Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/MQVzr3BOCTwfDDCOqZ-Ei9Za8Ew.roa
File: MQVzr3BOCTwfDDCOqZ-Ei9Za8Ew.roa (raw, json)
Hash identifier: KR7Jer2OuLP36eaCIQeyUV0LVmjSmfularllZ9uo8A0=
Subject key identifier: 31:05:73:AF:70:4E:09:3C:1F:0C:30:8E:A9:9F:84:8B:D6:5A:F0:4C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 434B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/MQVzr3BOCTwfDDCOqZ-Ei9Za8Ew.roa
Signing time: Thu 18 Apr 2024 07:22:59 +0000
ROA not before: Thu 18 Apr 2024 07:22:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17227 (0x434b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 18 07:22:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=310573AF704E093C1F0C308EA99F848BD65AF04C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7f:d4:f8:11:86:3e:84:96:8a:ae:b3:3b:65:
4b:15:80:0b:28:f4:6d:87:c4:df:1a:d2:89:dc:0e:
41:e7:90:d0:01:c2:06:cd:89:61:5b:24:c2:8c:e5:
ae:4d:3d:76:3a:61:d5:3b:6d:c0:fb:11:44:ed:aa:
3b:6c:0e:97:7c:89:25:89:66:b5:ce:dd:7d:3a:c5:
e9:ac:21:e0:f5:83:0d:d3:89:87:0d:b4:9a:b7:05:
31:6a:41:08:bb:75:22:78:45:3a:34:6c:eb:ad:c6:
db:8b:7a:d2:be:be:48:27:94:17:f6:22:69:60:79:
e4:ac:a4:93:ef:1d:0d:51:11:90:de:f6:7f:80:cd:
1f:38:1a:51:ac:d2:dc:42:14:1e:3d:f3:fe:51:e2:
3c:12:71:4e:ce:b2:df:5a:25:72:73:5e:13:c3:3f:
d5:ab:8b:d8:f9:3a:ba:8d:4a:3c:c6:b4:c0:f6:46:
38:4f:e3:c7:a0:1e:5c:28:f4:9c:6f:fc:1c:61:1f:
ab:db:57:71:19:4d:76:ad:86:24:1b:fb:49:8b:8a:
5b:94:a7:aa:07:c4:4b:47:d9:dd:e8:41:9a:a9:88:
a6:56:52:6a:31:f2:db:7f:1c:46:5f:85:86:c9:e3:
8a:77:93:73:82:4d:dc:26:d2:67:51:7d:5e:8e:67:
c0:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:05:73:AF:70:4E:09:3C:1F:0C:30:8E:A9:9F:84:8B:D6:5A:F0:4C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/MQVzr3BOCTwfDDCOqZ-Ei9Za8Ew.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
bc:d3:af:50:ed:79:52:af:c5:bc:19:2e:ac:aa:40:dc:66:16:
6f:db:a0:8c:c0:74:ee:0e:80:08:2a:17:dd:42:77:4b:dc:46:
31:bf:8e:4b:d5:08:e7:f8:99:2d:bd:bb:0c:b2:4f:38:0d:e6:
b9:96:13:0a:59:92:2b:4c:fb:4e:f9:d8:4a:70:b8:15:fc:2e:
ea:2e:6b:06:7e:34:cb:dc:14:fd:98:26:91:20:9f:71:5d:c0:
38:5b:20:27:22:94:00:04:5a:0a:13:c3:32:4e:6a:ac:c6:1d:
60:4f:09:2f:3c:b4:c2:81:04:0e:86:b8:b8:7d:bb:37:9b:ab:
1f:e9:cb:24:71:c7:a7:1a:35:26:9e:a0:00:8e:04:21:7f:da:
67:69:af:05:dd:ed:95:7e:e4:57:69:37:cd:dd:d0:f8:be:e4:
8d:75:f3:01:67:a3:e1:98:6c:85:9a:9c:ff:b4:0c:bb:ae:de:
6c:31:71:eb:64:00:39:ab:4d:53:2e:45:0b:e2:d3:6c:04:70:
c6:b1:be:19:29:47:5b:4a:f5:3c:fa:0f:65:8d:47:d1:8f:ef:
a1:8a:47:cc:fa:35:e4:6b:fd:9e:6f:c2:63:ef:45:d2:ed:68:
7b:56:ad:1e:e3:89:0f:98:80:5b:59:ab:63:36:a2:8f:15:d6:
7e:71:ab:3c
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQ0swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTgw
NzIyNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDMxMDU3M0FGNzA0RTA5
M0MxRjBDMzA4RUE5OUY4NDhCRDY1QUYwNEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsf9T4EYY+hJaKrrM7ZUsVgAso9G2HxN8a0oncDkHnkNABwgbN
iWFbJMKM5a5NPXY6YdU7bcD7EUTtqjtsDpd8iSWJZrXO3X06xemsIeD1gw3TiYcN
tJq3BTFqQQi7dSJ4RTo0bOutxtuLetK+vkgnlBf2ImlgeeSspJPvHQ1REZDe9n+A
zR84GlGs0txCFB498/5R4jwScU7Ost9aJXJzXhPDP9Wri9j5OrqNSjzGtMD2RjhP
48egHlwo9Jxv/BxhH6vbV3EZTXathiQb+0mLiluUp6oHxEtH2d3oQZqpiKZWUmox
8tt/HEZfhYbJ44p3k3OCTdwm0mdRfV6OZ8AtAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUMQVzr3BOCTwfDDCOqZ+Ei9Za8EwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L01RVnpyM0JPQ1R3ZkRE
Q09xWi1FaTlaYThFdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALzTr1DteVKvxbwZLqyqQNxmFm/boIzA
dO4OgAgqF91Cd0vcRjG/jkvVCOf4mS29uwyyTzgN5rmWEwpZkitM+0752EpwuBX8
LuouawZ+NMvcFP2YJpEgn3FdwDhbICcilAAEWgoTwzJOaqzGHWBPCS88tMKBBA6G
uLh9uzebqx/pyyRxx6caNSaeoACOBCF/2mdprwXd7ZV+5FdpN83d0Pi+5I118wFn
o+GYbIWanP+0DLuu3mwxcetkADmrTVMuRQvi02wEcMaxvhkpR1tK9Tz6D2WNR9GP
76GKR8z6NeRr/Z5vwmPvRdLtaHtWrR7jiQ+YgFtZq2M2oo8V1n5xqzw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:35:01 2025 by rpki-client