Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/GEn25DNicQRUy8G6Qotzj_X-HeA.roa
File: GEn25DNicQRUy8G6Qotzj_X-HeA.roa (raw, json)
Hash identifier: 2WFzcl9QPixgVO2tBsip6lFbR4OjkShgV7jXHYLhoDo=
Subject key identifier: 18:49:F6:E4:33:62:71:04:54:CB:C1:BA:42:8B:73:8F:F5:FE:1D:E0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3B17
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GEn25DNicQRUy8G6Qotzj_X-HeA.roa
Signing time: Sun 07 Apr 2024 08:52:31 +0000
ROA not before: Sun 07 Apr 2024 08:52:31 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15127 (0x3b17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 7 08:52:31 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1849F6E43362710454CBC1BA428B738FF5FE1DE0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:02:0e:37:93:e8:9d:62:96:08:6a:41:66:aa:
33:0e:4c:23:cc:df:83:3b:58:76:af:61:1e:29:f6:
19:1d:7c:bb:4a:42:22:9a:cd:ab:7b:42:7d:16:b4:
50:44:13:c6:80:2f:12:ee:91:e5:d2:67:c1:9b:3e:
c7:49:03:4f:9b:0e:d2:28:95:2a:9b:35:02:1c:1b:
a3:37:31:02:de:bc:1b:1e:65:18:27:ec:31:86:37:
ed:53:97:4c:da:11:84:10:b0:56:5d:3a:ce:eb:ab:
e6:17:98:89:f9:26:b2:99:a2:38:e7:56:48:5d:26:
42:a6:36:ff:ef:9a:03:72:c3:51:6b:4c:cf:56:6e:
58:34:25:f9:07:2a:ce:3a:9b:e7:26:bb:36:26:d7:
1b:93:5d:7b:0f:8a:8d:56:2d:a8:68:50:0d:2d:e4:
97:ee:8b:4b:d4:6f:3c:e5:fc:76:2c:a0:3e:c2:a5:
e3:ea:bf:53:77:00:5a:84:03:4a:90:db:fe:fd:e3:
fc:47:55:aa:78:3f:15:a6:49:7a:28:42:2a:c3:22:
87:af:43:25:fa:ed:22:40:e4:ac:5c:5c:0b:63:39:
15:d6:44:cf:39:bd:7c:c3:0e:4c:57:48:bd:ea:0a:
5c:98:14:b5:d4:ad:e0:92:95:f6:7f:7c:df:34:fa:
f2:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:49:F6:E4:33:62:71:04:54:CB:C1:BA:42:8B:73:8F:F5:FE:1D:E0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GEn25DNicQRUy8G6Qotzj_X-HeA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
04:8e:79:dc:f7:15:e4:71:42:5a:ea:6f:40:41:7f:8e:0a:6a:
63:fe:10:99:02:00:d2:fc:39:6f:d6:89:8f:b9:d2:80:c6:7d:
05:23:c6:1c:48:b1:4f:9b:db:53:ad:1e:8a:0e:42:2d:31:03:
5c:07:96:75:d4:38:93:7f:c9:59:64:23:4e:33:c8:2e:e9:6a:
a5:31:ce:22:9f:62:61:ad:2a:68:46:08:af:f1:1e:d6:fd:45:
86:ba:df:1d:1b:f0:dd:35:b8:ed:06:92:70:97:8c:c5:be:e9:
20:8f:74:9f:fe:4b:ce:82:f2:a5:d3:e9:21:29:81:54:f1:65:
e4:a8:bd:7b:ee:35:7c:e0:2e:40:ed:86:08:8b:c2:35:7c:51:
1b:6a:5d:a9:c8:7c:8e:77:f5:a0:64:25:c1:d4:c3:5e:64:84:
43:9e:27:c0:2d:b9:be:06:1f:36:fe:8d:a9:bd:34:4a:57:79:
40:0f:1d:9b:e2:ec:0d:ae:07:d0:b2:cc:df:3f:3c:0e:86:a2:
41:3c:b5:b2:77:1a:f0:0c:69:b6:ca:8d:ec:10:58:23:e5:45:
54:be:95:bf:34:cf:1f:26:d7:42:fb:1d:7e:14:61:c4:4e:e2:
1c:1a:95:17:be:7d:d6:85:95:a5:d9:5d:60:99:62:8c:1d:14:
c4:5b:c3:ef
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICOxcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDcw
ODUyMzFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE4NDlGNkU0MzM2Mjcx
MDQ1NENCQzFCQTQyOEI3MzhGRjVGRTFERTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOAg43k+idYpYIakFmqjMOTCPM34M7WHavYR4p9hkdfLtKQiKa
zat7Qn0WtFBEE8aALxLukeXSZ8GbPsdJA0+bDtIolSqbNQIcG6M3MQLevBseZRgn
7DGGN+1Tl0zaEYQQsFZdOs7rq+YXmIn5JrKZojjnVkhdJkKmNv/vmgNyw1FrTM9W
blg0JfkHKs46m+cmuzYm1xuTXXsPio1WLahoUA0t5Jfui0vUbzzl/HYsoD7CpePq
v1N3AFqEA0qQ2/794/xHVap4PxWmSXooQirDIoevQyX67SJA5KxcXAtjORXWRM85
vXzDDkxXSL3qClyYFLXUreCSlfZ/fN80+vIJAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUGEn25DNicQRUy8G6Qotzj/X+HeAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0dFbjI1RE5pY1FSVXk4
RzZRb3R6al9YLUhlQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAASOedz3FeRxQlrqb0BBf44KamP+EJkC
ANL8OW/WiY+50oDGfQUjxhxIsU+b21OtHooOQi0xA1wHlnXUOJN/yVlkI04zyC7p
aqUxziKfYmGtKmhGCK/xHtb9RYa63x0b8N01uO0GknCXjMW+6SCPdJ/+S86C8qXT
6SEpgVTxZeSovXvuNXzgLkDthgiLwjV8URtqXanIfI539aBkJcHUw15khEOeJ8At
ub4GHzb+jam9NEpXeUAPHZvi7A2uB9CyzN8/PA6GokE8tbJ3GvAMabbKjewQWCPl
RVS+lb80zx8m10L7HX4UYcRO4hwalRe+fdaFlaXZXWCZYowdFMRbw+8=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:44:45 2025 by rpki-client