Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Ln3PyxHZ-uDyiSniCCZ-1ZuInAk.roa
File: Ln3PyxHZ-uDyiSniCCZ-1ZuInAk.roa (raw, json)
Hash identifier: u8ietFg8cUeCiaUm1IvLj2uLpE6BwaVKLQlG+G8WA+s=
Subject key identifier: 2E:7D:CF:CB:11:D9:FA:E0:F2:89:29:E2:08:26:7E:D5:9B:88:9C:09
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3373
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Ln3PyxHZ-uDyiSniCCZ-1ZuInAk.roa
Signing time: Thu 28 Mar 2024 04:22:06 +0000
ROA not before: Thu 28 Mar 2024 04:22:06 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13171 (0x3373)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 28 04:22:06 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2E7DCFCB11D9FAE0F28929E208267ED59B889C09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a0:71:40:9b:27:c5:ad:aa:a1:96:7e:7f:9f:
ad:5e:25:d5:f7:2c:c2:47:fe:d0:33:db:0a:6a:d3:
f2:43:96:e6:dc:7c:65:ad:ae:82:8a:16:a1:92:68:
1d:8a:c5:e3:38:53:56:05:a1:1a:a7:17:cd:ec:94:
7f:2e:33:35:00:95:0c:e6:78:32:d8:8d:0b:11:c5:
dd:16:e7:99:4f:68:b8:15:a3:0a:30:16:d4:d8:9b:
a3:f9:4b:ce:27:6f:07:0c:48:6b:26:35:7c:10:db:
75:86:84:08:d1:0f:b1:e0:4e:49:f3:72:b1:eb:0f:
20:e2:85:36:56:ed:8a:c7:57:57:d1:86:5d:71:a5:
a9:f6:eb:85:76:9c:f6:bf:a9:38:cf:3a:bc:af:98:
3f:2a:a9:0f:e0:55:c4:da:5c:27:f4:69:95:b3:d5:
77:1c:d4:e2:77:89:95:78:de:12:cb:9e:da:e2:7b:
10:be:26:df:8e:e9:9e:2e:9d:95:f5:bd:84:4d:f9:
32:56:44:79:a6:93:37:e6:5f:c4:79:8f:f6:b9:26:
58:13:d5:2b:b1:b3:a0:99:fa:a1:39:ca:2c:52:aa:
07:0b:94:7a:db:74:c3:66:00:b0:05:38:5b:89:e2:
b5:ee:0c:d9:d2:e9:6d:fc:0c:7d:c1:3e:94:bc:2e:
a7:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:7D:CF:CB:11:D9:FA:E0:F2:89:29:E2:08:26:7E:D5:9B:88:9C:09
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Ln3PyxHZ-uDyiSniCCZ-1ZuInAk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
72:d9:b9:0b:e0:0b:57:0a:e5:94:fa:e7:3d:21:79:87:ad:44:
fe:18:40:14:2c:85:16:10:c6:56:9b:f2:66:a8:ac:35:85:4b:
19:45:3c:12:08:b0:34:7e:12:16:14:28:ca:9b:b0:0f:83:c8:
4d:06:fb:23:6e:0e:d5:c1:c7:95:e3:88:3f:59:a6:05:68:cc:
80:c0:2f:f8:70:92:e6:1f:0a:6a:2b:d7:c1:75:b2:0a:c6:81:
48:1a:b6:40:3b:34:12:31:a3:d3:46:1f:e9:48:e3:99:c3:3e:
61:82:c8:af:a8:61:5c:ca:19:61:c9:7c:d2:c9:bf:44:bb:5a:
4a:ef:78:2f:b2:06:76:5f:a4:f8:e1:c3:59:b0:4d:53:87:5a:
4d:3e:63:3f:8e:72:90:6f:7d:3e:5e:01:83:13:47:75:a9:ea:
54:ed:e8:86:a1:2d:2a:39:e9:4b:d6:cf:74:b0:20:96:2b:39:
06:65:2f:6d:18:16:63:73:6a:01:53:7e:c6:d2:30:21:7a:f2:
16:76:1a:1d:b9:fd:0e:af:88:67:69:c2:77:9d:01:a6:92:f2:
8c:db:88:ae:ca:30:f8:7b:a5:90:12:3f:fe:44:a3:ff:1c:72:
a9:43:ce:36:97:dc:f2:cc:5d:c2:13:af:12:25:37:b1:ad:aa:
32:52:bf:b1
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICM3MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjgw
NDIyMDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJFN0RDRkNCMTFEOUZB
RTBGMjg5MjlFMjA4MjY3RUQ1OUI4ODlDMDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBoHFAmyfFraqhln5/n61eJdX3LMJH/tAz2wpq0/JDlubcfGWt
roKKFqGSaB2KxeM4U1YFoRqnF83slH8uMzUAlQzmeDLYjQsRxd0W55lPaLgVowow
FtTYm6P5S84nbwcMSGsmNXwQ23WGhAjRD7HgTknzcrHrDyDihTZW7YrHV1fRhl1x
pan264V2nPa/qTjPOryvmD8qqQ/gVcTaXCf0aZWz1Xcc1OJ3iZV43hLLntriexC+
Jt+O6Z4unZX1vYRN+TJWRHmmkzfmX8R5j/a5JlgT1Suxs6CZ+qE5yixSqgcLlHrb
dMNmALAFOFuJ4rXuDNnS6W38DH3BPpS8LqdjAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQULn3PyxHZ+uDyiSniCCZ+1ZuInAkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0xuM1B5eEhaLXVEeWlT
bmlDQ1otMVp1SW5Bay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAHLZuQvgC1cK5ZT65z0heYetRP4YQBQs
hRYQxlab8maorDWFSxlFPBIIsDR+EhYUKMqbsA+DyE0G+yNuDtXBx5XjiD9ZpgVo
zIDAL/hwkuYfCmor18F1sgrGgUgatkA7NBIxo9NGH+lI45nDPmGCyK+oYVzKGWHJ
fNLJv0S7WkrveC+yBnZfpPjhw1mwTVOHWk0+Yz+OcpBvfT5eAYMTR3Wp6lTt6Iah
LSo56UvWz3SwIJYrOQZlL20YFmNzagFTfsbSMCF68hZ2Gh25/Q6viGdpwnedAaaS
8ozbiK7KMPh7pZASP/5Eo/8ccqlDzjaX3PLMXcITrxIlN7GtqjJSv7E=
-----END CERTIFICATE-----
Generated at Wed Apr 9 12:36:23 2025 by rpki-client