Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Q0DrnNduUqNa1G7IQJWqmmbzkAI.roa
File: Q0DrnNduUqNa1G7IQJWqmmbzkAI.roa (raw, json)
Hash identifier: sxO4fhW1IsaScUUMx9pOX70vyio5UJHs9u1l+a6hhgI=
Subject key identifier: 43:40:EB:9C:D7:6E:52:A3:5A:D4:6E:C8:40:95:AA:9A:66:F3:90:02
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 37DF
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Q0DrnNduUqNa1G7IQJWqmmbzkAI.roa
Signing time: Wed 03 Apr 2024 01:52:20 +0000
ROA not before: Wed 03 Apr 2024 01:52:20 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14303 (0x37df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 3 01:52:20 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4340EB9CD76E52A35AD46EC84095AA9A66F39002
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:74:93:c0:04:c9:c3:ec:28:bf:e4:a5:f6:33:
9b:6d:1d:09:e8:90:1c:c9:f1:71:48:70:01:65:1c:
7f:5b:a2:ff:1a:9f:8c:e0:d7:28:1a:9b:1a:71:f3:
30:1b:1d:a9:5e:aa:bc:34:7d:a6:80:b4:d6:47:3a:
f4:3c:12:9c:0d:45:71:fa:8d:40:37:75:05:9c:64:
9a:3a:36:e6:25:c7:ee:86:2d:fa:77:8c:8a:2e:08:
11:26:2e:33:3c:81:69:6e:71:a1:5b:b0:3b:e1:49:
31:90:21:11:9c:a2:ff:44:26:2c:44:15:22:47:52:
65:fa:a6:1f:3b:79:96:f4:f1:5c:c2:7a:16:32:4c:
ea:cf:54:9b:d4:94:dd:a1:83:60:5d:17:59:9b:8a:
7c:00:9a:73:88:ba:9d:b3:27:89:79:d6:35:d6:87:
05:af:a8:d4:00:a1:d8:a6:56:5f:00:34:f1:ab:f9:
8d:8a:23:59:9e:32:8e:cf:8a:61:72:37:02:66:e9:
73:b8:24:e0:b9:e2:ba:a7:ce:9e:b1:19:b0:a7:01:
26:37:4b:fb:bf:99:4e:08:9b:f9:5f:50:81:fe:39:
c4:c4:58:d6:06:95:94:ef:a3:ab:51:19:38:aa:db:
b4:a9:82:c3:5b:5d:14:73:cd:d9:60:f0:d3:67:72:
11:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:40:EB:9C:D7:6E:52:A3:5A:D4:6E:C8:40:95:AA:9A:66:F3:90:02
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Q0DrnNduUqNa1G7IQJWqmmbzkAI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
b1:6d:2c:5e:07:5f:42:c5:96:b5:35:ec:be:93:4b:ab:29:f9:
86:64:2d:f0:da:db:2c:98:60:5e:9e:e7:62:20:7b:3d:07:88:
21:da:8b:a4:0c:73:0a:40:fa:4e:a3:ac:ca:3a:b7:77:3d:91:
ed:1c:af:6d:14:2f:d5:24:ce:45:8b:99:10:ca:11:0f:ed:60:
7c:ca:ae:a3:fc:33:8e:8e:d6:6d:b5:a1:16:c6:c6:c4:55:b5:
09:b4:f7:bd:c7:27:d3:ad:a4:10:49:e3:34:b1:e3:ae:b8:92:
23:b2:77:93:3b:e3:f7:b1:3a:84:0b:da:e3:03:e5:d6:33:d1:
53:3a:72:c5:ae:53:84:aa:29:28:93:1f:43:de:b4:3d:aa:48:
da:fd:2b:4d:b9:f7:cd:e4:0b:0e:76:1a:82:4f:0c:aa:67:55:
83:59:9a:48:16:21:9d:3d:75:ae:59:cd:be:84:c9:34:31:d4:
95:59:a6:94:30:b3:d4:60:64:06:f8:9b:85:d2:f3:d2:8c:11:
27:74:bd:99:52:44:e6:25:93:e9:a3:a9:a1:ed:0c:20:85:6e:
ca:9d:84:ca:c5:55:61:aa:5b:7e:01:f7:fe:79:6d:1c:e6:2e:
27:e1:a1:1d:62:93:32:10:f2:89:d8:78:6a:d3:b3:73:57:84:
5f:2e:12:9a
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICN98wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDMw
MTUyMjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQzNDBFQjlDRDc2RTUy
QTM1QUQ0NkVDODQwOTVBQTlBNjZGMzkwMDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLdJPABMnD7Ci/5KX2M5ttHQnokBzJ8XFIcAFlHH9bov8an4zg
1ygamxpx8zAbHaleqrw0faaAtNZHOvQ8EpwNRXH6jUA3dQWcZJo6NuYlx+6GLfp3
jIouCBEmLjM8gWlucaFbsDvhSTGQIRGcov9EJixEFSJHUmX6ph87eZb08VzCehYy
TOrPVJvUlN2hg2BdF1mbinwAmnOIup2zJ4l51jXWhwWvqNQAodimVl8ANPGr+Y2K
I1meMo7PimFyNwJm6XO4JOC54rqnzp6xGbCnASY3S/u/mU4Im/lfUIH+OcTEWNYG
lZTvo6tRGTiq27SpgsNbXRRzzdlg8NNnchEZAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUQ0DrnNduUqNa1G7IQJWqmmbzkAIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1EwRHJuTmR1VXFOYTFH
N0lRSldxbW1iemtBSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALFtLF4HX0LFlrU17L6TS6sp+YZkLfDa
2yyYYF6e52Igez0HiCHai6QMcwpA+k6jrMo6t3c9ke0cr20UL9UkzkWLmRDKEQ/t
YHzKrqP8M46O1m21oRbGxsRVtQm0973HJ9OtpBBJ4zSx4664kiOyd5M74/exOoQL
2uMD5dYz0VM6csWuU4SqKSiTH0PetD2qSNr9K025983kCw52GoJPDKpnVYNZmkgW
IZ09da5Zzb6EyTQx1JVZppQws9RgZAb4m4XS89KMESd0vZlSROYlk+mjqaHtDCCF
bsqdhMrFVWGqW34B9/55bRzmLifhoR1ikzIQ8onYeGrTs3NXhF8uEpo=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:45:08 2025 by rpki-client