Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/FCtZOdX8j-GTOapRNwglHwFGANI.roa
File: FCtZOdX8j-GTOapRNwglHwFGANI.roa (raw, json)
Hash identifier: SqH9UxejceNo1khON+fVXg+UQJreQlgZrNvn6E0P7vU=
Subject key identifier: 14:2B:59:39:D5:FC:8F:E1:93:39:AA:51:37:08:25:1F:01:46:00:D2
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 539F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/FCtZOdX8j-GTOapRNwglHwFGANI.roa
Signing time: Fri 10 May 2024 01:54:02 +0000
ROA not before: Fri 10 May 2024 01:54:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21407 (0x539f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 10 01:54:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=142B5939D5FC8FE19339AA513708251F014600D2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:1c:03:85:3b:e8:7e:ac:2f:e8:ef:9d:e9:05:
a7:0d:cb:2a:bb:c5:61:e0:a3:47:9b:93:cc:ab:93:
4a:18:07:6b:a7:cf:e6:15:5b:ea:34:f2:2f:86:6a:
e0:02:2f:ee:f3:f7:d7:9b:41:55:60:fa:10:27:c6:
55:f7:a8:99:4a:b1:b1:87:a9:1c:fe:d7:9b:99:57:
79:b1:99:d7:8d:96:9e:22:bf:9d:81:4e:33:0c:4a:
6c:73:3f:05:f4:11:5a:04:76:e0:8c:9b:d3:87:37:
5a:2b:d4:7c:a0:f1:53:40:d5:76:20:32:af:5b:b0:
f4:90:ea:d1:c7:00:36:96:67:68:2c:e9:5c:fe:aa:
f7:5c:4b:97:5b:c5:fb:73:3e:17:3c:fb:46:89:f4:
1b:d0:6c:c7:79:f8:ba:23:ad:26:81:54:5b:1e:10:
0e:22:be:22:9b:93:b3:b0:22:09:7e:09:c2:47:98:
a0:36:c3:c2:a1:01:7d:66:cd:04:d9:de:8c:e3:2d:
c2:96:05:bc:93:c8:7d:8a:61:a5:ab:b3:0d:dd:f1:
52:7a:0f:66:68:76:37:6a:d3:fe:15:45:44:2b:b9:
86:04:42:2b:56:06:62:f1:8d:5c:8b:da:a7:b1:d7:
7e:d8:18:47:e2:e6:da:a6:ae:ab:d5:8b:e5:0c:2c:
e8:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:2B:59:39:D5:FC:8F:E1:93:39:AA:51:37:08:25:1F:01:46:00:D2
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/FCtZOdX8j-GTOapRNwglHwFGANI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
6b:df:40:89:ea:fa:7c:d4:8d:30:74:fe:d0:67:12:ac:f6:62:
d9:a1:f8:8b:67:c0:4a:5f:ff:e8:c5:3e:c1:e6:36:27:59:14:
2b:1b:8d:b2:ff:5d:89:71:65:8e:77:88:cd:a0:33:4c:21:70:
55:be:7e:79:09:38:73:b8:a0:96:e1:0d:a0:81:5b:45:29:70:
cb:25:83:95:93:d6:38:9d:1a:a3:21:0b:90:69:00:5d:f9:7b:
aa:53:59:7f:fc:97:1c:bc:de:56:64:00:db:e5:b6:40:65:34:
3c:1e:b2:53:dc:38:1f:21:c9:dc:a3:b4:1d:c6:31:80:9a:97:
29:6f:1e:bf:67:86:31:3b:f4:90:ff:cb:cb:3c:82:49:ad:b4:
65:1b:b7:08:cf:af:bc:15:2b:8f:75:a7:5a:2e:0b:e0:90:f2:
73:9f:f1:57:6d:16:7a:d7:08:bd:f7:33:f1:bd:a4:99:b3:8f:
43:58:ba:30:f4:94:1c:6a:83:e7:ea:db:f8:fe:9d:84:be:79:
a9:62:f5:07:ea:6f:c3:a1:1e:b3:63:ae:07:ad:eb:14:33:70:
c3:fd:ae:79:5e:0d:5d:b8:b5:f2:29:b2:80:c7:c7:97:d2:aa:
b3:6b:55:7c:d8:a3:25:0d:f1:85:1e:bf:5e:80:a2:34:07:08:
52:f8:ab:8e
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICU58wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTAw
MTU0MDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE0MkI1OTM5RDVGQzhG
RTE5MzM5QUE1MTM3MDgyNTFGMDE0NjAwRDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCbHAOFO+h+rC/o753pBacNyyq7xWHgo0ebk8yrk0oYB2unz+YV
W+o08i+GauACL+7z99ebQVVg+hAnxlX3qJlKsbGHqRz+15uZV3mxmdeNlp4iv52B
TjMMSmxzPwX0EVoEduCMm9OHN1or1Hyg8VNA1XYgMq9bsPSQ6tHHADaWZ2gs6Vz+
qvdcS5dbxftzPhc8+0aJ9BvQbMd5+LojrSaBVFseEA4iviKbk7OwIgl+CcJHmKA2
w8KhAX1mzQTZ3ozjLcKWBbyTyH2KYaWrsw3d8VJ6D2Zodjdq0/4VRUQruYYEQitW
BmLxjVyL2qex137YGEfi5tqmrqvVi+UMLOjNAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUFCtZOdX8j+GTOapRNwglHwFGANIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0ZDdFpPZFg4ai1HVE9h
cFJOd2dsSHdGR0FOSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAGvfQInq+nzUjTB0/tBnEqz2Ytmh+Itn
wEpf/+jFPsHmNidZFCsbjbL/XYlxZY53iM2gM0whcFW+fnkJOHO4oJbhDaCBW0Up
cMslg5WT1jidGqMhC5BpAF35e6pTWX/8lxy83lZkANvltkBlNDweslPcOB8hydyj
tB3GMYCalylvHr9nhjE79JD/y8s8gkmttGUbtwjPr7wVK491p1ouC+CQ8nOf8Vdt
FnrXCL33M/G9pJmzj0NYujD0lBxqg+fq2/j+nYS+eali9Qfqb8OhHrNjrget6xQz
cMP9rnleDV24tfIpsoDHx5fSqrNrVXzYoyUN8YUev16AojQHCFL4q44=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:32:38 2025 by rpki-client