Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/HEhUCIIurGDhDjdA5NsCOKrArYY.roa
File: HEhUCIIurGDhDjdA5NsCOKrArYY.roa (raw, json)
Hash identifier: +U+tP6EIRRxvc0cOPPUFDMKjL1gFvJ3NNPkByvXDI+k=
Subject key identifier: 1C:48:54:08:82:2E:AC:60:E1:0E:37:40:E4:DB:02:38:AA:C0:AD:86
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 536B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/HEhUCIIurGDhDjdA5NsCOKrArYY.roa
Signing time: Thu 09 May 2024 19:24:01 +0000
ROA not before: Thu 09 May 2024 19:24:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21355 (0x536b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 9 19:24:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1C485408822EAC60E10E3740E4DB0238AAC0AD86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:13:6f:29:ea:b0:b3:f2:68:fe:76:e2:50:05:
7b:82:e0:7b:cb:43:38:02:b6:87:ac:02:90:43:48:
db:c0:5c:e8:b7:ae:01:65:24:af:0e:17:ec:73:49:
35:f3:4b:3c:5c:29:89:7c:03:8e:9e:3b:04:ff:03:
f3:ef:f9:ba:c6:be:f6:51:a8:9f:f6:13:1c:1b:7c:
ce:a2:e9:97:7f:2e:1c:88:a5:7d:82:9d:07:53:f3:
e9:99:55:29:e7:4a:8c:22:93:5a:4b:4c:9f:28:de:
44:ac:e0:4c:4f:9f:c4:d5:22:2b:d0:07:9c:d0:1c:
82:78:63:7a:f9:33:19:83:3d:bd:93:0d:ad:ad:89:
8f:97:fd:17:3a:cb:49:f7:eb:05:05:40:15:11:38:
1a:a9:db:b3:9f:54:9c:04:43:24:44:0b:1d:52:1b:
17:91:10:2b:97:72:19:78:28:c5:ed:24:ae:2a:10:
59:29:55:ca:37:4b:33:4d:38:f2:a4:49:9b:cf:4f:
3e:1b:30:48:3d:12:57:31:ea:92:7f:6f:c9:a2:12:
7c:94:5c:85:92:82:1a:fe:ce:8a:65:41:60:95:cf:
4e:2d:54:3b:4c:69:e1:08:1f:4f:a4:66:0e:6c:99:
77:25:67:86:e5:93:78:09:f7:63:35:59:c4:66:91:
bb:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:48:54:08:82:2E:AC:60:E1:0E:37:40:E4:DB:02:38:AA:C0:AD:86
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/HEhUCIIurGDhDjdA5NsCOKrArYY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
03:46:09:f1:e6:21:ed:90:a5:18:5e:4e:fc:2f:cc:e8:0c:a8:
62:d8:c1:a7:a0:93:13:40:92:0a:7e:ea:07:c5:08:12:4c:97:
77:03:6a:ef:75:c3:51:89:26:ec:be:1e:b9:47:a3:30:d2:d2:
aa:1f:09:af:ba:2d:c4:09:6c:c4:3c:d8:2c:23:54:cb:5f:97:
60:74:4e:d5:5a:1e:a4:fb:56:a8:9c:f2:8f:a7:71:3b:1a:c5:
7a:13:52:02:ed:5b:e9:bf:45:16:d8:24:41:98:1c:51:03:e6:
e0:b8:a6:3d:de:63:76:48:c1:7e:ac:a7:e1:d0:a1:d2:09:50:
be:09:0b:55:d8:11:ac:ed:b9:73:77:57:c6:db:c6:29:03:e3:
ed:72:fa:51:85:51:ed:fd:51:db:80:a5:f8:b9:e3:ee:4e:a8:
c2:6b:d7:c2:25:11:87:b5:d1:41:69:0b:5d:5a:e2:7a:cb:c8:
68:ff:8e:b9:9b:5d:e0:ef:2b:43:93:ca:49:30:98:32:db:de:
94:bd:76:0a:fb:96:3b:ab:db:ae:f1:43:cc:39:68:4b:6a:cb:
b1:b1:ca:fe:b9:9b:a5:c4:7c:81:ab:2d:e0:47:4e:87:01:f9:
4f:95:0e:7b:e1:e8:6d:f8:0d:e9:9f:4c:bc:79:4e:d3:89:76:
9a:53:1d:ec
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICU2swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDkx
OTI0MDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFDNDg1NDA4ODIyRUFD
NjBFMTBFMzc0MEU0REIwMjM4QUFDMEFEODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtE28p6rCz8mj+duJQBXuC4HvLQzgCtoesApBDSNvAXOi3rgFl
JK8OF+xzSTXzSzxcKYl8A46eOwT/A/Pv+brGvvZRqJ/2ExwbfM6i6Zd/LhyIpX2C
nQdT8+mZVSnnSowik1pLTJ8o3kSs4ExPn8TVIivQB5zQHIJ4Y3r5MxmDPb2TDa2t
iY+X/Rc6y0n36wUFQBUROBqp27OfVJwEQyRECx1SGxeRECuXchl4KMXtJK4qEFkp
Vco3SzNNOPKkSZvPTz4bMEg9Elcx6pJ/b8miEnyUXIWSghr+zoplQWCVz04tVDtM
aeEIH0+kZg5smXclZ4blk3gJ92M1WcRmkbvDAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUHEhUCIIurGDhDjdA5NsCOKrArYYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0hFaFVDSUl1ckdEaERq
ZEE1TnNDT0tyQXJZWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAANGCfHmIe2QpRheTvwvzOgMqGLYwaeg
kxNAkgp+6gfFCBJMl3cDau91w1GJJuy+HrlHozDS0qofCa+6LcQJbMQ82CwjVMtf
l2B0TtVaHqT7Vqic8o+ncTsaxXoTUgLtW+m/RRbYJEGYHFED5uC4pj3eY3ZIwX6s
p+HQodIJUL4JC1XYEaztuXN3V8bbxikD4+1y+lGFUe39UduApfi54+5OqMJr18Il
EYe10UFpC11a4nrLyGj/jrmbXeDvK0OTykkwmDLb3pS9dgr7ljur267xQ8w5aEtq
y7Gxyv65m6XEfIGrLeBHTocB+U+VDnvh6G34DemfTLx5TtOJdppTHew=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:40:39 2025 by rpki-client