Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/CHYJXpL2QEuC1J4Qrb8R7gjy35o.roa
File: CHYJXpL2QEuC1J4Qrb8R7gjy35o.roa (raw, json)
Hash identifier: G4cDwrkPbJoqOSIhE+9pweh23BBM4sPVVF+0k0xUog0=
Subject key identifier: 08:76:09:5E:92:F6:40:4B:82:D4:9E:10:AD:BF:11:EE:08:F2:DF:9A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4AC7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/CHYJXpL2QEuC1J4Qrb8R7gjy35o.roa
Signing time: Sun 28 Apr 2024 06:53:26 +0000
ROA not before: Sun 28 Apr 2024 06:53:26 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19143 (0x4ac7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 28 06:53:26 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0876095E92F6404B82D49E10ADBF11EE08F2DF9A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:9e:78:6e:92:39:09:ff:0c:84:80:ce:ac:37:
e5:b9:6d:ed:14:52:d3:a3:d3:d6:77:40:dc:a4:84:
16:c9:42:e1:e0:56:8d:84:43:f4:c2:fd:49:d1:de:
3a:d8:00:a3:d3:de:a7:df:bc:37:40:e8:78:a2:b3:
db:10:02:df:42:d0:32:62:39:79:13:5c:36:69:d0:
75:fc:81:8c:11:cd:84:8b:56:b5:56:0d:90:92:4d:
30:10:2f:a0:16:af:5c:5e:50:60:13:a2:d7:b5:35:
c7:4d:b2:37:ba:ad:42:40:d8:a3:5b:25:6e:00:b9:
4c:ec:ea:e7:8e:13:6a:f9:02:f9:81:c1:6c:75:05:
1f:75:37:ff:da:d3:e1:cf:f1:9f:56:0a:6d:d5:62:
c1:d9:6d:e9:20:72:2b:92:e2:b2:b2:db:79:18:cb:
bd:4c:e6:d3:6f:d4:a2:96:ae:76:26:15:f6:c6:eb:
d6:32:d8:3f:f0:80:3b:ca:a1:91:3f:9b:e2:32:16:
cc:f2:c2:62:56:f1:4f:29:5c:15:8b:f7:1f:b7:b4:
57:f1:ff:a4:ae:f0:26:41:7d:4d:2a:63:7d:cb:da:
3d:5c:fb:fd:c2:09:e7:b3:4f:92:f2:56:94:1a:f1:
e9:f8:ec:54:f8:8b:e4:23:be:f3:90:19:64:32:81:
52:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:76:09:5E:92:F6:40:4B:82:D4:9E:10:AD:BF:11:EE:08:F2:DF:9A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/CHYJXpL2QEuC1J4Qrb8R7gjy35o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
96:0f:e2:76:6a:f6:35:91:af:be:66:a5:4e:75:b0:63:72:c3:
5b:7d:46:ad:06:23:7c:79:8a:dd:8e:45:81:5f:29:a7:c7:9e:
ed:93:fc:03:98:0d:62:a2:df:22:39:e8:9c:7d:64:78:be:9b:
bf:df:29:95:55:b4:9c:c8:49:df:2a:aa:32:ed:dd:87:a7:d7:
98:be:af:72:94:e4:80:0c:e1:66:c4:e8:c4:a8:48:a4:14:73:
3e:84:93:2d:d3:fe:2f:4d:ca:bb:75:f4:eb:03:e8:a5:b2:33:
ff:60:89:ac:f9:d1:b4:14:dc:c9:7d:fa:f9:31:f8:a3:66:1f:
0e:db:d5:5e:da:df:66:0d:22:8b:37:64:50:7e:42:6c:d2:ca:
fe:97:f8:65:a1:c3:21:1b:70:8a:ad:37:6b:e7:70:9c:16:6a:
f6:b8:2c:21:c5:1d:28:d0:b2:8b:22:a4:80:39:8b:1b:af:37:
32:68:1c:45:5b:33:7b:35:06:f8:01:d0:65:c1:4f:90:e7:1c:
c1:a9:92:59:31:0a:fc:17:45:e8:b1:49:5f:b5:68:09:02:17:
4b:e0:eb:d8:e5:e9:55:78:f2:b1:db:0d:2c:17:0b:d1:f9:5a:
e3:25:27:b0:7a:21:d1:9b:31:7e:e4:44:a0:fb:29:1c:36:fa:
47:59:a1:7c
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICSscwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjgw
NjUzMjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA4NzYwOTVFOTJGNjQw
NEI4MkQ0OUUxMEFEQkYxMUVFMDhGMkRGOUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbnnhukjkJ/wyEgM6sN+W5be0UUtOj09Z3QNykhBbJQuHgVo2E
Q/TC/UnR3jrYAKPT3qffvDdA6Hiis9sQAt9C0DJiOXkTXDZp0HX8gYwRzYSLVrVW
DZCSTTAQL6AWr1xeUGATote1NcdNsje6rUJA2KNbJW4AuUzs6ueOE2r5AvmBwWx1
BR91N//a0+HP8Z9WCm3VYsHZbekgciuS4rKy23kYy71M5tNv1KKWrnYmFfbG69Yy
2D/wgDvKoZE/m+IyFszywmJW8U8pXBWL9x+3tFfx/6Su8CZBfU0qY33L2j1c+/3C
CeezT5LyVpQa8en47FT4i+QjvvOQGWQygVJhAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUCHYJXpL2QEuC1J4Qrb8R7gjy35owHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0NIWUpYcEwyUUV1QzFK
NFFyYjhSN2dqeTM1by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAJYP4nZq9jWRr75mpU51sGNyw1t9Rq0G
I3x5it2ORYFfKafHnu2T/AOYDWKi3yI56Jx9ZHi+m7/fKZVVtJzISd8qqjLt3Yen
15i+r3KU5IAM4WbE6MSoSKQUcz6Eky3T/i9Nyrt19OsD6KWyM/9giaz50bQU3Ml9
+vkx+KNmHw7b1V7a32YNIos3ZFB+QmzSyv6X+GWhwyEbcIqtN2vncJwWava4LCHF
HSjQsosipIA5ixuvNzJoHEVbM3s1BvgB0GXBT5DnHMGpklkxCvwXReixSV+1aAkC
F0vg69jl6VV48rHbDSwXC9H5WuMlJ7B6IdGbMX7kRKD7KRw2+kdZoXw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:44:20 2025 by rpki-client