Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/GekedpicZH94qijVgezavpy66I8.roa
File: GekedpicZH94qijVgezavpy66I8.roa (raw, json)
Hash identifier: LbV2vA7VyH506ZSio5xRtLteE4adsgWchah/aPYab5U=
Subject key identifier: 19:E9:1E:76:98:9C:64:7F:78:AA:28:D5:81:EC:DA:BE:9C:BA:E8:8F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4367
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GekedpicZH94qijVgezavpy66I8.roa
Signing time: Thu 18 Apr 2024 10:53:00 +0000
ROA not before: Thu 18 Apr 2024 10:53:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17255 (0x4367)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 18 10:53:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=19E91E76989C647F78AA28D581ECDABE9CBAE88F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:03:fd:3d:d9:65:ef:87:7c:e5:ad:78:c2:ec:
76:de:cd:f7:22:66:6f:5d:26:31:b3:e8:33:05:65:
2e:8a:3c:11:79:93:ea:be:65:13:36:2f:3c:4b:10:
26:f7:c8:f4:40:b9:49:f5:7d:d1:c9:a2:7d:2a:f4:
6e:7c:d4:3f:33:9e:4e:cf:9f:0f:1b:07:f6:af:3c:
f2:3d:f1:93:03:84:1e:4f:cd:7a:72:2a:55:58:af:
62:4b:94:a0:04:a1:76:73:4e:70:be:62:e0:65:90:
8f:76:af:ec:53:ad:32:89:1f:93:32:c7:64:1c:44:
24:86:f5:d1:a4:cc:0b:26:0d:ef:12:04:7f:7c:ae:
8d:dd:e1:91:02:8e:9c:44:ef:86:e4:0f:00:24:e2:
a9:34:1d:7f:94:4d:5e:82:da:61:e6:69:ca:36:70:
de:47:2c:b7:78:1d:a1:b9:dd:8c:e3:f8:61:a9:3c:
3f:68:26:b9:46:84:d6:73:42:bb:7d:50:4f:84:1d:
12:41:bf:2c:ca:b3:bf:c9:ae:df:ef:1d:bd:eb:f9:
f8:ea:12:61:79:5c:bc:c3:b7:4f:81:53:01:8e:af:
ef:74:b2:09:61:9e:d4:e6:a3:9b:4b:96:1e:9d:b8:
af:96:8d:fe:ad:c1:90:51:85:99:06:00:ad:af:19:
2d:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:E9:1E:76:98:9C:64:7F:78:AA:28:D5:81:EC:DA:BE:9C:BA:E8:8F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GekedpicZH94qijVgezavpy66I8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
86:59:bb:04:2a:8d:27:0c:d9:31:f4:18:23:1f:50:9c:ec:00:
20:72:57:4a:87:ac:1e:30:c0:38:59:93:ca:d8:19:79:e0:74:
6e:99:02:98:10:ce:86:92:b4:f6:71:95:26:f6:c1:d9:41:85:
0b:a2:81:6b:d7:35:9e:ef:f6:f0:42:08:30:17:ac:ee:1d:cd:
58:c5:bc:ce:95:b8:06:e5:5c:f0:e7:bb:3e:fb:1d:90:3d:cc:
af:3c:fc:75:52:5d:75:9a:85:73:60:4c:80:c3:5a:e0:d3:28:
0b:1e:29:31:21:a8:ec:b7:9c:08:46:47:d3:f4:1d:39:27:12:
67:4d:b0:c9:35:2b:6e:62:5d:11:b9:11:c3:49:60:dc:62:40:
27:38:c1:da:d0:ff:a8:a3:bc:9d:31:fc:6a:e3:a8:f1:a5:53:
85:01:bc:36:a4:56:48:0f:74:5c:8d:92:3a:7f:fc:f4:7e:ef:
7b:b9:66:60:5d:db:a9:7e:8c:e6:22:0c:40:eb:d2:ed:17:b8:
57:05:03:a5:da:8b:99:94:b2:be:bf:9b:b1:89:f0:74:79:53:
ee:83:27:d0:90:eb:3e:b2:6a:a5:9f:05:5a:15:30:bc:96:e8:
47:5d:d5:dd:d5:68:88:f9:9c:8f:5c:62:11:ec:f8:8e:28:a5:
5b:89:58:0e
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQ2cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTgx
MDUzMDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE5RTkxRTc2OTg5QzY0
N0Y3OEFBMjhENTgxRUNEQUJFOUNCQUU4OEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXA/092WXvh3zlrXjC7HbezfciZm9dJjGz6DMFZS6KPBF5k+q+
ZRM2LzxLECb3yPRAuUn1fdHJon0q9G581D8znk7Pnw8bB/avPPI98ZMDhB5PzXpy
KlVYr2JLlKAEoXZzTnC+YuBlkI92r+xTrTKJH5Myx2QcRCSG9dGkzAsmDe8SBH98
ro3d4ZECjpxE74bkDwAk4qk0HX+UTV6C2mHmaco2cN5HLLd4HaG53Yzj+GGpPD9o
JrlGhNZzQrt9UE+EHRJBvyzKs7/Jrt/vHb3r+fjqEmF5XLzDt0+BUwGOr+90sglh
ntTmo5tLlh6duK+Wjf6twZBRhZkGAK2vGS1hAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUGekedpicZH94qijVgezavpy66I8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0dla2VkcGljWkg5NHFp
alZnZXphdnB5NjZJOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAIZZuwQqjScM2TH0GCMfUJzsACByV0qH
rB4wwDhZk8rYGXngdG6ZApgQzoaStPZxlSb2wdlBhQuigWvXNZ7v9vBCCDAXrO4d
zVjFvM6VuAblXPDnuz77HZA9zK88/HVSXXWahXNgTIDDWuDTKAseKTEhqOy3nAhG
R9P0HTknEmdNsMk1K25iXRG5EcNJYNxiQCc4wdrQ/6ijvJ0x/GrjqPGlU4UBvDak
VkgPdFyNkjp//PR+73u5ZmBd26l+jOYiDEDr0u0XuFcFA6Xai5mUsr6/m7GJ8HR5
U+6DJ9CQ6z6yaqWfBVoVMLyW6Edd1d3VaIj5nI9cYhHs+I4opVuJWA4=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:41:25 2025 by rpki-client