Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/PMQcrp4ANO2cSTNvoeD4HK-s014.roa
File: PMQcrp4ANO2cSTNvoeD4HK-s014.roa (raw, json)
Hash identifier: QACCrXM4R67KLSzCEiLc927/f2AlQQms4jIBDXNLLcc=
Subject key identifier: 3C:C4:1C:AE:9E:00:34:ED:9C:49:33:6F:A1:E0:F8:1C:AF:AC:D3:5E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4407
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/PMQcrp4ANO2cSTNvoeD4HK-s014.roa
Signing time: Fri 19 Apr 2024 06:53:11 +0000
ROA not before: Fri 19 Apr 2024 06:53:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17415 (0x4407)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 19 06:53:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3CC41CAE9E0034ED9C49336FA1E0F81CAFACD35E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:11:cc:61:bb:f5:88:e1:56:ce:08:e0:ee:b1:
ff:ae:e6:77:67:4e:44:30:e4:aa:20:b1:a6:11:fe:
aa:25:4c:a4:b3:fe:5f:a3:e3:06:f9:c7:ef:02:3a:
1c:47:ab:11:a6:52:1c:88:13:77:aa:b1:b4:f9:f5:
81:34:63:7d:84:3d:89:f0:6d:84:46:b7:09:58:d6:
32:8c:57:d7:06:41:a5:a3:52:32:0c:95:63:34:21:
40:56:b7:5c:86:2d:d8:6c:01:a4:2d:37:a1:f4:f7:
59:27:9c:96:56:ea:ac:9c:f6:e8:04:d4:14:e5:ff:
39:95:02:26:52:ae:22:06:d0:da:32:5c:33:ff:43:
20:d3:fd:c0:13:5c:c0:ff:77:74:82:4e:f5:d1:07:
cc:65:42:bd:36:b0:ed:81:d7:6a:e0:ab:64:2a:09:
f3:0d:e3:12:c7:0c:83:17:d8:47:a7:7d:25:e7:8d:
1c:3a:eb:97:10:2a:31:e4:e1:78:8b:83:38:6c:12:
30:12:06:30:57:92:7f:d7:3f:23:38:11:c8:06:dc:
84:ef:d4:1a:d9:d8:2e:74:05:04:9a:ee:4a:e7:a7:
b1:d5:d8:cf:b9:1d:8e:2e:bd:0c:c6:ec:7a:28:87:
ea:e4:c1:11:cc:e4:f0:eb:c3:91:fb:ef:57:2b:76:
93:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:C4:1C:AE:9E:00:34:ED:9C:49:33:6F:A1:E0:F8:1C:AF:AC:D3:5E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/PMQcrp4ANO2cSTNvoeD4HK-s014.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
75:3e:a0:27:e1:bf:91:35:7a:ec:c4:45:98:d5:a3:79:08:1a:
96:8a:20:6b:d1:ca:d0:8d:fe:d3:2c:f2:dd:ca:5e:f1:6a:70:
52:10:50:12:8c:d1:74:48:f8:27:03:92:3e:76:00:90:87:0c:
35:3f:16:18:bf:17:4f:65:dd:8a:a0:ad:92:c8:ba:94:85:ac:
d1:16:47:f7:9c:6e:93:40:1c:18:9f:08:bf:76:ea:d5:08:14:
d9:f3:62:92:b4:86:a5:90:fb:88:bf:66:f8:a4:aa:26:6d:9b:
41:9a:f3:38:48:67:9c:0d:6a:66:5d:59:61:b9:b1:dd:4b:6d:
de:ea:31:4f:c3:80:45:aa:35:71:fc:ca:b5:5d:47:29:b3:1e:
15:e7:aa:14:38:ab:5b:65:0c:2d:8f:49:4c:6c:77:c7:a5:79:
eb:81:89:1f:f9:ee:ca:bf:34:09:ea:df:49:6b:29:89:91:8e:
45:f9:96:b0:73:96:0a:58:6d:ba:63:93:ae:91:dc:27:17:3f:
52:09:70:d7:2b:1b:aa:4a:ce:3e:79:a0:3d:81:93:59:ee:50:
82:74:59:d9:d1:a4:a9:da:d8:7f:ea:86:72:1a:56:fb:10:60:
23:9c:b1:43:c1:ba:9d:85:42:ec:3f:eb:2d:9f:d7:e5:2a:c7:
4c:9f:a2:f0
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICRAcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTkw
NjUzMTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNDQzQxQ0FFOUUwMDM0
RUQ5QzQ5MzM2RkExRTBGODFDQUZBQ0QzNUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGEcxhu/WI4VbOCODusf+u5ndnTkQw5KogsaYR/qolTKSz/l+j
4wb5x+8COhxHqxGmUhyIE3eqsbT59YE0Y32EPYnwbYRGtwlY1jKMV9cGQaWjUjIM
lWM0IUBWt1yGLdhsAaQtN6H091knnJZW6qyc9ugE1BTl/zmVAiZSriIG0NoyXDP/
QyDT/cATXMD/d3SCTvXRB8xlQr02sO2B12rgq2QqCfMN4xLHDIMX2EenfSXnjRw6
65cQKjHk4XiLgzhsEjASBjBXkn/XPyM4EcgG3ITv1BrZ2C50BQSa7krnp7HV2M+5
HY4uvQzG7Hooh+rkwRHM5PDrw5H771crdpNHAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUPMQcrp4ANO2cSTNvoeD4HK+s014wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1BNUWNycDRBTk8yY1NU
TnZvZUQ0SEstczAxNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAHU+oCfhv5E1euzERZjVo3kIGpaKIGvR
ytCN/tMs8t3KXvFqcFIQUBKM0XRI+CcDkj52AJCHDDU/Fhi/F09l3YqgrZLIupSF
rNEWR/ecbpNAHBifCL926tUIFNnzYpK0hqWQ+4i/ZvikqiZtm0Ga8zhIZ5wNamZd
WWG5sd1Lbd7qMU/DgEWqNXH8yrVdRymzHhXnqhQ4q1tlDC2PSUxsd8eleeuBiR/5
7sq/NAnq30lrKYmRjkX5lrBzlgpYbbpjk66R3CcXP1IJcNcrG6pKzj55oD2Bk1nu
UIJ0WdnRpKna2H/qhnIaVvsQYCOcsUPBup2FQuw/6y2f1+Uqx0yfovA=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:45:02 2025 by rpki-client