Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/H9dj1sqQMAzr1ae78Le6Ys7xtxA.roa
File: H9dj1sqQMAzr1ae78Le6Ys7xtxA.roa (raw, json)
Hash identifier: GlMti1E33ssZG/05ok44+Mw1VM6Gg8xpQl5u/wXjW6E=
Subject key identifier: 1F:D7:63:D6:CA:90:30:0C:EB:D5:A7:BB:F0:B7:BA:62:CE:F1:B7:10
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3B5B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/H9dj1sqQMAzr1ae78Le6Ys7xtxA.roa
Signing time: Sun 07 Apr 2024 17:22:36 +0000
ROA not before: Sun 07 Apr 2024 17:22:36 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15195 (0x3b5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 7 17:22:36 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1FD763D6CA90300CEBD5A7BBF0B7BA62CEF1B710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:5c:60:c7:ed:f5:ab:73:ae:00:38:eb:69:04:
f7:05:c9:4a:eb:d4:8a:27:c4:21:45:a1:0f:77:4d:
37:2f:61:8b:ea:a4:a0:c6:d1:42:24:34:42:af:2c:
ae:ea:44:e3:97:ee:7a:f3:c5:01:63:71:89:03:9f:
77:b8:d8:1f:e6:a7:5f:46:c0:f3:f2:2d:ba:df:74:
fc:6b:44:30:09:0d:2e:0f:49:2d:4c:a6:e9:56:a1:
b1:40:d1:57:1f:90:84:3f:f6:c1:96:3a:e7:c2:8d:
78:11:ba:50:08:b6:9b:64:e6:f2:0b:ba:0d:b5:e8:
01:98:3e:e9:a1:d8:a0:9a:3a:58:4c:88:84:74:3a:
ac:5b:0a:4c:66:9f:fe:66:6b:d3:3c:91:ed:65:2f:
23:db:25:49:4d:46:8a:cf:47:49:f2:d9:27:c0:f9:
6b:09:47:18:ea:a7:43:24:5d:e9:4a:24:dc:0b:f5:
c3:77:74:bf:a9:39:47:9c:d6:9a:8a:ed:6d:6c:ed:
32:bb:a0:4c:cb:30:ef:e0:94:8a:db:64:af:7c:eb:
57:cb:3d:57:cc:8b:47:b9:ca:4e:27:e8:c4:72:b4:
db:1e:fd:1a:d6:6b:3e:5f:ec:3d:51:7f:34:3c:42:
bd:de:25:26:b3:51:e2:ad:29:62:c7:e1:b7:d3:7b:
dc:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:D7:63:D6:CA:90:30:0C:EB:D5:A7:BB:F0:B7:BA:62:CE:F1:B7:10
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/H9dj1sqQMAzr1ae78Le6Ys7xtxA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
95:4d:94:d0:42:b4:21:c0:50:30:f9:5b:ad:76:5c:6f:a0:21:
13:be:6e:25:57:44:1f:71:76:2d:d0:84:9d:18:c6:e0:5c:0f:
dc:94:c3:c9:1d:c2:b1:24:c1:6f:38:c0:8f:8b:5a:26:81:0f:
50:1e:cd:44:cd:44:54:4a:ae:57:80:f9:14:e1:64:25:13:65:
16:a2:c7:80:12:19:f7:5b:c8:ff:33:d1:cf:9c:62:6f:05:1b:
21:3c:57:fc:6a:24:83:7d:e6:b3:9e:6b:ea:98:2b:51:62:12:
e3:20:90:97:0e:e9:7a:3e:3b:1b:47:4f:1f:33:32:74:49:1d:
98:21:e5:bf:5a:ef:10:9b:9c:e8:0a:92:4f:a8:a3:b0:45:71:
db:48:01:9e:09:6b:4d:1e:03:f7:27:ac:0e:d1:14:ff:8b:54:
2c:aa:c8:d8:59:e6:63:06:08:42:b6:12:d4:2e:53:fa:42:a6:
95:d1:77:a4:7d:2f:b2:d7:76:85:b4:61:06:47:82:db:68:cf:
d3:06:56:52:51:8e:ea:9c:a3:25:84:f4:c2:41:7c:45:b7:d8:
fd:fa:33:df:94:7e:73:40:0d:1d:d9:1a:00:26:d4:0f:a6:83:
0c:77:1c:e7:13:ba:fb:ff:da:c4:54:90:f2:a7:43:5c:e9:98:
52:6f:86:81
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICO1swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDcx
NzIyMzZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFGRDc2M0Q2Q0E5MDMw
MENFQkQ1QTdCQkYwQjdCQTYyQ0VGMUI3MTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJXGDH7fWrc64AOOtpBPcFyUrr1IonxCFFoQ93TTcvYYvqpKDG
0UIkNEKvLK7qROOX7nrzxQFjcYkDn3e42B/mp19GwPPyLbrfdPxrRDAJDS4PSS1M
pulWobFA0VcfkIQ/9sGWOufCjXgRulAItptk5vILug216AGYPumh2KCaOlhMiIR0
OqxbCkxmn/5ma9M8ke1lLyPbJUlNRorPR0ny2SfA+WsJRxjqp0MkXelKJNwL9cN3
dL+pOUec1pqK7W1s7TK7oEzLMO/glIrbZK9861fLPVfMi0e5yk4n6MRytNse/RrW
az5f7D1RfzQ8Qr3eJSazUeKtKWLH4bfTe9yvAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUH9dj1sqQMAzr1ae78Le6Ys7xtxAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0g5ZGoxc3FRTUF6cjFh
ZTc4TGU2WXM3eHR4QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAJVNlNBCtCHAUDD5W612XG+gIRO+biVX
RB9xdi3QhJ0YxuBcD9yUw8kdwrEkwW84wI+LWiaBD1AezUTNRFRKrleA+RThZCUT
ZRaix4ASGfdbyP8z0c+cYm8FGyE8V/xqJIN95rOea+qYK1FiEuMgkJcO6Xo+OxtH
Tx8zMnRJHZgh5b9a7xCbnOgKkk+oo7BFcdtIAZ4Ja00eA/cnrA7RFP+LVCyqyNhZ
5mMGCEK2EtQuU/pCppXRd6R9L7LXdoW0YQZHgttoz9MGVlJRjuqcoyWE9MJBfEW3
2P36M9+UfnNADR3ZGgAm1A+mgwx3HOcTuvv/2sRUkPKnQ1zpmFJvhoE=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:43:31 2025 by rpki-client