Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/7cK0nBsSEiVT6TPiDrclBOfwiuQ.roa
File: 7cK0nBsSEiVT6TPiDrclBOfwiuQ.roa (raw, json)
Hash identifier: r+OlCdwZk+bcEAcj6urk160YTLE9iGpiJwxi5OBmlUg=
Subject key identifier: ED:C2:B4:9C:1B:12:12:25:53:E9:33:E2:0E:B7:25:04:E7:F0:8A:E4
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 43AF
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/7cK0nBsSEiVT6TPiDrclBOfwiuQ.roa
Signing time: Thu 18 Apr 2024 19:53:01 +0000
ROA not before: Thu 18 Apr 2024 19:53:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17327 (0x43af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 18 19:53:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=EDC2B49C1B12122553E933E20EB72504E7F08AE4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:5c:1b:5c:e1:b4:44:11:95:46:3f:46:9d:33:
44:1e:10:80:57:2c:d1:dc:ab:f9:c0:ef:34:cf:0c:
ae:ac:95:91:0a:80:22:aa:bd:e7:ea:f6:a8:79:d9:
66:6f:39:2d:6d:4d:d8:f3:cf:8a:55:47:38:1f:3d:
f8:0d:78:05:cc:0b:8c:73:7c:35:9c:11:fe:a2:89:
e4:7d:73:66:62:35:00:91:e0:1a:5c:17:68:c9:92:
0c:61:e3:08:07:cc:d7:9f:b9:71:b2:a9:65:d0:55:
b4:aa:65:84:d8:01:51:47:03:59:0c:28:42:65:8f:
b0:1f:ed:39:93:ac:80:8b:e7:8a:da:58:14:7a:7c:
69:94:1e:89:44:17:00:b7:1b:96:f4:93:70:e4:0f:
fa:31:b1:7b:36:e3:d7:3f:9c:ee:a1:8e:1a:98:c9:
1f:58:13:b9:1d:13:a1:77:ec:0a:8d:57:a4:66:05:
fa:23:e7:0a:7b:12:f7:d4:58:da:59:3d:3c:3f:63:
7e:37:ac:19:ad:12:47:41:54:15:ff:ac:1d:96:f1:
70:66:c7:12:b3:12:82:f6:92:57:d4:af:03:bc:03:
2e:da:99:b1:f4:da:83:0c:b5:51:03:38:67:34:83:
9a:9f:be:38:98:47:2e:da:a0:13:e8:26:cc:db:9a:
55:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:C2:B4:9C:1B:12:12:25:53:E9:33:E2:0E:B7:25:04:E7:F0:8A:E4
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/7cK0nBsSEiVT6TPiDrclBOfwiuQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
55:43:b7:8e:67:9f:93:ec:48:18:bb:99:d1:b1:fe:ed:c5:0a:
b1:44:bd:32:69:37:06:b3:dc:df:95:ab:e5:90:78:8b:1b:62:
81:52:12:b4:91:f0:b5:9a:f0:74:77:94:9a:d3:18:ba:52:01:
0b:aa:81:c3:b6:da:e4:69:43:56:9f:5b:99:08:12:f8:2a:e8:
12:e3:33:b8:fb:02:a2:54:9a:0b:34:fb:0b:dd:ff:03:ac:64:
53:1d:53:5d:a9:43:9b:3a:c8:0c:23:ec:ac:ef:9d:a9:03:c6:
30:21:c7:8c:4e:4b:c1:05:8c:f3:a2:a1:23:7f:bc:66:38:94:
50:dc:b0:c6:15:55:5d:31:98:fb:b6:43:9b:ff:82:78:97:37:
1b:a7:99:85:c1:bd:11:c0:78:92:67:85:9f:56:4c:3e:05:18:
c0:36:ac:e0:9c:ce:79:e7:f8:2d:e7:fb:a7:44:c8:f9:cc:37:
0c:e2:1f:80:d4:cb:05:6b:e1:b5:0a:7d:0f:9c:42:6d:5e:ec:
e5:d3:fa:aa:e4:bb:09:22:1e:c6:3c:1d:e7:df:ca:42:e3:1d:
ff:c4:62:18:e5:0c:4a:ce:48:9c:23:5f:05:6f:28:52:06:f0:
85:15:98:15:04:d6:13:01:9a:5b:da:e0:66:ba:f2:36:70:67:
cd:9f:f3:24
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQ68wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTgx
OTUzMDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVEQzJCNDlDMUIxMjEy
MjU1M0U5MzNFMjBFQjcyNTA0RTdGMDhBRTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEXBtc4bREEZVGP0adM0QeEIBXLNHcq/nA7zTPDK6slZEKgCKq
vefq9qh52WZvOS1tTdjzz4pVRzgfPfgNeAXMC4xzfDWcEf6iieR9c2ZiNQCR4Bpc
F2jJkgxh4wgHzNefuXGyqWXQVbSqZYTYAVFHA1kMKEJlj7Af7TmTrICL54raWBR6
fGmUHolEFwC3G5b0k3DkD/oxsXs249c/nO6hjhqYyR9YE7kdE6F37AqNV6RmBfoj
5wp7EvfUWNpZPTw/Y343rBmtEkdBVBX/rB2W8XBmxxKzEoL2klfUrwO8Ay7ambH0
2oMMtVEDOGc0g5qfvjiYRy7aoBPoJszbmlVZAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU7cK0nBsSEiVT6TPiDrclBOfwiuQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzdjSzBuQnNTRWlWVDZU
UGlEcmNsQk9md2l1US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFVDt45nn5PsSBi7mdGx/u3FCrFEvTJp
Nwaz3N+Vq+WQeIsbYoFSErSR8LWa8HR3lJrTGLpSAQuqgcO22uRpQ1afW5kIEvgq
6BLjM7j7AqJUmgs0+wvd/wOsZFMdU12pQ5s6yAwj7KzvnakDxjAhx4xOS8EFjPOi
oSN/vGY4lFDcsMYVVV0xmPu2Q5v/gniXNxunmYXBvRHAeJJnhZ9WTD4FGMA2rOCc
znnn+C3n+6dEyPnMNwziH4DUywVr4bUKfQ+cQm1e7OXT+qrkuwkiHsY8HeffykLj
Hf/EYhjlDErOSJwjXwVvKFIG8IUVmBUE1hMBmlva4Ga68jZwZ82f8yQ=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:46:11 2025 by rpki-client