Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/EBGZmE2tvJU69Nomnkaawtz9xG0.roa
File: EBGZmE2tvJU69Nomnkaawtz9xG0.roa (raw, json)
Hash identifier: DwYhrjEG8SlXfhieeWssYbscoGKaa+TBrQe8dLe4Dgk=
Subject key identifier: 10:11:99:98:4D:AD:BC:95:3A:F4:DA:26:9E:46:9A:C2:DC:FD:C4:6D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5207
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/EBGZmE2tvJU69Nomnkaawtz9xG0.roa
Signing time: Tue 07 May 2024 22:54:04 +0000
ROA not before: Tue 07 May 2024 22:54:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20999 (0x5207)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 7 22:54:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=101199984DADBC953AF4DA269E469AC2DCFDC46D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:be:5b:14:fc:9c:5c:49:6c:e6:c7:6f:6b:f2:
f2:52:5f:c5:2f:78:bd:ed:15:4c:fb:5f:11:6d:61:
5e:da:d9:69:08:36:18:8a:ce:97:4c:be:0f:5a:65:
96:f8:24:f9:20:d0:5c:78:67:ce:4b:a6:5b:ed:d0:
5e:5e:a2:77:a1:26:64:64:cd:6c:a0:ad:f0:e9:42:
8c:89:87:3b:48:41:7c:c3:62:ec:73:56:4a:09:69:
2a:dd:4b:b4:29:0b:01:8b:da:cb:f3:d8:c9:9b:04:
1d:be:ba:b1:14:a0:1f:a9:ee:34:6c:87:cd:17:4e:
d9:1f:95:95:be:18:19:4c:1c:a1:15:a4:a5:83:24:
f7:ba:cc:09:c7:7b:81:55:fd:3b:bf:42:b8:c6:d0:
57:00:bb:ce:f4:fa:08:64:f8:8b:98:80:bf:79:80:
bc:c6:ae:c7:ea:eb:09:e2:73:a0:4a:b6:ef:13:53:
46:eb:71:61:56:d6:f2:66:06:16:f5:4d:99:52:77:
fa:51:7c:78:b2:0b:81:30:cf:56:b3:63:d8:e0:2c:
fc:3d:28:26:e3:e0:09:0a:95:73:4e:0c:cb:6c:1a:
a0:8b:27:a8:1d:e9:b1:25:92:da:8d:7b:13:a4:c6:
13:71:0a:51:9e:8a:76:0f:dd:86:0f:4a:fa:fa:a1:
97:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:11:99:98:4D:AD:BC:95:3A:F4:DA:26:9E:46:9A:C2:DC:FD:C4:6D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/EBGZmE2tvJU69Nomnkaawtz9xG0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
0a:8a:96:79:d5:95:cb:4a:71:69:b4:dc:8a:95:d0:ec:de:e6:
c3:2f:71:51:f1:0f:99:29:dd:e5:3b:3c:0f:da:6a:1d:5c:7d:
20:a0:b7:f7:8f:1b:21:0e:98:43:fb:d4:cd:5b:1f:bc:5d:2f:
7d:5e:8e:55:3d:6d:db:39:a3:dc:c2:e6:ce:c9:a7:1a:82:c3:
58:5e:61:2e:3a:e9:d9:8c:dc:b6:59:e0:34:2d:1b:c0:6a:7a:
90:e9:04:f2:aa:55:2e:30:a8:42:e2:87:b3:da:6c:2f:cf:0f:
3f:b0:b0:4e:3e:3c:1c:c6:b2:ad:ea:37:a6:84:fa:68:59:88:
df:78:7c:4d:cd:60:2f:cf:6c:cb:a3:28:73:1c:5f:d6:ec:b4:
0a:a0:73:a7:53:03:b0:b3:f1:56:33:51:e4:27:c0:01:b4:32:
d4:00:6a:60:e2:35:6a:12:4f:a0:94:9f:fe:8e:a9:23:b0:12:
5f:80:fb:b4:8f:3a:cc:aa:cc:dd:6d:a3:85:8b:7a:d4:35:29:
c6:b7:52:aa:a9:9d:6c:20:fa:25:98:a5:47:97:f8:38:07:4b:
8e:b5:d7:d9:6c:dc:71:1c:c9:09:03:df:31:71:9e:d8:8e:d6:
13:94:7f:3f:0f:03:42:d8:66:4b:e8:50:9a:0f:45:b4:5d:03:
b0:b0:e9:62
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICUgcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDcy
MjU0MDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDEwMTE5OTk4NERBREJD
OTUzQUY0REEyNjlFNDY5QUMyRENGREM0NkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjvlsU/JxcSWzmx29r8vJSX8UveL3tFUz7XxFtYV7a2WkINhiK
zpdMvg9aZZb4JPkg0Fx4Z85Lplvt0F5eonehJmRkzWygrfDpQoyJhztIQXzDYuxz
VkoJaSrdS7QpCwGL2svz2MmbBB2+urEUoB+p7jRsh80XTtkflZW+GBlMHKEVpKWD
JPe6zAnHe4FV/Tu/QrjG0FcAu870+ghk+IuYgL95gLzGrsfq6wnic6BKtu8TU0br
cWFW1vJmBhb1TZlSd/pRfHiyC4Ewz1azY9jgLPw9KCbj4AkKlXNODMtsGqCLJ6gd
6bElktqNexOkxhNxClGeinYP3YYPSvr6oZe9AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUEBGZmE2tvJU69Nomnkaawtz9xG0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0VCR1ptRTJ0dkpVNjlO
b21ua2Fhd3R6OXhHMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAAqKlnnVlctKcWm03IqV0Oze5sMvcVHx
D5kp3eU7PA/aah1cfSCgt/ePGyEOmEP71M1bH7xdL31ejlU9bds5o9zC5s7JpxqC
w1heYS466dmM3LZZ4DQtG8BqepDpBPKqVS4wqELih7PabC/PDz+wsE4+PBzGsq3q
N6aE+mhZiN94fE3NYC/PbMujKHMcX9bstAqgc6dTA7Cz8VYzUeQnwAG0MtQAamDi
NWoST6CUn/6OqSOwEl+A+7SPOsyqzN1to4WLetQ1Kca3UqqpnWwg+iWYpUeX+DgH
S46119ls3HEcyQkD3zFxntiO1hOUfz8PA0LYZkvoUJoPRbRdA7Cw6WI=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:34:41 2025 by rpki-client