Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/7jMlgO0c-mI1nNImesP_1hYLRtA.roa
File: 7jMlgO0c-mI1nNImesP_1hYLRtA.roa (raw, json)
Hash identifier: 7IWGyZNjCC+6ylD34RjNuV8EQ8hKOiGb2mf8sAWMr/E=
Subject key identifier: EE:33:25:80:ED:1C:FA:62:35:9C:D2:26:7A:C3:FF:D6:16:0B:46:D0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3857
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/7jMlgO0c-mI1nNImesP_1hYLRtA.roa
Signing time: Wed 03 Apr 2024 16:52:21 +0000
ROA not before: Wed 03 Apr 2024 16:52:21 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14423 (0x3857)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 3 16:52:21 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=EE332580ED1CFA62359CD2267AC3FFD6160B46D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:38:c7:90:3f:0c:bb:fc:83:22:c2:84:05:55:
29:de:42:b0:24:ec:40:92:a6:55:46:57:36:df:40:
83:26:c2:d6:54:5c:a9:5d:fc:82:b4:a1:5f:bf:60:
f4:fc:1e:9e:44:61:d8:34:dd:df:70:b6:e5:49:e2:
7f:dd:db:a2:5c:54:99:2c:28:72:af:26:e4:0e:95:
17:39:51:bf:dd:d8:e2:93:0f:be:67:cc:69:c4:c9:
01:5a:83:d9:44:91:98:3b:69:5f:56:4f:1e:47:87:
4d:f2:a5:96:50:c7:a7:55:08:41:d5:08:6c:a5:2a:
1d:9c:ef:00:c6:de:b1:69:2f:e1:ac:bc:a6:06:07:
8e:ce:85:82:7e:8a:a3:c3:f9:0e:c3:70:25:b3:0f:
19:9d:7b:26:99:c4:a2:ea:b0:a5:a5:ad:00:6a:10:
9f:3b:e5:a4:6b:67:b2:4f:40:bb:3b:7e:0e:bb:fd:
bc:87:c6:21:f6:e9:fa:43:cf:cc:4f:f0:ed:ba:55:
34:b1:ad:52:f1:e7:71:ea:11:76:3e:41:06:25:9c:
93:18:a0:8e:29:5d:7b:2f:4c:5c:95:f7:07:23:dc:
6c:15:f7:dc:1a:58:0b:84:80:12:9a:b2:29:f0:df:
0d:a9:9c:99:df:2f:1d:c9:6c:34:e8:1c:c3:e7:59:
8f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:33:25:80:ED:1C:FA:62:35:9C:D2:26:7A:C3:FF:D6:16:0B:46:D0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/7jMlgO0c-mI1nNImesP_1hYLRtA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
20:55:99:ca:a7:15:98:1b:99:f2:16:20:d5:c9:24:72:fa:47:
56:1d:7a:76:8c:c1:ee:91:12:7c:92:62:0a:71:28:8b:c2:02:
8b:1d:37:79:e5:10:23:a5:bd:0c:5c:fd:26:a5:f7:be:0d:10:
2b:7a:15:86:70:8c:08:d5:e2:44:74:ed:05:cd:86:e5:3a:6b:
93:dc:66:12:21:0f:e7:0b:30:06:66:eb:58:cc:5c:be:b9:b6:
2c:db:84:8c:84:5b:8b:a3:c9:b6:aa:b4:c0:6a:6e:73:37:e9:
63:d8:23:b0:e4:43:d6:59:60:04:3c:01:3f:fb:64:05:60:8f:
0f:65:b0:05:53:ab:52:f5:23:55:b4:7e:0c:c9:2c:31:22:52:
3a:bd:8f:44:e1:a8:38:c2:45:93:93:38:54:bd:be:70:8c:66:
ee:f9:c4:5f:ce:7e:41:c5:bd:1d:ed:35:e1:84:df:ba:19:a3:
36:3c:05:f1:2c:b7:0b:f6:20:88:ae:42:55:c8:d2:16:94:90:
25:05:37:72:68:d8:33:9d:40:95:ee:c9:12:37:3a:47:cc:cd:
ad:18:24:d0:91:c9:c6:27:66:20:f1:84:11:28:fc:de:5e:89:
db:7c:c2:5c:54:d5:08:56:95:c0:50:ca:dc:76:eb:c5:6b:2b:
02:90:00:18
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICOFcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDMx
NjUyMjFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVFMzMyNTgwRUQxQ0ZB
NjIzNTlDRDIyNjdBQzNGRkQ2MTYwQjQ2RDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQOMeQPwy7/IMiwoQFVSneQrAk7ECSplVGVzbfQIMmwtZUXKld
/IK0oV+/YPT8Hp5EYdg03d9wtuVJ4n/d26JcVJksKHKvJuQOlRc5Ub/d2OKTD75n
zGnEyQFag9lEkZg7aV9WTx5Hh03ypZZQx6dVCEHVCGylKh2c7wDG3rFpL+GsvKYG
B47OhYJ+iqPD+Q7DcCWzDxmdeyaZxKLqsKWlrQBqEJ875aRrZ7JPQLs7fg67/byH
xiH26fpDz8xP8O26VTSxrVLx53HqEXY+QQYlnJMYoI4pXXsvTFyV9wcj3GwV99wa
WAuEgBKasinw3w2pnJnfLx3JbDToHMPnWY/hAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU7jMlgO0c+mI1nNImesP/1hYLRtAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzdqTWxnTzBjLW1JMW5O
SW1lc1BfMWhZTFJ0QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBACBVmcqnFZgbmfIWINXJJHL6R1YdenaM
we6REnySYgpxKIvCAosdN3nlECOlvQxc/Sal974NECt6FYZwjAjV4kR07QXNhuU6
a5PcZhIhD+cLMAZm61jMXL65tizbhIyEW4ujybaqtMBqbnM36WPYI7DkQ9ZZYAQ8
AT/7ZAVgjw9lsAVTq1L1I1W0fgzJLDEiUjq9j0ThqDjCRZOTOFS9vnCMZu75xF/O
fkHFvR3tNeGE37oZozY8BfEstwv2IIiuQlXI0haUkCUFN3Jo2DOdQJXuyRI3OkfM
za0YJNCRycYnZiDxhBEo/N5eidt8wlxU1QhWlcBQytx268VrKwKQABg=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:37 2025 by rpki-client