Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/98iTSZbBB_dJBtUCIyrdv1CV7XQ.roa
File: 98iTSZbBB_dJBtUCIyrdv1CV7XQ.roa (raw, json)
Hash identifier: B5nZnyXzJ4zdL0scQR4GJrQqW8wyATafMeQeW9Rbb68=
Subject key identifier: F7:C8:93:49:96:C1:07:F7:49:06:D5:02:23:2A:DD:BF:50:95:ED:74
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3DD7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/98iTSZbBB_dJBtUCIyrdv1CV7XQ.roa
Signing time: Thu 11 Apr 2024 00:52:47 +0000
ROA not before: Thu 11 Apr 2024 00:52:47 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15831 (0x3dd7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 11 00:52:47 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F7C8934996C107F74906D502232ADDBF5095ED74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:fd:d6:1e:d6:cc:99:4e:b7:ad:70:32:ad:5a:
09:f8:ea:1e:fd:5e:94:c6:f1:d9:9f:d0:cf:ab:40:
9a:19:f5:8b:12:57:6e:b6:68:f0:49:4f:7f:32:e9:
49:98:cf:49:30:aa:b3:47:fd:6d:c4:e5:c7:08:7d:
1f:4b:c7:0f:f2:fe:2b:37:5c:d6:e6:ce:d1:7f:8c:
0b:5e:02:b9:33:f5:c8:86:82:93:fa:66:27:16:26:
07:41:c4:71:64:39:b3:2b:60:0f:6c:f8:52:95:fd:
63:7a:16:94:25:b9:4f:46:f5:ef:93:14:2b:7f:2b:
d7:e9:95:9c:22:ec:c3:b9:77:4e:0d:ef:6f:c8:d6:
38:c0:98:49:55:f1:d3:35:af:93:da:b1:e2:00:58:
a1:69:36:78:c8:b7:dd:8a:7d:89:ab:a9:b9:76:d4:
03:5b:1e:f7:e9:84:e1:7d:1c:20:eb:58:06:dd:6a:
04:e6:66:6a:38:e5:78:29:24:7c:d3:d7:1d:24:9c:
42:9d:38:66:6b:bd:bc:69:58:b0:f2:9a:48:7b:3f:
2a:16:57:6f:b9:cf:f1:91:d2:5e:48:28:a7:cd:c4:
0c:73:33:5a:5f:30:08:e9:39:a9:f5:9c:a0:fa:ca:
e0:b4:7f:72:59:14:c3:04:c8:2a:94:8c:ff:89:da:
b7:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:C8:93:49:96:C1:07:F7:49:06:D5:02:23:2A:DD:BF:50:95:ED:74
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/98iTSZbBB_dJBtUCIyrdv1CV7XQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
7e:b7:79:76:c5:67:ef:b9:90:8d:dc:0b:bd:d7:b0:77:88:02:
b3:f3:24:a5:73:c9:b3:7d:d2:0b:b0:c3:d4:f2:13:be:68:86:
cc:ad:a5:68:c3:84:25:9b:ac:58:f3:70:8c:49:ce:4e:db:f1:
5c:97:92:82:d8:00:c5:19:be:73:3a:b4:65:2f:4e:1d:c8:37:
de:de:3a:a2:59:e6:5a:2b:dd:5c:c3:c5:80:57:2c:1e:2e:fb:
fe:0f:c8:1a:62:46:9a:aa:14:da:d4:c2:8f:ab:46:a2:8e:ae:
ce:d8:b7:0b:70:10:f1:6b:10:89:90:63:3e:a0:47:9f:db:1a:
22:37:39:16:9d:2b:d3:37:18:8c:51:5c:c6:5c:c1:96:c1:d8:
5a:1a:4c:de:b2:3e:45:8d:3d:de:b7:07:72:e8:da:e9:c2:aa:
64:43:79:cc:24:04:0d:9a:95:23:83:af:56:fb:21:49:20:05:
f6:4c:8d:97:68:b3:b0:97:62:3c:20:b9:da:00:66:15:6c:bc:
87:e5:d7:5a:e7:f5:ef:a4:62:62:ff:c9:2c:33:05:7e:d1:b1:
a5:61:b1:36:0e:a6:93:8e:0c:a3:fe:13:64:9d:0b:3d:a0:e1:
2f:1c:d1:c5:c9:2c:d4:d2:25:13:97:87:21:21:49:69:98:fb:
b3:b9:97:83
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPdcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTEw
MDUyNDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY3Qzg5MzQ5OTZDMTA3
Rjc0OTA2RDUwMjIzMkFEREJGNTA5NUVENzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDN/dYe1syZTretcDKtWgn46h79XpTG8dmf0M+rQJoZ9YsSV262
aPBJT38y6UmYz0kwqrNH/W3E5ccIfR9Lxw/y/is3XNbmztF/jAteArkz9ciGgpP6
ZicWJgdBxHFkObMrYA9s+FKV/WN6FpQluU9G9e+TFCt/K9fplZwi7MO5d04N72/I
1jjAmElV8dM1r5PaseIAWKFpNnjIt92KfYmrqbl21ANbHvfphOF9HCDrWAbdagTm
Zmo45XgpJHzT1x0knEKdOGZrvbxpWLDymkh7PyoWV2+5z/GR0l5IKKfNxAxzM1pf
MAjpOan1nKD6yuC0f3JZFMMEyCqUjP+J2relAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU98iTSZbBB/dJBtUCIyrdv1CV7XQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3Lzk4aVRTWmJCQl9kSkJ0
VUNJeXJkdjFDVjdYUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAH63eXbFZ++5kI3cC73XsHeIArPzJKVz
ybN90guww9TyE75ohsytpWjDhCWbrFjzcIxJzk7b8VyXkoLYAMUZvnM6tGUvTh3I
N97eOqJZ5lor3VzDxYBXLB4u+/4PyBpiRpqqFNrUwo+rRqKOrs7YtwtwEPFrEImQ
Yz6gR5/bGiI3ORadK9M3GIxRXMZcwZbB2FoaTN6yPkWNPd63B3Lo2unCqmRDecwk
BA2alSODr1b7IUkgBfZMjZdos7CXYjwgudoAZhVsvIfl11rn9e+kYmL/ySwzBX7R
saVhsTYOppOODKP+E2SdCz2g4S8c0cXJLNTSJROXhyEhSWmY+7O5l4M=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:38:03 2025 by rpki-client