Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/FQxQW97BINz6YcE54Nw5LY5d1Lk.roa
File: FQxQW97BINz6YcE54Nw5LY5d1Lk.roa (raw, json)
Hash identifier: Jj6DPBw62z20E/anUKZCPxE+eD5C7ptLiSeHgYAjyKQ=
Subject key identifier: 15:0C:50:5B:DE:C1:20:DC:FA:61:C1:39:E0:DC:39:2D:8E:5D:D4:B9
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 449F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/FQxQW97BINz6YcE54Nw5LY5d1Lk.roa
Signing time: Sat 20 Apr 2024 01:53:09 +0000
ROA not before: Sat 20 Apr 2024 01:53:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17567 (0x449f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 01:53:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=150C505BDEC120DCFA61C139E0DC392D8E5DD4B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:dc:6b:85:c4:96:f3:27:b0:b2:7c:58:20:a5:
57:0f:36:8a:b5:a6:be:f1:5a:d3:de:1b:72:5f:cc:
b8:f7:e7:bb:aa:b0:17:05:63:6b:61:66:30:b6:00:
b4:dc:80:e8:d3:62:c6:db:53:1d:8a:b5:b6:6e:2e:
64:43:ee:04:ba:32:1b:77:4d:3b:e2:54:a0:ff:0a:
e0:eb:9a:99:1a:b2:db:ce:06:c4:04:39:37:b1:0a:
19:dc:8b:92:ae:a7:b8:f7:ad:7e:85:3a:1b:33:ae:
fe:62:f1:a3:c3:05:26:49:0a:d7:96:e4:ff:b5:cd:
9e:75:1b:aa:5c:52:97:33:3f:91:5a:92:40:0c:93:
43:0f:85:ca:40:6a:bc:b4:96:e9:db:54:38:f5:be:
c5:c8:d6:e4:b4:ff:44:12:9f:3a:e2:bf:75:af:96:
2a:47:fd:f2:68:04:85:a7:ae:1c:a6:01:1f:1d:e4:
dd:56:62:1e:52:57:92:4d:0f:73:49:21:a6:36:b6:
81:d9:8d:e4:39:1e:70:70:56:5a:9a:3f:92:de:58:
4d:46:de:cd:0d:88:1b:19:2f:13:a2:39:58:03:de:
25:41:8e:c5:26:5b:13:a7:87:31:d6:b5:ec:06:d0:
cf:61:61:cd:85:ee:f6:e8:98:00:ca:a6:7e:4c:f3:
c5:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:0C:50:5B:DE:C1:20:DC:FA:61:C1:39:E0:DC:39:2D:8E:5D:D4:B9
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/FQxQW97BINz6YcE54Nw5LY5d1Lk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
0e:38:2a:f0:5f:29:57:53:7a:24:66:44:34:dc:4c:46:2d:00:
80:9d:72:aa:5f:75:9c:00:31:da:9f:6e:87:71:ff:f2:c8:50:
f5:eb:71:75:c5:74:7b:4d:2e:bc:d8:c6:a7:f4:ce:89:79:df:
25:39:be:b1:45:6f:b0:ca:c1:76:5a:88:f7:25:da:8b:2b:10:
8b:ac:54:f1:d9:bc:fd:1f:3f:6e:ff:10:c7:03:a1:78:0c:7a:
8a:e7:0e:9e:31:6d:c0:cf:1d:37:ad:36:ff:bb:27:71:cc:a1:
da:f4:e4:03:79:d5:ab:d0:c8:27:e8:6b:31:8e:b6:fb:1b:00:
ba:c5:6e:3a:bf:48:f9:29:b4:c1:ee:f4:e2:79:49:cd:2b:6d:
fe:fa:d8:d5:07:4a:c7:f7:e3:56:86:d9:64:18:9a:17:95:f8:
b2:cf:88:66:95:41:4d:dc:3c:8c:ba:8e:1e:f1:d6:89:10:34:
bb:09:4c:1f:81:e6:4a:30:ed:6f:a9:36:1c:4f:51:5c:cf:54:
e0:24:cf:d3:99:03:1d:ea:96:9e:65:81:ff:d2:2a:71:13:fc:
fb:e8:44:cc:82:58:39:86:42:d7:8c:e8:c1:ba:ff:ad:c4:6e:
c6:57:f5:39:be:84:e3:22:72:27:b7:5f:c0:39:54:43:3a:89:
3b:f4:d7:4c
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICRJ8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAw
MTUzMDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE1MEM1MDVCREVDMTIw
RENGQTYxQzEzOUUwREMzOTJEOEU1REQ0QjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDK3GuFxJbzJ7CyfFggpVcPNoq1pr7xWtPeG3JfzLj357uqsBcF
Y2thZjC2ALTcgOjTYsbbUx2KtbZuLmRD7gS6Mht3TTviVKD/CuDrmpkastvOBsQE
OTexChnci5Kup7j3rX6FOhszrv5i8aPDBSZJCteW5P+1zZ51G6pcUpczP5FakkAM
k0MPhcpAary0lunbVDj1vsXI1uS0/0QSnzriv3WvlipH/fJoBIWnrhymAR8d5N1W
Yh5SV5JND3NJIaY2toHZjeQ5HnBwVlqaP5LeWE1G3s0NiBsZLxOiOVgD3iVBjsUm
WxOnhzHWtewG0M9hYc2F7vbomADKpn5M88WlAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUFQxQW97BINz6YcE54Nw5LY5d1LkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0ZReFFXOTdCSU56Nllj
RTU0Tnc1TFk1ZDFMay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAA44KvBfKVdTeiRmRDTcTEYtAICdcqpf
dZwAMdqfbodx//LIUPXrcXXFdHtNLrzYxqf0zol53yU5vrFFb7DKwXZaiPcl2osr
EIusVPHZvP0fP27/EMcDoXgMeornDp4xbcDPHTetNv+7J3HModr05AN51avQyCfo
azGOtvsbALrFbjq/SPkptMHu9OJ5Sc0rbf762NUHSsf341aG2WQYmheV+LLPiGaV
QU3cPIy6jh7x1okQNLsJTB+B5kow7W+pNhxPUVzPVOAkz9OZAx3qlp5lgf/SKnET
/PvoRMyCWDmGQteM6MG6/63EbsZX9Tm+hOMicie3X8A5VEM6iTv010w=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:39:07 2025 by rpki-client