Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/DkcBz5BUltQnqI46KbhW5Tb5Ugw.roa
File: DkcBz5BUltQnqI46KbhW5Tb5Ugw.roa (raw, json)
Hash identifier: 5ijJhCFesHZ2qsBbiyFyB0XQG0+bhQ6K5LqlBu5L23s=
Subject key identifier: 0E:47:01:CF:90:54:96:D4:27:A8:8E:3A:29:B8:56:E5:36:F9:52:0C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3C17
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/DkcBz5BUltQnqI46KbhW5Tb5Ugw.roa
Signing time: Mon 08 Apr 2024 16:52:34 +0000
ROA not before: Mon 08 Apr 2024 16:52:34 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15383 (0x3c17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 8 16:52:34 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0E4701CF905496D427A88E3A29B856E536F9520C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b5:c6:b5:bf:30:8d:1e:d7:04:8a:ec:0f:d4:
1a:6a:a0:da:df:9d:36:50:da:05:82:e6:3b:df:ab:
11:9b:e3:ba:7a:63:8b:42:41:e3:8f:ab:99:af:96:
e8:dd:e2:9a:e3:b2:ce:db:ee:56:90:a5:f2:bb:42:
b1:2e:60:c6:6f:b6:e0:7a:24:81:ed:f6:c1:b2:2b:
36:a0:5c:7c:ec:29:3f:17:b1:bf:e7:0b:16:cd:d3:
ac:8f:8e:9f:1d:d2:df:84:61:63:dd:15:61:2a:50:
09:1c:7f:a7:f5:8e:b6:33:e3:9a:95:e1:36:1c:8b:
57:46:7c:9e:42:73:67:5b:54:d7:8d:31:bf:c3:36:
88:ce:2d:77:b3:bd:d1:9a:80:0e:c9:bb:ec:3e:2c:
49:47:56:3c:18:8a:95:1c:55:52:41:66:5c:9d:ce:
50:47:9c:ef:bb:ff:d1:d1:d0:c3:4b:90:39:0b:e3:
a5:8e:c7:9e:9c:39:94:eb:1a:a1:4b:32:a2:18:68:
07:13:6a:e7:0f:63:5d:44:f6:a2:11:a6:3e:38:54:
db:88:9b:11:50:fa:cf:49:d2:b2:1b:ff:71:8a:e3:
ed:35:0a:d9:11:cf:02:77:04:3a:92:fd:c7:97:e6:
14:2a:1f:9b:c5:b1:fa:50:56:6d:b8:e6:ca:0e:fb:
51:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:47:01:CF:90:54:96:D4:27:A8:8E:3A:29:B8:56:E5:36:F9:52:0C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/DkcBz5BUltQnqI46KbhW5Tb5Ugw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
5d:40:1a:c6:dc:57:2e:b9:f3:6a:39:aa:e2:67:17:82:90:cd:
91:25:c2:9b:ba:c7:2b:c8:06:07:a6:99:fc:38:ed:48:b3:69:
6c:47:37:c6:4b:e2:18:c9:43:e0:4a:6e:9b:8a:14:ee:22:47:
51:ba:da:a9:0c:1d:3e:0b:33:0a:1f:5b:d2:09:91:31:f4:61:
05:b6:8e:db:1e:0d:cb:a3:68:6b:75:1d:3f:d2:d8:b7:98:b7:
4a:3d:e2:d5:cc:9b:7d:fe:bf:9b:eb:4c:6d:d6:16:55:be:a1:
6d:31:fe:57:26:4f:47:27:d8:f7:c2:b8:23:4a:7d:6f:cd:bc:
79:fa:2a:14:3f:b7:fa:a6:de:a6:ce:2d:f3:dd:f1:a4:ce:2d:
73:e8:d1:d9:83:e6:9b:e3:27:ef:96:6c:05:ec:f0:1e:6c:ed:
b3:0a:36:3e:8a:60:05:67:d5:82:cf:74:86:54:3c:ab:02:06:
25:78:b3:73:d1:ff:f6:40:0d:66:e7:2d:9e:31:06:f2:e7:39:
26:57:65:4c:48:d8:13:ea:89:a7:54:d2:19:39:16:03:1b:6d:
86:32:b1:13:7d:d9:57:2c:d2:bd:e2:7f:42:2d:a4:21:7a:4b:
bc:47:42:db:37:d6:bc:a2:fe:01:23:b6:4b:b5:84:99:09:db:
a4:71:d4:c1
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPBcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDgx
NjUyMzRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBFNDcwMUNGOTA1NDk2
RDQyN0E4OEUzQTI5Qjg1NkU1MzZGOTUyMEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDItca1vzCNHtcEiuwP1BpqoNrfnTZQ2gWC5jvfqxGb47p6Y4tC
QeOPq5mvlujd4prjss7b7laQpfK7QrEuYMZvtuB6JIHt9sGyKzagXHzsKT8Xsb/n
CxbN06yPjp8d0t+EYWPdFWEqUAkcf6f1jrYz45qV4TYci1dGfJ5Cc2dbVNeNMb/D
NojOLXezvdGagA7Ju+w+LElHVjwYipUcVVJBZlydzlBHnO+7/9HR0MNLkDkL46WO
x56cOZTrGqFLMqIYaAcTaucPY11E9qIRpj44VNuImxFQ+s9J0rIb/3GK4+01CtkR
zwJ3BDqS/ceX5hQqH5vFsfpQVm245soO+1E9AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUDkcBz5BUltQnqI46KbhW5Tb5UgwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0RrY0J6NUJVbHRRbnFJ
NDZLYmhXNVRiNVVndy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAF1AGsbcVy6582o5quJnF4KQzZElwpu6
xyvIBgemmfw47UizaWxHN8ZL4hjJQ+BKbpuKFO4iR1G62qkMHT4LMwofW9IJkTH0
YQW2jtseDcujaGt1HT/S2LeYt0o94tXMm33+v5vrTG3WFlW+oW0x/lcmT0cn2PfC
uCNKfW/NvHn6KhQ/t/qm3qbOLfPd8aTOLXPo0dmD5pvjJ++WbAXs8B5s7bMKNj6K
YAVn1YLPdIZUPKsCBiV4s3PR//ZADWbnLZ4xBvLnOSZXZUxI2BPqiadU0hk5FgMb
bYYysRN92Vcs0r3if0ItpCF6S7xHQts31ryi/gEjtku1hJkJ26Rx1ME=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:52 2025 by rpki-client