Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/NH7EN0JwqVMVx5OJaNquweUGdGQ.roa
File: NH7EN0JwqVMVx5OJaNquweUGdGQ.roa (raw, json)
Hash identifier: 0Gr7IUPNz96I4z9nbJlkLrBr29JvdABdO1PK61UNQ88=
Subject key identifier: 34:7E:C4:37:42:70:A9:53:15:C7:93:89:68:DA:AE:C1:E5:06:74:64
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 540F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/NH7EN0JwqVMVx5OJaNquweUGdGQ.roa
Signing time: Fri 10 May 2024 15:54:10 +0000
ROA not before: Fri 10 May 2024 15:54:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21519 (0x540f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 10 15:54:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=347EC4374270A95315C7938968DAAEC1E5067464
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f9:70:a4:73:d5:cf:07:b0:7b:04:31:b1:87:
17:86:74:aa:9e:08:03:69:83:99:41:74:b5:8c:23:
0b:b5:14:34:09:15:67:3c:e9:14:1a:27:ba:0b:b8:
90:28:77:46:fe:c3:32:d5:60:c5:4e:e7:1d:89:bb:
b3:d3:db:c9:97:1d:1b:71:1c:d9:57:96:97:ff:66:
ae:eb:5f:53:49:86:c6:8b:59:a7:3a:59:56:2c:03:
e9:e9:a5:2b:7e:55:50:98:07:91:6d:fc:02:65:26:
64:f8:92:d6:c8:0b:ec:eb:aa:05:fb:62:22:da:cb:
bf:11:29:7a:40:5d:d1:11:95:fb:d4:b0:e9:d0:3b:
24:9e:d0:ad:41:4e:c1:3b:57:9b:04:7a:15:50:9e:
1a:ff:f7:f4:c1:56:8b:a4:7c:9b:80:86:ae:a6:13:
6f:fb:24:a0:38:dc:0d:f2:d7:c1:c4:88:0e:28:24:
a5:9c:85:16:e6:01:97:be:2f:f4:93:37:5c:a2:6b:
cf:3d:5e:73:11:f4:d5:c0:8f:1f:51:b7:68:77:e2:
02:dc:c1:d9:a9:4b:cc:8e:e6:42:fe:8a:b0:f7:f6:
3e:9b:36:1d:56:61:a9:8f:fa:8a:77:82:6c:27:40:
2b:9d:79:b7:e6:b3:d0:3a:36:74:c3:fc:19:84:77:
68:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:7E:C4:37:42:70:A9:53:15:C7:93:89:68:DA:AE:C1:E5:06:74:64
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/NH7EN0JwqVMVx5OJaNquweUGdGQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
96:b2:60:96:df:43:17:0a:3d:d3:96:29:f8:96:fb:fd:44:fa:
d3:10:74:fb:dd:54:92:9e:d1:ea:c8:f1:05:ae:da:7a:90:22:
ba:0b:ec:00:d2:40:b4:97:7d:fd:fd:53:72:ae:b5:f9:39:d1:
90:de:9a:fa:4b:3c:02:4f:40:b0:d9:65:36:25:60:f9:bc:7f:
82:e7:86:45:46:db:fa:15:af:a7:c1:42:c3:b9:36:87:40:1a:
36:21:b5:0e:b2:fa:48:12:f7:1a:9d:42:eb:c7:ec:48:c5:58:
3e:31:a5:f8:76:8e:1c:3c:dc:45:b8:f9:a2:d9:a1:a5:d4:64:
0c:fd:53:02:ad:a8:27:90:e1:eb:3b:ac:16:ee:09:83:0c:63:
e9:4b:cf:9c:ea:4c:d0:f7:05:f5:00:61:41:a5:b1:dc:2a:56:
dc:e6:97:9d:b3:8c:9c:f7:21:8c:6d:a2:af:b1:c8:59:e3:05:
36:06:e0:08:84:d7:78:26:de:9c:28:56:ab:e3:fd:45:b4:06:
6f:9d:0a:f4:d5:06:0b:2e:38:3d:f2:64:7c:02:22:a5:14:02:
87:5b:69:73:c1:90:95:0f:83:d3:29:3a:20:6e:9e:86:9c:c4:
86:82:bd:5f:aa:bf:9b:d7:ff:30:2b:3c:63:ae:a5:0f:18:d7:
54:8b:7c:87
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICVA8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTAx
NTU0MTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM0N0VDNDM3NDI3MEE5
NTMxNUM3OTM4OTY4REFBRUMxRTUwNjc0NjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCo+XCkc9XPB7B7BDGxhxeGdKqeCANpg5lBdLWMIwu1FDQJFWc8
6RQaJ7oLuJAod0b+wzLVYMVO5x2Ju7PT28mXHRtxHNlXlpf/Zq7rX1NJhsaLWac6
WVYsA+nppSt+VVCYB5Ft/AJlJmT4ktbIC+zrqgX7YiLay78RKXpAXdERlfvUsOnQ
OySe0K1BTsE7V5sEehVQnhr/9/TBVoukfJuAhq6mE2/7JKA43A3y18HEiA4oJKWc
hRbmAZe+L/STN1yia889XnMR9NXAjx9Rt2h34gLcwdmpS8yO5kL+irD39j6bNh1W
YamP+op3gmwnQCudebfms9A6NnTD/BmEd2jRAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUNH7EN0JwqVMVx5OJaNquweUGdGQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L05IN0VOMEp3cVZNVng1
T0phTnF1d2VVR2RHUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAJayYJbfQxcKPdOWKfiW+/1E+tMQdPvd
VJKe0erI8QWu2nqQIroL7ADSQLSXff39U3Kutfk50ZDemvpLPAJPQLDZZTYlYPm8
f4LnhkVG2/oVr6fBQsO5NodAGjYhtQ6y+kgS9xqdQuvH7EjFWD4xpfh2jhw83EW4
+aLZoaXUZAz9UwKtqCeQ4es7rBbuCYMMY+lLz5zqTND3BfUAYUGlsdwqVtzml52z
jJz3IYxtoq+xyFnjBTYG4AiE13gm3pwoVqvj/UW0Bm+dCvTVBgsuOD3yZHwCIqUU
AodbaXPBkJUPg9MpOiBunoacxIaCvV+qv5vX/zArPGOupQ8Y11SLfIc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:33:28 2025 by rpki-client