Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/QUPpmfIBs0-1q8DOqZPN3jk1dcM.roa
File: QUPpmfIBs0-1q8DOqZPN3jk1dcM.roa (raw, json)
Hash identifier: UpqdUr1QbqicYUFNdJlZpolIFiTfxSSCQKWUFuf7Efo=
Subject key identifier: 41:43:E9:99:F2:01:B3:4F:B5:AB:C0:CE:A9:93:CD:DE:39:35:75:C3
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3B37
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QUPpmfIBs0-1q8DOqZPN3jk1dcM.roa
Signing time: Sun 07 Apr 2024 12:52:31 +0000
ROA not before: Sun 07 Apr 2024 12:52:31 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15159 (0x3b37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 7 12:52:31 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4143E999F201B34FB5ABC0CEA993CDDE393575C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:fe:ce:55:67:36:20:a6:f3:19:53:d6:78:52:
49:d4:cc:da:3a:1e:4d:93:c3:5b:1c:8b:1d:3b:75:
e9:7e:63:a5:b1:a8:33:43:79:41:7e:01:5b:5a:30:
6f:ab:10:af:2f:54:b0:08:03:58:d0:88:11:32:48:
a5:17:b2:ed:1f:dd:1a:46:c0:49:a7:e4:3b:d0:7e:
33:f1:79:c2:20:59:35:5d:06:ea:38:96:f9:fc:5c:
d3:74:0c:d6:56:b2:b6:77:72:51:2d:9a:43:af:f6:
75:50:c4:e9:f5:1f:c0:ac:ff:a4:66:66:40:e1:34:
b1:8c:3b:43:ac:d8:92:cf:e7:cb:68:38:d8:a3:26:
8d:47:eb:10:e0:a4:a3:c6:68:11:64:70:e4:af:00:
c2:5f:e4:94:a5:44:b4:b7:bd:22:ac:cc:85:d5:a2:
27:e4:bb:a8:77:00:3b:8a:1b:d9:0a:e5:a3:cd:37:
19:ff:d3:4a:5a:c3:30:80:ff:c5:aa:a8:d2:33:46:
09:e1:99:12:4c:64:ac:67:aa:9a:6e:ba:70:63:1c:
ef:f8:3a:d0:0a:c5:44:66:a4:a4:1c:34:3d:47:ae:
22:58:83:a3:f5:3e:63:91:90:52:e4:63:c1:86:23:
c0:d1:38:da:bc:d1:ff:e0:31:6d:68:08:ae:9a:74:
6f:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:43:E9:99:F2:01:B3:4F:B5:AB:C0:CE:A9:93:CD:DE:39:35:75:C3
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QUPpmfIBs0-1q8DOqZPN3jk1dcM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
19:90:c1:30:6a:20:30:3a:9f:b2:f2:a5:1f:36:8e:92:d4:dd:
f8:1f:70:ad:a6:1e:1d:0e:d8:28:d4:fb:98:f9:68:5e:94:87:
d1:0c:d3:6a:82:73:14:54:39:b7:57:57:d9:d7:d5:dc:50:76:
3c:fd:4a:94:18:9a:8a:29:a1:b4:19:55:01:86:8f:0a:8e:c1:
26:40:10:71:51:6e:4f:94:28:01:27:bc:e2:4e:c2:29:9e:44:
d0:c3:f9:bc:ac:d1:4b:0f:d0:1d:90:bc:b6:80:ac:f0:72:91:
00:ac:c1:bc:62:3c:4e:d0:60:2a:1b:1b:ea:4f:30:d3:25:6f:
47:ba:c9:c0:60:5d:04:ca:e4:52:4b:ff:9c:9e:a0:a8:43:24:
71:bb:9c:b1:9b:73:51:3c:ee:66:3c:cb:8b:a5:d5:1b:d3:a9:
b3:d4:fe:68:6b:61:aa:5f:37:49:3e:2e:33:ba:0f:96:43:e8:
94:58:58:f6:71:12:df:51:2b:db:d1:40:7a:25:88:d1:72:ac:
b6:f1:a5:f0:60:fd:ea:38:83:63:06:fc:87:25:49:35:51:ff:
e8:3f:ae:fe:3b:f4:b6:5a:3a:33:4f:c9:22:f3:69:3a:2b:78:
29:3e:9e:b9:f4:18:63:a4:74:ac:60:16:87:f9:63:73:b1:db:
1c:30:cb:74
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICOzcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDcx
MjUyMzFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQxNDNFOTk5RjIwMUIz
NEZCNUFCQzBDRUE5OTNDRERFMzkzNTc1QzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDG/s5VZzYgpvMZU9Z4UknUzNo6Hk2Tw1scix07del+Y6WxqDND
eUF+AVtaMG+rEK8vVLAIA1jQiBEySKUXsu0f3RpGwEmn5DvQfjPxecIgWTVdBuo4
lvn8XNN0DNZWsrZ3clEtmkOv9nVQxOn1H8Cs/6RmZkDhNLGMO0Os2JLP58toONij
Jo1H6xDgpKPGaBFkcOSvAMJf5JSlRLS3vSKszIXVoifku6h3ADuKG9kK5aPNNxn/
00pawzCA/8WqqNIzRgnhmRJMZKxnqppuunBjHO/4OtAKxURmpKQcND1HriJYg6P1
PmORkFLkY8GGI8DRONq80f/gMW1oCK6adG9jAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUQUPpmfIBs0+1q8DOqZPN3jk1dcMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1FVUHBtZklCczAtMXE4
RE9xWlBOM2prMWRjTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBABmQwTBqIDA6n7LypR82jpLU3fgfcK2m
Hh0O2CjU+5j5aF6Uh9EM02qCcxRUObdXV9nX1dxQdjz9SpQYmoopobQZVQGGjwqO
wSZAEHFRbk+UKAEnvOJOwimeRNDD+bys0UsP0B2QvLaArPBykQCswbxiPE7QYCob
G+pPMNMlb0e6ycBgXQTK5FJL/5yeoKhDJHG7nLGbc1E87mY8y4ul1RvTqbPU/mhr
YapfN0k+LjO6D5ZD6JRYWPZxEt9RK9vRQHoliNFyrLbxpfBg/eo4g2MG/IclSTVR
/+g/rv479LZaOjNPySLzaToreCk+nrn0GGOkdKxgFof5Y3Ox2xwwy3Q=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:55 2025 by rpki-client