Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/KIlTa3FpSQk9-38VY1i7GFIs2lE.roa
File: KIlTa3FpSQk9-38VY1i7GFIs2lE.roa (raw, json)
Hash identifier: QR2qUoHVsNTJkEg8tKiQfchc9IGuW6eicwyNroUUpl4=
Subject key identifier: 28:89:53:6B:71:69:49:09:3D:FB:7F:15:63:58:BB:18:52:2C:DA:51
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4A1B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KIlTa3FpSQk9-38VY1i7GFIs2lE.roa
Signing time: Sat 27 Apr 2024 09:23:36 +0000
ROA not before: Sat 27 Apr 2024 09:23:36 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18971 (0x4a1b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 27 09:23:36 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2889536B716949093DFB7F156358BB18522CDA51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:11:4f:e2:7b:af:40:30:6c:1f:36:ad:a7:0a:
fa:6e:93:cb:68:7c:3a:5b:11:78:1f:60:1e:df:52:
48:7d:5c:b8:52:20:49:a7:47:24:01:16:0a:8b:f9:
15:c9:a2:44:82:5f:c9:04:93:a8:24:c1:cf:97:8a:
f8:4a:dc:59:b9:04:03:1e:7a:03:85:00:91:3e:25:
2d:a2:63:b4:2d:62:21:e0:a3:1b:a7:c6:ab:57:49:
8e:52:b7:04:af:b5:66:15:73:ab:ac:f1:2a:e5:ae:
40:2b:c7:5c:e6:62:9a:e6:7c:bd:63:5d:b7:7e:e5:
18:d9:06:64:ac:b0:11:7c:8f:68:c2:9a:4c:11:c0:
84:b9:9f:f0:68:e0:64:73:dc:2d:4a:a3:ee:51:33:
1a:81:83:5b:4a:dc:7f:9b:a5:f5:14:4a:f7:c8:88:
e5:10:65:3c:f1:3b:73:cb:a7:db:f5:bf:ab:2b:3e:
b2:c5:b7:dc:62:fe:a1:4a:c5:c9:df:1f:35:02:cd:
b4:07:8c:37:b1:75:39:6e:ec:38:55:b7:03:c2:c3:
77:ac:f0:db:3b:93:c9:12:fa:ff:44:e9:b5:a6:29:
11:31:9a:bd:88:27:e5:86:4b:a4:9f:16:ef:ab:79:
a1:b2:9b:cb:6c:32:d3:16:d3:6c:c5:3a:13:b1:92:
fa:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:89:53:6B:71:69:49:09:3D:FB:7F:15:63:58:BB:18:52:2C:DA:51
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KIlTa3FpSQk9-38VY1i7GFIs2lE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
3b:5c:b7:62:8b:d8:19:24:8f:04:97:d0:6a:0b:ae:e5:c7:e7:
70:b6:67:06:4b:56:57:57:a1:92:75:13:ba:df:ca:67:72:f2:
eb:46:6f:05:5e:1a:43:1e:72:f0:22:55:53:06:f0:68:2e:b5:
db:70:76:ed:af:e3:a4:61:e3:32:4f:86:58:98:ea:b7:0c:4a:
59:93:f5:f3:ef:4e:8e:b3:ab:d6:29:aa:c6:c9:ce:b0:ec:0d:
04:d8:86:57:b6:a3:4c:71:89:84:ec:40:69:4f:6e:6b:02:46:
e1:b6:fb:ac:73:3f:79:08:bd:0b:5b:0d:06:90:c4:86:4e:e3:
f4:b7:06:eb:7a:67:b2:85:96:76:2a:71:68:5c:e3:aa:38:b0:
f0:0a:39:9f:35:16:dd:68:4e:7b:26:55:14:f7:a6:ff:52:55:
28:5d:4c:9b:b0:6d:fd:5f:22:40:5b:b0:81:23:56:c5:85:fe:
b6:b7:01:18:ed:f4:87:65:d2:9f:3b:a1:8e:d3:fe:54:ac:65:
f5:16:66:56:86:33:be:aa:13:c2:3e:39:71:d1:9b:41:e8:73:
85:24:94:84:7e:6b:41:21:cd:36:e8:32:ed:c4:d7:a4:fe:9e:
a2:0f:0b:3f:7c:b7:46:63:7e:73:04:d7:8a:dc:fe:30:ed:69:
af:58:3c:f9
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICShswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjcw
OTIzMzZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI4ODk1MzZCNzE2OTQ5
MDkzREZCN0YxNTYzNThCQjE4NTIyQ0RBNTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCUEU/ie69AMGwfNq2nCvpuk8tofDpbEXgfYB7fUkh9XLhSIEmn
RyQBFgqL+RXJokSCX8kEk6gkwc+XivhK3Fm5BAMeegOFAJE+JS2iY7QtYiHgoxun
xqtXSY5StwSvtWYVc6us8SrlrkArx1zmYprmfL1jXbd+5RjZBmSssBF8j2jCmkwR
wIS5n/Bo4GRz3C1Ko+5RMxqBg1tK3H+bpfUUSvfIiOUQZTzxO3PLp9v1v6srPrLF
t9xi/qFKxcnfHzUCzbQHjDexdTlu7DhVtwPCw3es8Ns7k8kS+v9E6bWmKRExmr2I
J+WGS6SfFu+reaGym8tsMtMW02zFOhOxkvqBAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUKIlTa3FpSQk9+38VY1i7GFIs2lEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0tJbFRhM0ZwU1FrOS0z
OFZZMWk3R0ZJczJsRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBADtct2KL2BkkjwSX0GoLruXH53C2ZwZL
VldXoZJ1E7rfymdy8utGbwVeGkMecvAiVVMG8Ggutdtwdu2v46Rh4zJPhliY6rcM
SlmT9fPvTo6zq9YpqsbJzrDsDQTYhle2o0xxiYTsQGlPbmsCRuG2+6xzP3kIvQtb
DQaQxIZO4/S3But6Z7KFlnYqcWhc46o4sPAKOZ81Ft1oTnsmVRT3pv9SVShdTJuw
bf1fIkBbsIEjVsWF/ra3ARjt9Idl0p87oY7T/lSsZfUWZlaGM76qE8I+OXHRm0Ho
c4UklIR+a0EhzTboMu3E16T+nqIPCz98t0ZjfnME14rc/jDtaa9YPPk=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:47:23 2025 by rpki-client