91:69:84:91:49:3c:d4:4f:ca:49:9a:4e:
4a:68:ed:bc:61:ca:04:ac:6b:fd:18:37:1a:0a:41:
f8:4e:4b:00:80:cf:83:55:55:8e:dc:07:1e:a2:90:
5f:44:a5:b4:07:11:2b:35:e1:be:41:22:1f:85:a8:
89:b8:30:44:4b:dc:a1:d4:b1:16:57:32:a0:82:7c:
1f:5c:7b:59:80:f1:3e:40:25:70:d3:6f:dd:63:c2:
a4:20:c2:b3:d8:74:97:8e:35:74:81:13:46:c8:eb:
f7:f9:07:34:9d:d6:0f:8c:02:36:c9:75:ab:7f:33:
83:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:CC:20:C1:2C:1A:2B:62:39:FA:BF:38:B5:9F:83:F6:AC:97:E4:39
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/68wgwSwaK2I5-r84tZ-D9qyX5Dk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
ba:a9:59:2d:6e:2e:31:f3:e8:87:2a:84:bd:42:f7:ec:39:ea:
e0:bc:4f:f4:0a:0e:02:b6:d4:58:fc:5b:d0:b1:28:02:e8:b5:
0a:93:39:18:cf:06:30:c4:4d:41:6b:2d:b8:d2:ba:6d:8a:aa:
64:4c:86:5f:8a:00:b1:a1:be:06:18:c3:2b:54:35:37:a2:3c:
4c:cc:4c:84:14:71:b4:41:23:64:70:87:f3:c3:39:90:c6:fe:
c0:6a:f9:1e:00:ea:43:b9:ab:aa:2b:d5:d9:f2:53:ae:bd:05:
29:81:ce:0e:39:59:12:ce:12:13:67:cc:2c:6b:5f:73:60:86:
bb:58:dc:b8:08:05:29:bf:b3:a8:ea:7e:e1:89:54:3f:99:d5:
48:bf:f8:b2:e6:dc:89:ea:92:43:3e:a7:de:40:37:a4:96:0b:
1d:de:a8:29:04:f3:ab:3c:90:75:a8:46:c9:7b:3d:3b:99:db:
1b:89:f4:c3:6a:cc:a0:35:54:f7:c4:1e:52:49:82:32:af:25:
a7:3e:4a:95:f0:ac:8f:10:b1:08:bd:3b:d9:7d:58:30:d4:55:
f8:e9:d6:08:86:6b:43:d1:85:12:c6:59:f4:bd:9c:79:c7:b0:
c8:eb:53:46:8e:be:7a:16:f4:79:99:3f:89:1a:7f:9b:23:2f:
a2:17:f3:72
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICUQMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDYx
NDI0MDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVCQ0MyMEMxMkMxQTJC
NjIzOUZBQkYzOEI1OUY4M0Y2QUM5N0U0MzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGOinP9OoDAZxBDfcojlxmG8DlVwq2G+TmLmIGKvA4Q0chWmZU
WOlgnTOOMR6BM5SxKE32vyOQp2G7I3Gp28F38tTORwHGRyDXumjtAciHYtk5RYLM
lD8iH8QFqkD9NGpfK1qMR1hotUQMmUx2Ecbsv/RasWyYpPYNADV1bc8M1pXvGkmQ
KY4crJFphJFJPNRPykmaTkpo7bxhygSsa/0YNxoKQfhOSwCAz4NVVY7cBx6ikF9E
pbQHESs14b5BIh+FqIm4MERL3KHUsRZXMqCCfB9ce1mA8T5AJXDTb91jwqQgwrPY
dJeONXSBE0bI6/f5BzSd1g+MAjbJdat/M4PvAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU68wgwSwaK2I5+r84tZ+D9qyX5DkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzY4d2d3U3dhSzJJNS1y
ODR0Wi1EOXF5WDVEay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALqpWS1uLjHz6IcqhL1C9+w56uC8T/QK
DgK21Fj8W9CxKALotQqTORjPBjDETUFrLbjSum2KqmRMhl+KALGhvgYYwytUNTei
PEzMTIQUcbRBI2Rwh/PDOZDG/sBq+R4A6kO5q6or1dnyU669BSmBzg45WRLOEhNn
zCxrX3NghrtY3LgIBSm/s6jqfuGJVD+Z1Ui/+LLm3InqkkM+p95AN6SWCx3eqCkE
86s8kHWoRsl7PTuZ2xuJ9MNqzKA1VPfEHlJJgjKvJac+SpXwrI8QsQi9O9l9WDDU
Vfjp1giGa0PRhRLGWfS9nHnHsMjrU0aOvnoW9HmZP4kaf5sjL6IX83I=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:41 2025 by rpki-client