Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/8-wEPwWXh3NFXPmJ72C6ZVyMaiQ.roa
File: 8-wEPwWXh3NFXPmJ72C6ZVyMaiQ.roa (raw, json)
Hash identifier: TUm/5WAp7yJzIcLOFYXRYXLRxS6NmuHgTETipkclLvE=
Subject key identifier: F3:EC:04:3F:05:97:87:73:45:5C:F9:89:EF:60:BA:65:5C:8C:6A:24
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 386F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8-wEPwWXh3NFXPmJ72C6ZVyMaiQ.roa
Signing time: Wed 03 Apr 2024 19:52:21 +0000
ROA not before: Wed 03 Apr 2024 19:52:21 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14447 (0x386f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 3 19:52:21 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F3EC043F05978773455CF989EF60BA655C8C6A24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:7d:97:bf:78:70:08:82:f9:87:87:98:9b:28:
c2:99:a4:65:7e:df:d2:51:09:a4:d7:e5:ec:27:68:
38:74:69:09:77:2e:3e:7b:f1:83:90:b1:0c:f2:0f:
36:12:d8:aa:ca:c9:9f:97:c0:56:e8:c2:99:05:09:
14:d6:20:b9:eb:9c:f1:31:89:ae:b2:63:6a:3c:2d:
12:b9:af:ae:09:50:e7:f5:d9:71:9f:e5:95:a2:26:
b4:dd:72:f5:55:96:cf:47:cb:51:15:93:84:e5:15:
a3:f3:a8:1f:7b:1b:90:d4:d9:4b:55:2a:e1:fe:c8:
6b:4b:ef:a4:3c:4b:58:e8:0e:3d:ec:14:d7:a9:c1:
9e:9d:78:1e:d7:86:1f:e7:94:1e:8b:e8:90:d7:bc:
65:38:1e:42:b1:52:46:69:0a:c7:74:88:58:86:f6:
f7:16:d7:ed:ab:3b:ba:13:fa:d5:08:ea:72:c5:ab:
4f:4d:27:cb:b0:1e:44:7e:7f:b9:99:6e:4d:dc:a7:
b8:cf:e8:ab:25:89:1d:0b:5a:98:e9:3d:58:cc:a1:
14:69:b1:d8:ac:7c:91:22:c6:a2:dc:fa:c8:6b:16:
10:fc:d4:98:f0:f2:51:6c:6e:6b:75:6c:23:42:a4:
1d:f5:82:5f:64:e2:c4:32:c1:86:fb:d8:39:08:d2:
64:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:EC:04:3F:05:97:87:73:45:5C:F9:89:EF:60:BA:65:5C:8C:6A:24
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8-wEPwWXh3NFXPmJ72C6ZVyMaiQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
46:21:7b:80:c5:4d:c3:e4:08:73:57:5c:fa:7f:03:c7:29:73:
58:6d:1c:42:ff:f3:4f:71:39:f8:57:6b:ea:a7:8f:85:47:6e:
5d:6a:36:33:a3:4b:c3:23:2d:cb:d3:9c:2f:2a:1e:bc:1c:b5:
78:5f:fc:62:65:68:df:e3:f8:eb:55:24:2d:30:d7:42:12:19:
a8:c2:79:f6:e2:17:13:24:e2:9c:97:e9:17:35:c3:07:32:0f:
77:19:30:8e:b1:33:7d:14:7c:b1:8f:a4:54:4d:ee:f6:bb:32:
3d:11:d1:81:e5:3d:1d:44:1b:ac:3d:04:17:dc:e6:72:0f:52:
25:46:65:0e:d0:68:34:5c:32:75:07:34:52:ef:45:f4:44:a6:
6c:09:69:e7:6f:6c:ff:8e:fc:ce:9d:2c:2e:75:13:85:50:a0:
9a:af:d0:2a:c6:c0:e7:a7:40:00:aa:c5:07:ca:0f:48:f6:c0:
c7:01:28:03:d7:02:5b:26:68:36:ac:a4:a5:38:ae:12:0b:60:
0e:e0:db:c2:25:7a:73:54:09:30:d0:4f:a3:c3:ff:b8:03:c4:
96:17:5f:58:4c:19:cc:e9:6f:66:6d:39:a4:2a:56:84:19:79:
36:29:52:65:77:f8:55:4f:e5:dc:2a:df:0d:1d:d5:11:05:0a:
99:83:e8:a5
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICOG8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDMx
OTUyMjFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEYzRUMwNDNGMDU5Nzg3
NzM0NTVDRjk4OUVGNjBCQTY1NUM4QzZBMjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjfZe/eHAIgvmHh5ibKMKZpGV+39JRCaTX5ewnaDh0aQl3Lj57
8YOQsQzyDzYS2KrKyZ+XwFbowpkFCRTWILnrnPExia6yY2o8LRK5r64JUOf12XGf
5ZWiJrTdcvVVls9Hy1EVk4TlFaPzqB97G5DU2UtVKuH+yGtL76Q8S1joDj3sFNep
wZ6deB7Xhh/nlB6L6JDXvGU4HkKxUkZpCsd0iFiG9vcW1+2rO7oT+tUI6nLFq09N
J8uwHkR+f7mZbk3cp7jP6KsliR0LWpjpPVjMoRRpsdisfJEixqLc+shrFhD81Jjw
8lFsbmt1bCNCpB31gl9k4sQywYb72DkI0mTDAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU8+wEPwWXh3NFXPmJ72C6ZVyMaiQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3Lzgtd0VQd1dYaDNORlhQ
bUo3MkM2WlZ5TWFpUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAEYhe4DFTcPkCHNXXPp/A8cpc1htHEL/
809xOfhXa+qnj4VHbl1qNjOjS8MjLcvTnC8qHrwctXhf/GJlaN/j+OtVJC0w10IS
GajCefbiFxMk4pyX6Rc1wwcyD3cZMI6xM30UfLGPpFRN7va7Mj0R0YHlPR1EG6w9
BBfc5nIPUiVGZQ7QaDRcMnUHNFLvRfREpmwJaedvbP+O/M6dLC51E4VQoJqv0CrG
wOenQACqxQfKD0j2wMcBKAPXAlsmaDaspKU4rhILYA7g28IlenNUCTDQT6PD/7gD
xJYXX1hMGczpb2ZtOaQqVoQZeTYpUmV3+FVP5dwq3w0d1REFCpmD6KU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:39:09 2025 by rpki-client