Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/GJl0tSFAfsjBG4C-1s8HkFo-sG4.roa
File: GJl0tSFAfsjBG4C-1s8HkFo-sG4.roa (raw, json)
Hash identifier: 8VtBvwmetuXShty4gt/SjtuvJwYzlU27cyggnO9DMgA=
Subject key identifier: 18:99:74:B5:21:40:7E:C8:C1:1B:80:BE:D6:CF:07:90:5A:3E:B0:6E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3AE3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GJl0tSFAfsjBG4C-1s8HkFo-sG4.roa
Signing time: Sun 07 Apr 2024 02:22:34 +0000
ROA not before: Sun 07 Apr 2024 02:22:34 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15075 (0x3ae3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 7 02:22:34 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=189974B521407EC8C11B80BED6CF07905A3EB06E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:92:04:a7:7c:f8:39:5b:0f:03:a5:a4:e1:5f:
e1:f2:6d:11:12:82:48:46:ed:b8:95:03:00:ba:84:
32:1c:3c:a7:7d:2b:cf:d2:8d:bd:86:2f:4d:4a:e8:
d7:e2:48:a3:6a:a8:5d:83:99:cd:a8:3f:a6:88:e7:
e8:cb:37:7f:4b:7e:97:fb:53:bf:76:50:51:df:85:
a9:3d:6d:7e:5a:b5:1c:9a:3e:04:f3:69:94:94:63:
d7:09:a1:02:a7:82:ef:10:f1:a2:8f:91:d7:5c:91:
e5:63:6e:ef:21:fd:bf:33:24:a1:dd:fb:36:da:cb:
ee:5e:c1:d1:71:cd:f6:e9:16:53:22:7b:61:83:d5:
25:f6:60:d8:ed:dc:2e:01:04:93:28:9f:87:dc:db:
df:ae:05:5e:84:33:ac:09:1e:ec:83:ac:ce:5a:30:
0d:a9:3b:47:3d:db:fe:ee:91:2a:71:76:94:01:21:
39:ea:b4:48:4f:2c:81:00:7e:af:76:19:9a:b6:2d:
52:98:24:bb:20:c9:63:c5:3d:ec:ec:35:1b:45:3e:
a2:41:f9:e1:c3:59:57:c5:b7:17:33:98:4d:51:b1:
e6:76:fd:9d:72:eb:f0:a4:ee:ab:ab:5d:bd:e8:5c:
77:f7:2f:a0:a2:64:db:28:a8:05:5d:d0:af:a4:db:
df:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:99:74:B5:21:40:7E:C8:C1:1B:80:BE:D6:CF:07:90:5A:3E:B0:6E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GJl0tSFAfsjBG4C-1s8HkFo-sG4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
5c:b4:14:74:5a:56:41:5b:79:04:12:79:8e:76:95:83:96:13:
04:fb:a5:34:4d:82:4d:e7:74:aa:1a:7a:ff:5d:f2:4b:2f:7b:
79:0d:20:63:8a:ac:ed:da:a5:5e:29:b9:58:9e:29:55:d9:ee:
7c:0e:74:6a:f3:ab:cd:d1:0a:21:54:1a:23:f6:81:ee:78:81:
50:63:50:86:e6:3b:3b:82:ce:51:36:84:06:7f:68:8a:c0:46:
b6:89:31:be:91:ad:dc:b9:cf:ad:cc:10:a4:d1:a5:b8:96:ed:
a6:4f:b2:87:cd:04:95:d1:b3:32:5d:40:cc:72:da:e8:2f:f8:
e1:70:df:05:56:0d:54:3d:ac:29:ce:ac:ab:0e:41:97:fc:51:
e4:d2:91:fa:a4:ff:86:69:91:15:a6:82:37:80:a3:56:bf:8f:
99:3b:dc:b8:13:e9:b2:00:1d:a0:07:37:5e:4a:fa:3a:37:8f:
3a:2e:18:65:5f:45:ef:61:97:7f:36:95:60:19:d9:e4:17:af:
c8:88:ab:ec:8a:3c:23:10:09:6f:f6:71:d7:56:f1:75:4d:3d:
e4:71:ab:f4:a2:dc:3c:d0:3a:ac:ed:9d:56:b4:95:78:08:3b:
ce:08:43:51:8c:27:67:87:65:61:a9:e0:7d:57:a5:0f:fe:1d:
9e:8e:83:6a
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICOuMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDcw
MjIyMzRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE4OTk3NEI1MjE0MDdF
QzhDMTFCODBCRUQ2Q0YwNzkwNUEzRUIwNkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhkgSnfPg5Ww8DpaThX+HybRESgkhG7biVAwC6hDIcPKd9K8/S
jb2GL01K6NfiSKNqqF2Dmc2oP6aI5+jLN39Lfpf7U792UFHfhak9bX5atRyaPgTz
aZSUY9cJoQKngu8Q8aKPkddckeVjbu8h/b8zJKHd+zbay+5ewdFxzfbpFlMie2GD
1SX2YNjt3C4BBJMon4fc29+uBV6EM6wJHuyDrM5aMA2pO0c92/7ukSpxdpQBITnq
tEhPLIEAfq92GZq2LVKYJLsgyWPFPezsNRtFPqJB+eHDWVfFtxczmE1RseZ2/Z1y
6/Ck7qurXb3oXHf3L6CiZNsoqAVd0K+k298NAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUGJl0tSFAfsjBG4C+1s8HkFo+sG4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0dKbDB0U0ZBZnNqQkc0
Qy0xczhIa0ZvLXNHNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFy0FHRaVkFbeQQSeY52lYOWEwT7pTRN
gk3ndKoaev9d8ksve3kNIGOKrO3apV4puVieKVXZ7nwOdGrzq83RCiFUGiP2ge54
gVBjUIbmOzuCzlE2hAZ/aIrARraJMb6Rrdy5z63MEKTRpbiW7aZPsofNBJXRszJd
QMxy2ugv+OFw3wVWDVQ9rCnOrKsOQZf8UeTSkfqk/4ZpkRWmgjeAo1a/j5k73LgT
6bIAHaAHN15K+jo3jzouGGVfRe9hl382lWAZ2eQXr8iIq+yKPCMQCW/2cddW8XVN
PeRxq/Si3DzQOqztnVa0lXgIO84IQ1GMJ2eHZWGp4H1XpQ/+HZ6Og2o=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:19:26 2025 by rpki-client