Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/CqW4cmjgKEth937WOznIDBaVyKA.roa
File: CqW4cmjgKEth937WOznIDBaVyKA.roa (raw, json)
Hash identifier: 9j4RHCrEj6Yk/oZIkGEgSQTGx7sRjgW7iMOo1jutHsM=
Subject key identifier: 0A:A5:B8:72:68:E0:28:4B:61:F7:7E:D6:3B:39:C8:0C:16:95:C8:A0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3333
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/CqW4cmjgKEth937WOznIDBaVyKA.roa
Signing time: Wed 27 Mar 2024 20:22:02 +0000
ROA not before: Wed 27 Mar 2024 20:22:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13107 (0x3333)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 27 20:22:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0AA5B87268E0284B61F77ED63B39C80C1695C8A0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d0:91:5b:47:bc:b5:9e:60:03:85:ef:99:1a:
86:7c:92:5d:a8:34:d8:a0:7c:2b:29:f3:69:18:c6:
b0:39:84:98:de:29:bf:5c:11:de:23:b7:b9:51:c4:
37:98:67:c2:eb:3b:f9:da:79:de:b0:e3:2f:a5:36:
4b:37:17:b7:96:65:16:0b:6a:fc:92:e3:b1:a1:06:
a5:44:b2:3d:30:2d:95:08:13:f5:81:1f:5e:61:26:
c1:67:2d:c6:11:6b:e1:d4:46:b1:43:79:e1:de:e7:
bc:b1:6b:4c:07:11:29:9f:2d:55:f5:a2:85:0b:b9:
39:b3:22:42:9f:61:e8:17:8e:09:17:73:12:5c:29:
d4:6a:02:da:2b:cc:b0:77:bc:f4:29:c6:8d:6f:5a:
8a:36:6d:41:81:b8:68:c0:35:ed:a8:1b:ba:23:20:
60:87:06:ac:f2:c3:64:82:3d:a0:d7:36:ff:bc:6d:
52:39:17:20:ca:45:39:e7:58:aa:5f:e2:3a:08:5f:
6b:16:27:5c:ca:4a:77:ee:85:ef:35:62:05:6c:30:
b3:24:b8:da:38:0c:ed:61:7e:7d:3c:aa:cf:e6:fa:
48:ee:bf:6a:91:c0:c4:64:5e:45:f5:c9:47:ce:e3:
ee:57:c5:8d:94:6c:89:02:b1:f2:d8:c5:89:a0:d9:
c7:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:A5:B8:72:68:E0:28:4B:61:F7:7E:D6:3B:39:C8:0C:16:95:C8:A0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/CqW4cmjgKEth937WOznIDBaVyKA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
05:a4:e6:c5:f9:1e:86:b5:39:1d:5e:c9:05:53:63:dd:17:e1:
93:cc:3e:fa:26:a1:a9:57:f8:dc:d4:eb:d1:18:45:6f:53:5f:
7c:d8:16:db:96:44:0d:d2:8d:99:33:12:9a:a6:3d:fd:ba:e5:
0c:03:e6:56:e1:f6:39:2d:96:f2:51:3b:df:bb:16:3d:f1:3d:
a7:4a:ac:5d:80:3b:54:06:3a:85:9a:ab:4b:1f:57:ae:3e:70:
1d:13:95:50:f6:cb:03:bc:0f:61:ca:b8:0d:df:56:c1:5a:e8:
0b:b4:c9:b7:50:b0:df:77:85:19:0a:1e:e6:39:92:26:57:80:
2f:f3:81:ef:5a:e9:c6:34:82:f6:50:92:13:e2:a4:8b:e6:eb:
56:a5:39:56:39:be:13:22:f9:bf:6e:1c:14:29:c3:0f:1d:ab:
d2:0a:6f:df:a9:3c:3a:a8:9b:3e:7f:dc:bf:ea:1f:37:e2:8a:
06:99:8c:38:40:99:fe:3b:d4:5a:1c:bd:89:d4:13:6d:85:64:
b5:7d:25:32:20:b7:9b:55:ed:d0:fd:f9:a9:6d:db:d5:05:0e:
2c:a5:db:b2:31:10:50:e6:b5:0c:e9:bb:91:3b:ab:f7:f7:df:
59:00:e7:dd:e3:72:c8:24:97:35:84:ec:ab:62:eb:f7:a3:c6:
80:22:00:d5
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICMzMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjcy
MDIyMDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBBQTVCODcyNjhFMDI4
NEI2MUY3N0VENjNCMzlDODBDMTY5NUM4QTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJ0JFbR7y1nmADhe+ZGoZ8kl2oNNigfCsp82kYxrA5hJjeKb9c
Ed4jt7lRxDeYZ8LrO/naed6w4y+lNks3F7eWZRYLavyS47GhBqVEsj0wLZUIE/WB
H15hJsFnLcYRa+HURrFDeeHe57yxa0wHESmfLVX1ooULuTmzIkKfYegXjgkXcxJc
KdRqAtorzLB3vPQpxo1vWoo2bUGBuGjANe2oG7ojIGCHBqzyw2SCPaDXNv+8bVI5
FyDKRTnnWKpf4joIX2sWJ1zKSnfuhe81YgVsMLMkuNo4DO1hfn08qs/m+kjuv2qR
wMRkXkX1yUfO4+5XxY2UbIkCsfLYxYmg2cfJAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUCqW4cmjgKEth937WOznIDBaVyKAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0NxVzRjbWpnS0V0aDkz
N1dPem5JREJhVnlLQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAAWk5sX5Hoa1OR1eyQVTY90X4ZPMPvom
oalX+NzU69EYRW9TX3zYFtuWRA3SjZkzEpqmPf265QwD5lbh9jktlvJRO9+7Fj3x
PadKrF2AO1QGOoWaq0sfV64+cB0TlVD2ywO8D2HKuA3fVsFa6Au0ybdQsN93hRkK
HuY5kiZXgC/zge9a6cY0gvZQkhPipIvm61alOVY5vhMi+b9uHBQpww8dq9IKb9+p
PDqomz5/3L/qHzfiigaZjDhAmf471FocvYnUE22FZLV9JTIgt5tV7dD9+alt29UF
Diyl27IxEFDmtQzpu5E7q/f331kA593jcsgklzWE7Kti6/ejxoAiANU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:56:00 2025 by rpki-client