Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/NNb1BhAMmfp5OhHSDk1vqfB0-h4.roa
File: NNb1BhAMmfp5OhHSDk1vqfB0-h4.roa (raw, json)
Hash identifier: PrVqzTrFf8DYpcxOWOx0JT/4/NjUwkBd4eJ2hHh9mEo=
Subject key identifier: 34:D6:F5:06:10:0C:99:FA:79:3A:11:D2:0E:4D:6F:A9:F0:74:FA:1E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 56B3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/NNb1BhAMmfp5OhHSDk1vqfB0-h4.roa
Signing time: Tue 14 May 2024 04:24:08 +0000
ROA not before: Tue 14 May 2024 04:24:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22195 (0x56b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 14 04:24:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=34D6F506100C99FA793A11D20E4D6FA9F074FA1E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f5:48:b3:e7:de:e7:5c:91:44:44:51:ed:20:
fa:f0:c3:34:a4:49:97:32:79:4c:7a:a3:ce:4f:55:
fc:51:7d:84:7f:eb:4b:cf:ca:67:95:de:fd:0b:10:
dc:2a:71:d5:53:6a:a5:3b:54:93:c9:b2:37:dc:be:
8d:f0:15:31:84:28:9a:9f:b4:78:60:cf:b0:1a:fa:
cd:29:c2:48:d6:c3:24:d4:1d:67:8e:6b:61:08:a5:
cc:29:d1:26:67:8a:eb:91:29:44:0c:78:85:15:6d:
05:3c:6e:54:5c:a5:49:5c:23:cc:54:41:5d:1a:2b:
6c:2e:bc:0a:a8:69:ab:92:69:49:e3:c2:dc:74:5a:
74:c6:44:4a:1d:7d:ed:e2:a2:44:ff:81:83:8f:2e:
37:5f:3c:d8:2f:f0:29:dd:f8:a2:cc:5c:01:d5:de:
e5:43:0f:f5:7f:39:92:ad:ae:f7:bf:ef:18:83:ea:
3c:4b:70:20:af:54:12:a2:17:f8:1f:f6:f0:06:07:
3f:5f:6a:dc:b5:b4:30:0d:68:0d:a4:5d:a4:8d:67:
72:f9:7d:a0:c9:14:ed:d8:c6:df:f3:9c:84:94:b3:
09:7e:ae:d9:6e:ec:42:c4:db:ad:ae:26:84:3c:68:
cb:d5:07:5a:51:c3:f0:82:ea:f4:3b:ef:b9:e9:3a:
79:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:D6:F5:06:10:0C:99:FA:79:3A:11:D2:0E:4D:6F:A9:F0:74:FA:1E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/NNb1BhAMmfp5OhHSDk1vqfB0-h4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
b0:23:49:f0:18:f0:51:3e:46:7d:43:49:fe:68:61:0a:a3:c4:
cd:bf:31:67:41:0c:06:53:7c:fa:34:e5:5f:67:72:b2:b1:29:
92:41:81:cb:12:0a:a0:7e:34:b6:0c:73:d9:ad:71:9c:14:4d:
e9:34:e0:54:58:5e:b0:62:88:33:1f:d3:67:12:75:73:bf:9d:
c5:3b:e0:cd:cf:65:90:86:04:53:a0:12:ac:d6:08:98:4f:21:
32:02:2d:7a:42:9f:e8:ec:06:0c:f0:5a:ea:42:17:15:e6:fc:
7b:8b:67:36:48:25:3b:23:d0:54:11:30:57:90:fb:63:f8:99:
cd:89:ee:7d:a8:0c:32:4a:dc:c6:c8:cf:7d:05:8b:2c:af:3d:
95:b1:bb:f4:84:5e:7b:75:1f:f1:9f:98:44:fb:c5:7a:25:8f:
c4:83:9e:d0:ca:22:61:67:10:79:b1:55:d4:ad:03:40:54:8c:
b5:8e:e3:eb:a3:ed:b7:bc:d4:0d:42:b9:d2:9d:c9:9d:d7:ef:
97:17:f4:24:e1:07:04:d5:94:fe:39:bd:cc:39:73:e9:b0:fe:
2f:23:18:22:0d:83:ca:72:3b:ac:bf:68:4c:2e:4c:9b:5a:b8:
72:ee:3f:08:6a:84:24:66:0f:ec:0b:75:bc:c4:42:a2:fe:4c:
71:25:47:42
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICVrMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTQw
NDI0MDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM0RDZGNTA2MTAwQzk5
RkE3OTNBMTFEMjBFNEQ2RkE5RjA3NEZBMUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDD9Uiz597nXJFERFHtIPrwwzSkSZcyeUx6o85PVfxRfYR/60vP
ymeV3v0LENwqcdVTaqU7VJPJsjfcvo3wFTGEKJqftHhgz7Aa+s0pwkjWwyTUHWeO
a2EIpcwp0SZniuuRKUQMeIUVbQU8blRcpUlcI8xUQV0aK2wuvAqoaauSaUnjwtx0
WnTGREodfe3iokT/gYOPLjdfPNgv8Cnd+KLMXAHV3uVDD/V/OZKtrve/7xiD6jxL
cCCvVBKiF/gf9vAGBz9faty1tDANaA2kXaSNZ3L5faDJFO3Yxt/znISUswl+rtlu
7ELE262uJoQ8aMvVB1pRw/CC6vQ777npOnnbAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUNNb1BhAMmfp5OhHSDk1vqfB0+h4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L05OYjFCaEFNbWZwNU9o
SFNEazF2cWZCMC1oNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALAjSfAY8FE+Rn1DSf5oYQqjxM2/MWdB
DAZTfPo05V9ncrKxKZJBgcsSCqB+NLYMc9mtcZwUTek04FRYXrBiiDMf02cSdXO/
ncU74M3PZZCGBFOgEqzWCJhPITICLXpCn+jsBgzwWupCFxXm/HuLZzZIJTsj0FQR
MFeQ+2P4mc2J7n2oDDJK3MbIz30FiyyvPZWxu/SEXnt1H/GfmET7xXolj8SDntDK
ImFnEHmxVdStA0BUjLWO4+uj7be81A1CudKdyZ3X75cX9CThBwTVlP45vcw5c+mw
/i8jGCINg8pyO6y/aEwuTJtauHLuPwhqhCRmD+wLdbzEQqL+THElR0I=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:48:03 2025 by rpki-client