Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/6U59mBh1T7t2OHglRomOQdgJUV0.roa
File: 6U59mBh1T7t2OHglRomOQdgJUV0.roa (raw, json)
Hash identifier: LDILcZZIqo4Lc9q+Kri+/SNOnBNErNzSMA9tRqwG7Ho=
Subject key identifier: E9:4E:7D:98:18:75:4F:BB:76:38:78:25:46:89:8E:41:D8:09:51:5D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 42B3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6U59mBh1T7t2OHglRomOQdgJUV0.roa
Signing time: Wed 17 Apr 2024 12:23:27 +0000
ROA not before: Wed 17 Apr 2024 12:23:27 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17075 (0x42b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 12:23:27 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E94E7D9818754FBB7638782546898E41D809515D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0f:a7:fa:e6:e0:43:db:25:2e:78:fd:4c:c7:
b0:a2:8c:81:7e:63:04:f5:d6:f2:f9:86:71:cc:fd:
02:7a:d0:42:a6:5b:57:1e:c0:5f:c1:d9:1e:90:85:
dd:4b:0f:b2:21:31:31:7c:3b:b0:9c:e3:68:5a:30:
77:89:6f:95:f6:0a:d6:b9:d4:4e:01:9f:0a:82:1a:
64:a2:52:99:3e:3f:f0:16:ff:44:8e:42:18:8e:38:
59:07:86:26:50:4b:21:fd:3b:fa:47:f3:92:6d:11:
34:68:e7:93:61:fd:72:74:20:e9:fa:62:e0:e2:66:
d1:12:9d:7a:d3:74:50:e5:ea:93:c0:3d:22:7f:32:
0b:af:40:93:9a:fd:4b:9f:98:34:37:ac:cd:42:ec:
67:4c:ec:2c:b1:45:30:94:cc:1a:f2:97:84:2a:6c:
cb:54:61:ec:72:e5:e2:4d:81:a2:60:ec:e0:3f:f7:
54:d2:ba:4b:0f:96:64:41:52:3e:c6:98:48:5e:fa:
7c:8d:01:bd:86:0b:75:d6:9c:24:66:de:8a:db:a5:
ec:b3:f2:a1:a2:7d:02:98:82:b4:a8:2f:ad:01:81:
04:fa:07:b3:37:3f:d0:54:55:83:0b:7e:89:f1:2a:
3d:82:64:cd:1c:c7:58:1a:5f:ba:d8:da:ca:c4:b8:
39:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:4E:7D:98:18:75:4F:BB:76:38:78:25:46:89:8E:41:D8:09:51:5D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/6U59mBh1T7t2OHglRomOQdgJUV0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
5d:13:8c:42:7c:a2:a4:58:fb:f6:76:30:96:a3:8e:13:ee:ee:
8c:58:dc:6e:66:7f:2f:66:80:9f:ab:f3:2c:bb:68:46:ca:e5:
41:c1:e0:47:4e:fa:26:00:47:ff:25:80:12:02:7e:33:af:06:
7e:45:70:e9:ac:6d:49:b0:72:d0:81:13:9b:76:1a:da:94:06:
55:95:83:60:a8:f2:ff:74:e1:13:3a:89:26:fa:bb:8d:76:79:
fa:6e:5c:23:00:f2:df:03:eb:aa:5f:03:80:22:73:1f:27:56:
53:91:34:89:55:30:f0:ce:bd:18:3c:cb:f5:16:be:56:24:8a:
cc:ca:29:53:f1:0f:b1:64:1f:53:06:5e:ac:b9:eb:70:a7:86:
69:04:7b:dc:05:29:37:20:ba:a0:0b:dc:4b:0c:7c:bc:86:a1:
f2:78:8a:e2:41:de:dd:47:04:f5:56:57:4d:57:33:97:61:89:
98:02:ed:ec:88:e7:dc:64:45:69:f3:90:1c:b0:23:b3:60:18:
28:5e:c0:54:68:3b:64:d2:2c:11:05:3e:c2:8a:63:35:b5:60:
1b:d2:78:3b:76:74:d2:b8:13:83:78:46:59:58:1a:bc:e6:3f:
10:fb:6c:43:3a:f3:b2:c9:ea:63:0c:0d:1f:0e:cf:bb:53:54:
67:3a:e3:00
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQrMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcx
MjIzMjdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU5NEU3RDk4MTg3NTRG
QkI3NjM4NzgyNTQ2ODk4RTQxRDgwOTUxNUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1D6f65uBD2yUueP1Mx7CijIF+YwT11vL5hnHM/QJ60EKmW1ce
wF/B2R6Qhd1LD7IhMTF8O7Cc42haMHeJb5X2Cta51E4BnwqCGmSiUpk+P/AW/0SO
QhiOOFkHhiZQSyH9O/pH85JtETRo55Nh/XJ0IOn6YuDiZtESnXrTdFDl6pPAPSJ/
MguvQJOa/UufmDQ3rM1C7GdM7CyxRTCUzBryl4QqbMtUYexy5eJNgaJg7OA/91TS
uksPlmRBUj7GmEhe+nyNAb2GC3XWnCRm3orbpeyz8qGifQKYgrSoL60BgQT6B7M3
P9BUVYMLfonxKj2CZM0cx1gaX7rY2srEuDnzAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU6U59mBh1T7t2OHglRomOQdgJUV0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzZVNTltQmgxVDd0Mk9I
Z2xSb21PUWRnSlVWMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAF0TjEJ8oqRY+/Z2MJajjhPu7oxY3G5m
fy9mgJ+r8yy7aEbK5UHB4EdO+iYAR/8lgBICfjOvBn5FcOmsbUmwctCBE5t2GtqU
BlWVg2Co8v904RM6iSb6u412efpuXCMA8t8D66pfA4Aicx8nVlORNIlVMPDOvRg8
y/UWvlYkiszKKVPxD7FkH1MGXqy563CnhmkEe9wFKTcguqAL3EsMfLyGofJ4iuJB
3t1HBPVWV01XM5dhiZgC7eyI59xkRWnzkBywI7NgGChewFRoO2TSLBEFPsKKYzW1
YBvSeDt2dNK4E4N4RllYGrzmPxD7bEM687LJ6mMMDR8Oz7tTVGc64wA=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:47:38 2025 by rpki-client