Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/CBbV3eRUkyTcAcnT_bATfMu_hjc.roa
File: CBbV3eRUkyTcAcnT_bATfMu_hjc.roa (raw, json)
Hash identifier: 5f2ZKR28sMUvKhPhrbLs88qrY1u477DiYe526jrq6AM=
Subject key identifier: 08:16:D5:DD:E4:54:93:24:DC:01:C9:D3:FD:B0:13:7C:CB:BF:86:37
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4F6B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/CBbV3eRUkyTcAcnT_bATfMu_hjc.roa
Signing time: Sat 04 May 2024 11:23:49 +0000
ROA not before: Sat 04 May 2024 11:23:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20331 (0x4f6b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 4 11:23:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0816D5DDE4549324DC01C9D3FDB0137CCBBF8637
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2e:6f:82:ec:c1:21:18:e2:9f:ef:01:56:cf:
05:7d:91:ca:46:95:16:fc:2c:eb:06:82:ed:b5:90:
e9:e6:1a:fb:20:0a:5f:bb:54:69:e7:e5:5c:4d:e5:
eb:e3:b6:4c:bd:7e:7d:27:f3:90:0c:b7:ee:59:2b:
48:37:39:69:cd:ca:da:b0:6b:8f:e2:e7:49:99:0f:
de:f1:70:7b:9c:46:73:d3:dc:b9:1e:7d:49:38:6b:
4b:34:ac:09:5b:64:43:24:a9:45:df:25:77:81:44:
d4:2c:2f:14:a6:12:b8:24:15:36:34:2c:53:f3:79:
01:0a:18:86:12:f7:84:5e:3d:d3:3e:1a:38:8c:c2:
40:ee:a5:a8:1f:a7:82:dc:c7:ca:50:b6:dc:02:ba:
31:5d:c0:de:a8:fc:cb:3c:74:55:22:b3:fb:f1:34:
fe:a5:78:0f:db:b3:f6:16:ec:77:32:84:2f:7a:76:
27:9a:5a:56:7a:1b:6a:02:c2:fb:c5:7e:68:c1:aa:
19:e5:74:ed:02:30:59:ac:72:27:d4:ed:9e:79:51:
10:b2:7b:8e:1c:61:39:f9:4e:48:0d:73:7b:00:1b:
23:11:70:27:6b:77:fb:32:d0:de:d2:71:3e:c6:23:
00:2f:f9:88:0c:fe:61:f9:db:68:72:bd:21:d2:38:
8c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:16:D5:DD:E4:54:93:24:DC:01:C9:D3:FD:B0:13:7C:CB:BF:86:37
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/CBbV3eRUkyTcAcnT_bATfMu_hjc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
52:89:4f:c3:76:20:86:e3:99:5a:aa:b2:87:29:b5:4e:ea:b3:
07:07:94:39:a9:96:ed:07:76:6d:5a:c5:3e:8f:71:9c:55:e4:
d8:0a:c3:c2:06:91:52:23:b4:eb:3f:2f:d9:27:b1:0f:26:20:
ba:8b:aa:d8:22:95:90:17:90:0e:da:c4:d0:52:fa:c3:7b:84:
1d:4d:2b:93:3d:cb:c2:e2:fe:a0:8b:01:92:c9:4a:10:71:2b:
f0:88:43:51:63:a7:0f:86:71:fe:b0:b1:8d:2d:72:2f:11:59:
0c:f8:af:9c:1d:2b:a7:e9:2e:2e:5e:e9:d4:19:24:ed:1b:2d:
2b:56:62:d0:5a:50:ec:8d:ea:5a:a8:8d:f5:90:8a:85:0e:a9:
45:64:0f:9c:78:72:18:33:33:cc:49:61:1a:8a:a5:ed:b3:b7:
49:37:d7:68:1c:fe:ad:a8:67:bd:99:c3:6e:b5:f5:2e:4d:93:
c7:9f:8c:24:e6:99:36:86:02:16:a4:37:7d:78:7c:c3:c5:43:
0f:f3:f1:4e:53:f3:82:73:fe:62:52:9c:12:93:a2:d0:3d:56:
a2:e3:b5:17:42:55:90:7e:49:06:4c:52:b0:51:e0:dd:7b:ce:
05:d9:aa:74:2f:27:18:64:a6:56:a4:7f:d0:00:76:92:b5:27:
1f:ac:74:a9
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICT2swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDQx
MTIzNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA4MTZENURERTQ1NDkz
MjREQzAxQzlEM0ZEQjAxMzdDQ0JCRjg2MzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzLm+C7MEhGOKf7wFWzwV9kcpGlRb8LOsGgu21kOnmGvsgCl+7
VGnn5VxN5evjtky9fn0n85AMt+5ZK0g3OWnNytqwa4/i50mZD97xcHucRnPT3Lke
fUk4a0s0rAlbZEMkqUXfJXeBRNQsLxSmErgkFTY0LFPzeQEKGIYS94RePdM+GjiM
wkDupagfp4Lcx8pQttwCujFdwN6o/Ms8dFUis/vxNP6leA/bs/YW7HcyhC96diea
WlZ6G2oCwvvFfmjBqhnldO0CMFmscifU7Z55URCye44cYTn5TkgNc3sAGyMRcCdr
d/sy0N7ScT7GIwAv+YgM/mH522hyvSHSOIxrAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUCBbV3eRUkyTcAcnT/bATfMu/hjcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0NCYlYzZVJVa3lUY0Fj
blRfYkFUZk11X2hqYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFKJT8N2IIbjmVqqsocptU7qswcHlDmp
lu0Hdm1axT6PcZxV5NgKw8IGkVIjtOs/L9knsQ8mILqLqtgilZAXkA7axNBS+sN7
hB1NK5M9y8Li/qCLAZLJShBxK/CIQ1Fjpw+Gcf6wsY0tci8RWQz4r5wdK6fpLi5e
6dQZJO0bLStWYtBaUOyN6lqojfWQioUOqUVkD5x4chgzM8xJYRqKpe2zt0k312gc
/q2oZ72Zw2619S5Nk8efjCTmmTaGAhakN314fMPFQw/z8U5T84Jz/mJSnBKTotA9
VqLjtRdCVZB+SQZMUrBR4N17zgXZqnQvJxhkplakf9AAdpK1Jx+sdKk=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:27:14 2025 by rpki-client