Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/9bJgo3Pe7bqgmWY8BmuO4u-YA_A.roa
File: 9bJgo3Pe7bqgmWY8BmuO4u-YA_A.roa (raw, json)
Hash identifier: CghSY5py6o0C92HjVhg2euvDrNOCSiTJ6jZV0gWuPfo=
Subject key identifier: F5:B2:60:A3:73:DE:ED:BA:A0:99:66:3C:06:6B:8E:E2:EF:98:03:F0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 368B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/9bJgo3Pe7bqgmWY8BmuO4u-YA_A.roa
Signing time: Mon 01 Apr 2024 07:25:47 +0000
ROA not before: Mon 01 Apr 2024 07:25:47 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13963 (0x368b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 1 07:25:47 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F5B260A373DEEDBAA099663C066B8EE2EF9803F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e9:3f:12:1b:1b:20:3b:66:0f:b4:5e:20:53:
25:38:64:a4:b7:5e:e5:52:b0:37:94:e4:dc:3f:e2:
96:a0:23:2e:0d:7b:7b:61:4d:76:4e:ae:19:e5:be:
8f:8e:d7:6f:a0:6a:12:ab:21:cc:1c:1a:d3:f5:77:
65:2f:f8:83:e3:94:1e:ba:cb:6f:07:af:60:0e:83:
3e:a8:43:54:ac:6e:97:8d:95:5e:7e:ba:5d:4a:e0:
54:8d:3a:d5:c1:27:7d:d4:62:f9:60:ab:5f:0e:79:
1f:46:1a:5f:bd:40:9b:54:d7:fb:01:bf:f2:9b:5b:
0e:88:b3:94:fb:a4:44:b3:19:05:5b:bc:fe:b6:61:
94:0e:ac:dd:56:4a:95:1a:8a:2b:2e:37:5f:07:e5:
0c:af:11:00:fc:12:b9:a5:8b:ef:76:42:ee:d4:31:
4b:57:09:75:1e:8a:73:61:db:fc:31:c2:bf:e3:52:
53:e7:1c:1b:14:24:0a:23:8c:2c:dd:5e:d1:d6:70:
8f:7f:3d:0f:30:7e:93:d3:39:10:bb:75:30:76:4a:
03:41:28:86:04:44:a8:7d:ff:89:bf:f1:58:15:1c:
f6:51:b0:6f:e8:0e:7d:cb:68:dc:51:8e:e3:f0:8e:
09:74:2f:9c:91:00:e4:38:c5:15:e3:8f:50:93:de:
3c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:B2:60:A3:73:DE:ED:BA:A0:99:66:3C:06:6B:8E:E2:EF:98:03:F0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/9bJgo3Pe7bqgmWY8BmuO4u-YA_A.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
32:0c:73:87:24:58:99:f0:dc:66:36:a9:12:07:73:37:c9:5e:
1c:43:4c:3a:2c:06:ff:26:aa:25:0d:9b:11:58:82:62:a0:31:
f3:8a:d7:d8:bb:da:49:87:79:d8:a9:0d:af:21:9f:40:71:59:
fb:d5:af:35:e2:ab:0b:db:48:3f:41:5f:7b:36:5f:b1:e8:8f:
91:79:21:59:2c:bd:36:bc:69:09:d1:79:4b:77:7f:72:c9:6e:
c9:9c:cd:a7:55:ff:22:ee:47:87:25:b1:23:c9:7c:8f:4f:00:
8a:59:87:ac:18:50:23:96:d0:d1:be:89:26:0c:92:ab:2d:f3:
63:51:7c:83:ab:68:e5:54:61:a5:29:da:6f:cd:40:82:09:33:
2e:66:a5:df:e7:94:96:f8:0f:d1:73:39:4c:5b:dc:ae:6b:9f:
35:4e:ef:42:37:63:5c:54:e8:83:ad:9f:1f:63:a7:d6:72:0a:
e2:c4:27:80:95:b7:6b:26:cf:7d:aa:1d:e0:27:91:42:a9:5a:
e3:24:72:16:9a:4f:d5:12:04:fb:82:f3:2d:46:de:94:6f:a8:
a8:60:3f:fe:20:e4:2e:4d:28:f7:c6:e8:98:91:09:62:d5:e3:
ec:3b:5d:c2:74:a1:51:12:0f:37:52:eb:01:2b:fe:81:c0:6b:
90:b7:98:2e
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNoswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDEw
NzI1NDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY1QjI2MEEzNzNERUVE
QkFBMDk5NjYzQzA2NkI4RUUyRUY5ODAzRjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC76T8SGxsgO2YPtF4gUyU4ZKS3XuVSsDeU5Nw/4pagIy4Ne3th
TXZOrhnlvo+O12+gahKrIcwcGtP1d2Uv+IPjlB66y28Hr2AOgz6oQ1SsbpeNlV5+
ul1K4FSNOtXBJ33UYvlgq18OeR9GGl+9QJtU1/sBv/KbWw6Is5T7pESzGQVbvP62
YZQOrN1WSpUaiisuN18H5QyvEQD8Ermli+92Qu7UMUtXCXUeinNh2/wxwr/jUlPn
HBsUJAojjCzdXtHWcI9/PQ8wfpPTORC7dTB2SgNBKIYERKh9/4m/8VgVHPZRsG/o
Dn3LaNxRjuPwjgl0L5yRAOQ4xRXjj1CT3jwlAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU9bJgo3Pe7bqgmWY8BmuO4u+YA/AwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzliSmdvM1BlN2JxZ21X
WThCbXVPNHUtWUFfQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBADIMc4ckWJnw3GY2qRIHczfJXhxDTDos
Bv8mqiUNmxFYgmKgMfOK19i72kmHedipDa8hn0BxWfvVrzXiqwvbSD9BX3s2X7Ho
j5F5IVksvTa8aQnReUt3f3LJbsmczadV/yLuR4clsSPJfI9PAIpZh6wYUCOW0NG+
iSYMkqst82NRfIOraOVUYaUp2m/NQIIJMy5mpd/nlJb4D9FzOUxb3K5rnzVO70I3
Y1xU6IOtnx9jp9ZyCuLEJ4CVt2smz32qHeAnkUKpWuMkchaaT9USBPuC8y1G3pRv
qKhgP/4g5C5NKPfG6JiRCWLV4+w7XcJ0oVESDzdS6wEr/oHAa5C3mC4=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:47:16 2025 by rpki-client