Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/7qPRDmKpSZQFFtHaox5M3I2nNUg.roa
File: 7qPRDmKpSZQFFtHaox5M3I2nNUg.roa (raw, json)
Hash identifier: 8H98LDnB94PCmTiH8eCK2H53Sao75hMCpZBXgW3+cGc=
Subject key identifier: EE:A3:D1:0E:62:A9:49:94:05:16:D1:DA:A3:1E:4C:DC:8D:A7:35:48
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 44CB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/7qPRDmKpSZQFFtHaox5M3I2nNUg.roa
Signing time: Sat 20 Apr 2024 07:23:05 +0000
ROA not before: Sat 20 Apr 2024 07:23:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17611 (0x44cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 07:23:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=EEA3D10E62A949940516D1DAA31E4CDC8DA73548
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6b:a2:90:83:3e:0a:9c:0f:0e:40:17:58:a8:
14:2a:92:c7:0d:d9:db:21:41:4a:4a:b0:81:2d:11:
04:1b:7a:2a:ff:61:66:88:d8:22:8d:c1:93:e8:23:
de:b5:85:2d:9d:e7:ce:d7:75:97:6b:a1:87:37:40:
44:22:e0:3e:79:76:96:77:e4:b1:66:b4:1d:57:03:
82:a1:a4:97:c1:e2:20:20:7a:b6:ec:e4:ee:9c:50:
2a:f5:f5:69:11:2f:0a:27:8b:14:eb:61:88:ae:ef:
b3:0b:53:89:43:98:3e:4f:e6:4e:2b:6e:f4:7e:5d:
a8:18:43:43:59:60:e6:a5:1c:13:a7:69:33:a3:2b:
5c:3f:2e:27:0d:22:3e:5f:45:76:fe:bf:7a:80:17:
59:af:43:a3:04:72:d5:0d:a3:6f:66:6b:14:ee:96:
54:f1:31:be:82:69:4c:c8:c3:81:49:0e:0f:e8:9c:
7c:af:8a:c5:56:08:87:62:f8:30:91:83:9e:9e:76:
46:01:84:b5:e3:12:65:a6:7a:5d:5f:dd:b8:06:9c:
19:c3:94:46:ab:89:4c:6b:1b:44:dd:ba:57:7d:da:
78:65:d7:39:7e:c6:db:9d:01:3d:56:19:a0:e2:90:
01:96:0a:da:2c:cd:eb:3f:47:ef:7e:eb:93:0a:8c:
33:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:A3:D1:0E:62:A9:49:94:05:16:D1:DA:A3:1E:4C:DC:8D:A7:35:48
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/7qPRDmKpSZQFFtHaox5M3I2nNUg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
b8:dd:a0:97:eb:71:4f:89:25:8d:61:68:5c:ec:9b:0a:d7:18:
ee:5b:f4:be:3e:08:cd:36:fe:b4:d0:c0:1f:f8:41:a9:07:78:
8f:97:68:59:00:67:60:d7:fd:f2:fd:d4:8d:7f:30:37:ac:1d:
90:29:11:ec:8b:88:37:dc:1f:43:c7:0e:26:87:8b:fa:7b:ea:
a6:1f:3a:36:37:f4:39:e0:d0:4e:7f:12:ea:b8:8a:ba:44:6b:
95:af:02:6c:92:a8:a7:83:e7:67:8e:61:73:00:06:4e:34:68:
c0:8d:b9:ef:46:53:c4:08:fd:2a:2e:e5:a7:fc:55:de:31:33:
52:2f:e0:bc:0d:ad:a1:63:f0:bf:e0:a5:1d:66:f5:ac:1f:c8:
54:7a:06:ed:d9:3d:dd:75:02:77:ed:96:25:0f:a4:03:9b:da:
23:64:1b:9e:b2:51:6c:9a:01:4a:5e:73:80:80:c9:9b:a3:c1:
a0:ce:f3:00:05:12:7c:ef:5e:a6:2e:58:3c:cc:6e:26:07:a5:
e0:e6:0c:83:65:3c:8a:f3:50:ce:4b:cd:a0:99:54:a5:b2:f7:
f7:70:7c:fd:cd:09:13:53:79:ef:2c:0c:b4:50:0c:2d:a5:55:
cf:b3:45:63:91:05:dd:75:f5:c1:b1:79:7b:a2:77:31:d6:47:
8c:b9:69:5c
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICRMswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAw
NzIzMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVFQTNEMTBFNjJBOTQ5
OTQwNTE2RDFEQUEzMUU0Q0RDOERBNzM1NDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqa6KQgz4KnA8OQBdYqBQqkscN2dshQUpKsIEtEQQbeir/YWaI
2CKNwZPoI961hS2d587XdZdroYc3QEQi4D55dpZ35LFmtB1XA4KhpJfB4iAgerbs
5O6cUCr19WkRLwonixTrYYiu77MLU4lDmD5P5k4rbvR+XagYQ0NZYOalHBOnaTOj
K1w/LicNIj5fRXb+v3qAF1mvQ6MEctUNo29maxTullTxMb6CaUzIw4FJDg/onHyv
isVWCIdi+DCRg56edkYBhLXjEmWmel1f3bgGnBnDlEariUxrG0Tduld92nhl1zl+
xtudAT1WGaDikAGWCtoszes/R+9+65MKjDO3AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU7qPRDmKpSZQFFtHaox5M3I2nNUgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzdxUFJEbUtwU1pRRkZ0
SGFveDVNM0kybk5VZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALjdoJfrcU+JJY1haFzsmwrXGO5b9L4+
CM02/rTQwB/4QakHeI+XaFkAZ2DX/fL91I1/MDesHZApEeyLiDfcH0PHDiaHi/p7
6qYfOjY39Dng0E5/Euq4irpEa5WvAmySqKeD52eOYXMABk40aMCNue9GU8QI/Sou
5af8Vd4xM1Iv4LwNraFj8L/gpR1m9awfyFR6Bu3ZPd11AnftliUPpAOb2iNkG56y
UWyaAUpec4CAyZujwaDO8wAFEnzvXqYuWDzMbiYHpeDmDINlPIrzUM5LzaCZVKWy
9/dwfP3NCRNTee8sDLRQDC2lVc+zRWORBd119cGxeXuidzHWR4y5aVw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:13:14 2025 by rpki-client