Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Cjz3tLPF5d7BDfS2gCKgRPpmGtg.roa
File: Cjz3tLPF5d7BDfS2gCKgRPpmGtg.roa (raw, json)
Hash identifier: l2FkSU+v+x6DiaSgZXtX6Ze6tYavhbsWwF/ze3xaR5A=
Subject key identifier: 0A:3C:F7:B4:B3:C5:E5:DE:C1:0D:F4:B6:80:22:A0:44:FA:66:1A:D8
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3B87
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Cjz3tLPF5d7BDfS2gCKgRPpmGtg.roa
Signing time: Sun 07 Apr 2024 22:52:34 +0000
ROA not before: Sun 07 Apr 2024 22:52:34 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15239 (0x3b87)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 7 22:52:34 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0A3CF7B4B3C5E5DEC10DF4B68022A044FA661AD8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:35:6a:0d:6d:58:78:a2:9e:1c:9d:60:48:03:
66:2e:6b:17:aa:11:ed:f6:ae:98:f6:86:94:fa:f6:
f7:60:24:28:fd:78:52:65:f3:49:3c:83:a5:92:58:
a0:45:a5:f5:39:07:8d:95:a5:f8:37:f1:d1:55:e5:
7d:2f:ef:da:31:fa:30:e4:04:3c:ab:60:15:a8:ce:
df:44:b1:d6:c4:60:f0:59:cd:4f:17:66:f2:cc:5f:
84:e8:5d:0b:b3:86:de:46:f5:d5:fc:76:95:2b:61:
df:ba:97:38:57:54:ae:9d:7b:6c:6d:ec:92:ac:3e:
81:7d:9e:cb:74:68:d5:ef:2f:93:32:17:71:0a:2f:
cf:33:7f:b1:67:23:05:26:f6:6c:1d:84:1d:39:c2:
a6:29:67:92:0b:72:39:77:80:05:7d:ff:98:80:fe:
17:bb:9b:c1:09:29:32:7c:4c:a7:09:d3:d9:54:f3:
44:47:58:e2:fd:30:47:d9:c3:07:0c:e1:a8:03:a4:
b6:62:da:fa:8f:ff:b0:28:d3:08:18:49:bf:e8:2b:
99:fe:94:2b:d1:63:fa:28:98:ce:78:b8:8c:11:11:
88:35:40:63:95:32:29:d9:f7:20:98:aa:de:7d:af:
ac:7f:3e:f8:22:53:69:fc:58:eb:23:62:1e:87:7c:
d0:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:3C:F7:B4:B3:C5:E5:DE:C1:0D:F4:B6:80:22:A0:44:FA:66:1A:D8
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Cjz3tLPF5d7BDfS2gCKgRPpmGtg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
73:d8:db:8d:9a:77:d7:12:0f:67:7e:b6:c1:ce:6a:c7:e6:b8:
86:61:b5:81:3f:0f:80:d4:d0:93:c6:17:42:4d:a0:4d:62:b3:
14:e3:a7:32:e5:e9:27:a5:57:a2:da:90:76:83:0f:74:0a:b6:
ac:41:2c:38:5b:84:ed:95:2e:a6:77:e4:36:29:16:b6:32:5a:
a7:a8:51:43:fd:08:13:44:25:53:1b:6c:e2:13:e0:90:d1:59:
55:0b:b2:df:9e:8b:dd:5a:59:ed:bc:d3:b6:48:3a:6e:12:1a:
c1:85:a5:ee:e8:59:23:b5:55:ff:db:81:4e:bc:33:89:e2:82:
8e:44:30:0a:44:0c:13:80:a8:a4:7e:fd:6f:f5:90:55:dd:48:
d1:3f:75:8b:28:76:2e:82:8a:d0:0d:d5:53:53:97:84:ca:ac:
ea:2d:1a:e4:37:e8:b6:ce:7a:23:2e:24:9c:3e:ea:8a:2c:a8:
a6:83:1a:77:2e:36:fe:66:d9:be:0a:c7:2c:41:7a:74:bf:26:
38:bf:c6:4f:28:d1:c8:67:6b:34:52:af:55:6c:66:70:33:ec:
27:dc:7b:cb:e4:cf:6f:e3:26:34:fb:d1:8a:ef:eb:15:e7:ed:
e4:e8:d9:59:bd:34:68:91:f5:5a:fb:f7:e3:ac:40:9e:25:e8:
ab:77:5e:b7
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICO4cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDcy
MjUyMzRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBBM0NGN0I0QjNDNUU1
REVDMTBERjRCNjgwMjJBMDQ0RkE2NjFBRDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvNWoNbVh4op4cnWBIA2YuaxeqEe32rpj2hpT69vdgJCj9eFJl
80k8g6WSWKBFpfU5B42Vpfg38dFV5X0v79ox+jDkBDyrYBWozt9EsdbEYPBZzU8X
ZvLMX4ToXQuzht5G9dX8dpUrYd+6lzhXVK6de2xt7JKsPoF9nst0aNXvL5MyF3EK
L88zf7FnIwUm9mwdhB05wqYpZ5ILcjl3gAV9/5iA/he7m8EJKTJ8TKcJ09lU80RH
WOL9MEfZwwcM4agDpLZi2vqP/7Ao0wgYSb/oK5n+lCvRY/oomM54uIwREYg1QGOV
MinZ9yCYqt59r6x/PvgiU2n8WOsjYh6HfNArAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUCjz3tLPF5d7BDfS2gCKgRPpmGtgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0NqejN0TFBGNWQ3QkRm
UzJnQ0tnUlBwbUd0Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAHPY242ad9cSD2d+tsHOasfmuIZhtYE/
D4DU0JPGF0JNoE1isxTjpzLl6SelV6LakHaDD3QKtqxBLDhbhO2VLqZ35DYpFrYy
WqeoUUP9CBNEJVMbbOIT4JDRWVULst+ei91aWe2807ZIOm4SGsGFpe7oWSO1Vf/b
gU68M4nigo5EMApEDBOAqKR+/W/1kFXdSNE/dYsodi6CitAN1VNTl4TKrOotGuQ3
6LbOeiMuJJw+6oosqKaDGncuNv5m2b4KxyxBenS/Jji/xk8o0chnazRSr1VsZnAz
7Cfce8vkz2/jJjT70Yrv6xXn7eTo2Vm9NGiR9Vr79+OsQJ4l6Kt3Xrc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:21:58 2025 by rpki-client