Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/HJ-Wy7JMVUEUV-rcp9uU-_uEaf4.roa
File: HJ-Wy7JMVUEUV-rcp9uU-_uEaf4.roa (raw, json)
Hash identifier: OXjYWNPPXr8guUU3DkcjfIhY7Rin8aQaWirW+jJdFRg=
Subject key identifier: 1C:9F:96:CB:B2:4C:55:41:14:57:EA:DC:A7:DB:94:FB:FB:84:69:FE
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 56D3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/HJ-Wy7JMVUEUV-rcp9uU-_uEaf4.roa
Signing time: Tue 14 May 2024 08:24:08 +0000
ROA not before: Tue 14 May 2024 08:24:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22227 (0x56d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 14 08:24:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1C9F96CBB24C55411457EADCA7DB94FBFB8469FE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:56:9a:2b:ca:51:c1:c6:37:56:59:4c:2c:cc:
cb:2c:0f:eb:9a:ba:aa:0c:0c:53:e4:70:68:5f:62:
17:4d:82:1a:32:fd:fc:4a:a8:00:a9:22:fa:ce:da:
2c:20:80:d7:fc:2d:18:7d:06:95:bf:3f:54:55:5d:
4d:c4:35:f0:61:90:13:ad:95:7b:8a:49:b3:b6:e5:
cb:ce:66:23:ae:69:8a:4c:0f:a9:b1:f3:ac:07:9f:
4a:f7:cd:ba:1e:a9:fe:c8:f9:a0:34:44:b9:68:4d:
f6:46:73:ba:4d:31:4d:b6:56:04:4e:3b:a2:92:b2:
63:ff:04:91:fd:fd:f7:5d:0e:3b:5f:57:13:32:d5:
39:95:0f:cb:2d:f9:01:c4:24:db:7c:89:f1:3e:ff:
42:19:64:5d:cb:7e:84:e8:18:6d:39:bb:a9:47:43:
4e:dd:57:df:03:88:5d:35:d6:60:da:29:90:be:d4:
60:f3:75:86:b4:b6:c2:97:e8:3e:15:e9:04:01:16:
d3:17:6a:17:94:1b:b8:dd:dd:f3:c5:31:78:a3:67:
c4:71:9c:a1:52:3c:38:9e:80:8e:25:6b:4b:2b:a4:
0b:f8:4a:52:88:4b:f2:f4:b7:e8:c8:61:40:8a:6b:
f1:a0:2f:06:de:8c:d3:ee:7d:f6:2c:cc:52:b5:9a:
00:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:9F:96:CB:B2:4C:55:41:14:57:EA:DC:A7:DB:94:FB:FB:84:69:FE
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/HJ-Wy7JMVUEUV-rcp9uU-_uEaf4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
6b:3e:95:dc:ff:dc:3e:4c:d6:18:66:13:ef:cb:38:bc:29:3d:
b5:be:66:0c:15:f2:56:e8:ac:f1:05:4d:c0:00:ec:7d:f4:4f:
c5:79:ca:d3:02:ff:8f:47:0d:6c:16:08:4e:73:c3:da:ad:23:
d0:7a:c6:38:52:80:8c:7f:47:d5:1c:12:5a:4f:08:26:22:f2:
cb:0b:db:c2:95:c5:b5:17:f3:b8:bc:1f:1a:e3:e7:da:0e:85:
c5:0b:42:ee:f0:f9:c6:34:4e:6a:e0:bc:3f:0d:be:da:50:d1:
99:79:44:25:38:37:7d:c0:07:06:48:15:1e:5d:e1:91:80:dd:
00:5f:51:a6:5d:88:8d:a4:2a:55:6a:1d:65:9d:30:9f:8a:0f:
36:c7:66:21:1f:fe:1e:9b:8e:4c:0e:fd:fe:16:84:1f:06:05:
a8:a2:4e:7b:7d:08:d9:02:35:19:dc:ed:92:3f:d6:e9:4e:d6:
75:33:3a:a5:64:56:2e:14:a1:24:1e:03:8b:2d:91:ae:96:76:
0c:45:56:59:53:b4:a9:84:0a:75:53:e8:50:73:b4:9c:14:9b:
ef:99:05:5f:28:f8:f6:fe:d4:2c:05:ec:12:80:fc:50:56:a2:
2a:45:26:37:04:f0:47:4e:33:b3:9c:1a:cb:17:ad:62:d6:01:
0c:4c:51:64
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICVtMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTQw
ODI0MDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFDOUY5NkNCQjI0QzU1
NDExNDU3RUFEQ0E3REI5NEZCRkI4NDY5RkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD1VporylHBxjdWWUwszMssD+uauqoMDFPkcGhfYhdNghoy/fxK
qACpIvrO2iwggNf8LRh9BpW/P1RVXU3ENfBhkBOtlXuKSbO25cvOZiOuaYpMD6mx
86wHn0r3zboeqf7I+aA0RLloTfZGc7pNMU22VgROO6KSsmP/BJH9/fddDjtfVxMy
1TmVD8st+QHEJNt8ifE+/0IZZF3LfoToGG05u6lHQ07dV98DiF011mDaKZC+1GDz
dYa0tsKX6D4V6QQBFtMXaheUG7jd3fPFMXijZ8RxnKFSPDiegI4la0srpAv4SlKI
S/L0t+jIYUCKa/GgLwbejNPuffYszFK1mgCHAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUHJ+Wy7JMVUEUV+rcp9uU+/uEaf4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0hKLVd5N0pNVlVFVVYt
cmNwOXVVLV91RWFmNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAGs+ldz/3D5M1hhmE+/LOLwpPbW+ZgwV
8lborPEFTcAA7H30T8V5ytMC/49HDWwWCE5zw9qtI9B6xjhSgIx/R9UcElpPCCYi
8ssL28KVxbUX87i8Hxrj59oOhcULQu7w+cY0TmrgvD8NvtpQ0Zl5RCU4N33ABwZI
FR5d4ZGA3QBfUaZdiI2kKlVqHWWdMJ+KDzbHZiEf/h6bjkwO/f4WhB8GBaiiTnt9
CNkCNRnc7ZI/1ulO1nUzOqVkVi4UoSQeA4stka6WdgxFVllTtKmECnVT6FBztJwU
m++ZBV8o+Pb+1CwF7BKA/FBWoipFJjcE8EdOM7OcGssXrWLWAQxMUWQ=
-----END CERTIFICATE-----
Generated at Fri Apr 11 03:13:56 2025 by rpki-client