Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/7YNb5N1w5yq0Wg0mdmDz2q9knrY.roa
File: 7YNb5N1w5yq0Wg0mdmDz2q9knrY.roa (raw, json)
Hash identifier: 5WwJgumYIoF7XIQzc3Rq3CqkfNpocfTlGgynBnHbg3M=
Subject key identifier: ED:83:5B:E4:DD:70:E7:2A:B4:5A:0D:26:76:60:F3:DA:AF:64:9E:B6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3443
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/7YNb5N1w5yq0Wg0mdmDz2q9knrY.roa
Signing time: Fri 29 Mar 2024 06:22:32 +0000
ROA not before: Fri 29 Mar 2024 06:22:32 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13379 (0x3443)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 06:22:32 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=ED835BE4DD70E72AB45A0D267660F3DAAF649EB6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:77:12:6f:c7:dd:3a:79:69:be:bc:66:cb:76:
bc:ca:4c:21:d6:1f:f2:55:22:87:70:76:13:25:f7:
a8:7a:af:4f:41:a4:1c:ad:8c:bf:a7:ec:df:35:4a:
ca:30:94:53:a5:dd:25:cb:1b:0c:2f:86:28:5e:09:
dd:f8:77:8b:b3:4c:22:43:b6:90:6e:a5:82:f3:89:
27:40:cd:7d:0c:a9:27:8e:b9:f2:4a:f5:e7:34:6d:
02:21:25:1f:f8:c7:63:79:e8:7f:57:a0:95:ee:ec:
02:27:68:0e:17:0c:42:ff:44:22:a1:c8:da:3a:08:
d6:8b:27:98:3f:98:13:af:b5:91:6f:12:01:ea:cf:
45:ee:e5:b2:87:f5:02:a4:a1:46:a2:b1:b9:0e:4b:
97:74:01:c5:f7:c4:5d:48:0d:61:fc:3a:fa:ec:54:
49:a6:14:ce:18:7f:81:8c:ed:6e:dd:b2:95:02:f6:
2e:ed:22:b0:ff:5b:cd:85:5b:09:bb:f0:b9:c3:1b:
cf:e5:4b:36:2a:1b:87:db:0e:6c:b0:30:ef:5a:a5:
e2:c7:c1:d6:1b:1c:64:de:85:fa:79:20:c7:80:b0:
0b:f2:39:64:27:08:47:46:4d:57:09:f4:38:a6:d3:
3c:3e:91:22:3a:56:9b:7a:86:d0:48:fa:17:e9:ef:
16:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:83:5B:E4:DD:70:E7:2A:B4:5A:0D:26:76:60:F3:DA:AF:64:9E:B6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/7YNb5N1w5yq0Wg0mdmDz2q9knrY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
78:77:bd:77:75:64:9e:5e:40:7b:3c:e4:19:52:cf:1e:2c:aa:
ba:3c:ac:57:cb:6b:23:04:68:18:5b:d7:90:86:b5:83:f2:eb:
1f:24:f1:2a:07:ed:7d:94:b2:4c:5c:b7:0b:aa:20:d7:71:4c:
15:f9:65:48:82:39:66:f0:a7:56:c9:77:aa:b7:22:89:36:1b:
07:df:bd:c0:58:d7:62:55:43:55:61:1f:f1:c4:14:e6:05:47:
da:fc:9a:10:cb:b5:ba:e4:a3:11:67:1d:d4:94:2b:24:91:25:
8b:9b:ea:55:5d:c0:5c:01:a5:e2:bd:fd:4d:9e:7f:32:33:84:
a3:55:1f:9c:4e:f1:77:b5:20:55:07:af:78:f8:01:4e:84:fe:
f4:7c:e9:42:d6:08:f3:e6:92:57:84:25:df:62:5c:58:17:35:
cb:15:e4:d0:82:42:ab:ae:ff:b5:07:ed:8c:b5:1d:72:82:28:
1f:cd:ef:fe:85:32:62:9a:84:0b:5f:44:22:39:e5:a4:2a:78:
a9:06:be:68:32:ff:f4:cc:18:68:a0:cb:f0:f5:8d:d6:93:a5:
7c:00:3d:53:5b:54:36:59:6f:fe:67:6a:7b:6c:9e:75:81:06:
ed:08:9d:a6:93:a0:80:c7:bb:f9:76:29:05:d9:d1:32:d8:6b:
60:9b:a4:4f
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNEMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjkw
NjIyMzJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVEODM1QkU0REQ3MEU3
MkFCNDVBMEQyNjc2NjBGM0RBQUY2NDlFQjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCdxJvx906eWm+vGbLdrzKTCHWH/JVIodwdhMl96h6r09BpByt
jL+n7N81SsowlFOl3SXLGwwvhiheCd34d4uzTCJDtpBupYLziSdAzX0MqSeOufJK
9ec0bQIhJR/4x2N56H9XoJXu7AInaA4XDEL/RCKhyNo6CNaLJ5g/mBOvtZFvEgHq
z0Xu5bKH9QKkoUaisbkOS5d0AcX3xF1IDWH8OvrsVEmmFM4Yf4GM7W7dspUC9i7t
IrD/W82FWwm78LnDG8/lSzYqG4fbDmywMO9apeLHwdYbHGTehfp5IMeAsAvyOWQn
CEdGTVcJ9Dim0zw+kSI6Vpt6htBI+hfp7xZZAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU7YNb5N1w5yq0Wg0mdmDz2q9knrYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzdZTmI1TjF3NXlxMFdn
MG1kbUR6MnE5a25yWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAHh3vXd1ZJ5eQHs85BlSzx4sqro8rFfL
ayMEaBhb15CGtYPy6x8k8SoH7X2UskxctwuqINdxTBX5ZUiCOWbwp1bJd6q3Iok2
GwffvcBY12JVQ1VhH/HEFOYFR9r8mhDLtbrkoxFnHdSUKySRJYub6lVdwFwBpeK9
/U2efzIzhKNVH5xO8Xe1IFUHr3j4AU6E/vR86ULWCPPmkleEJd9iXFgXNcsV5NCC
Qquu/7UH7Yy1HXKCKB/N7/6FMmKahAtfRCI55aQqeKkGvmgy//TMGGigy/D1jdaT
pXwAPVNbVDZZb/5nantsnnWBBu0InaaToIDHu/l2KQXZ0TLYa2CbpE8=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:37:38 2025 by rpki-client