Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/RBbbVDoymWHB4GRMx6xh4mgXpkc.roa
File: RBbbVDoymWHB4GRMx6xh4mgXpkc.roa (raw, json)
Hash identifier: 7Z9YfJatauJciyHVeKZP+0Uw860TU7ZplJVuN1Aa4W8=
Subject key identifier: 44:16:DB:54:3A:32:99:61:C1:E0:64:4C:C7:AC:61:E2:68:17:A6:47
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 54C3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/RBbbVDoymWHB4GRMx6xh4mgXpkc.roa
Signing time: Sat 11 May 2024 14:24:10 +0000
ROA not before: Sat 11 May 2024 14:24:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21699 (0x54c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 11 14:24:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4416DB543A329961C1E0644CC7AC61E26817A647
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a0:fb:5e:74:91:0f:b4:3f:cf:c3:52:01:35:
a1:da:69:20:c9:94:6b:5d:a4:54:19:20:67:eb:21:
13:c5:dd:e6:08:cd:1f:02:89:54:2b:aa:17:5f:40:
98:2d:44:d1:3c:c8:85:17:69:75:b3:30:34:5c:ae:
2f:fc:2b:2f:a3:06:5f:a7:e4:fe:11:c4:82:73:da:
c7:48:f0:da:b5:fe:0e:51:52:83:18:38:bf:5c:6e:
4c:7b:13:7d:64:85:66:eb:0f:77:e8:5b:b3:e5:f1:
85:7e:38:45:70:2c:5d:74:b1:d4:69:6a:27:98:e1:
ad:2b:eb:a9:3c:da:d8:68:ee:61:80:a5:48:04:6c:
e3:70:09:a9:5c:ad:e0:9b:d3:11:26:75:98:73:63:
0b:9d:c8:35:aa:10:24:96:4e:80:63:03:bd:74:f8:
f1:96:b7:b5:ed:90:3f:e6:9c:4a:ea:f0:d6:0b:72:
4d:28:a1:5c:29:e3:67:dd:a5:01:5f:47:6b:f8:6e:
95:ac:3d:36:50:90:0c:87:a4:e0:63:bd:7c:d6:e7:
ab:3d:d3:ab:c6:57:1d:35:68:c5:fe:b4:fc:65:5b:
ca:b6:17:b6:40:6c:93:20:bf:1c:10:e6:90:08:a7:
7d:69:0f:e2:b4:31:f2:10:1d:c3:94:d8:4d:2e:71:
d0:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:16:DB:54:3A:32:99:61:C1:E0:64:4C:C7:AC:61:E2:68:17:A6:47
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/RBbbVDoymWHB4GRMx6xh4mgXpkc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
5c:30:5a:8b:a8:67:a0:65:a1:23:8b:ad:c6:45:65:0d:07:e9:
8b:e7:08:6f:2f:6f:01:8f:38:6e:77:af:82:26:ee:e3:85:a0:
53:0e:20:1a:64:a5:b8:6a:64:80:70:a6:52:90:f8:15:1d:b2:
e9:a2:45:b4:b6:a9:a9:fb:70:d5:5c:ad:2c:f3:ce:ab:09:d2:
56:14:25:fd:e3:56:c5:b2:f0:3b:e2:2a:01:cb:b4:4c:bd:f7:
b9:bb:65:d2:cf:ab:0d:aa:45:f7:b2:da:a8:87:1c:65:4a:96:
67:a6:a6:ab:03:56:90:8d:2f:60:c7:b7:3d:98:e3:fa:86:95:
2e:3a:e4:4f:d4:59:fd:1b:e9:11:90:19:77:77:1a:1b:74:2b:
4e:55:a8:2c:f5:95:be:59:07:b1:da:cf:79:f8:2e:a9:b2:31:
50:1e:c2:09:4c:cb:2b:12:19:c9:30:72:4e:9d:78:c9:fa:81:
54:41:b2:17:77:e1:38:5d:a2:88:4f:3f:76:06:5c:1e:57:ab:
6f:e0:76:1f:cb:91:e6:26:2f:7d:4f:ea:bb:b0:ec:ee:0c:be:
b5:1a:80:e4:4f:0b:27:99:53:aa:41:21:f7:69:fa:63:22:33:
14:06:80:a5:64:1e:59:c2:d0:52:2d:42:70:0c:45:ac:c2:c8:
44:48:42:aa
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICVMMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTEx
NDI0MTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ0MTZEQjU0M0EzMjk5
NjFDMUUwNjQ0Q0M3QUM2MUUyNjgxN0E2NDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCoPtedJEPtD/Pw1IBNaHaaSDJlGtdpFQZIGfrIRPF3eYIzR8C
iVQrqhdfQJgtRNE8yIUXaXWzMDRcri/8Ky+jBl+n5P4RxIJz2sdI8Nq1/g5RUoMY
OL9cbkx7E31khWbrD3foW7Pl8YV+OEVwLF10sdRpaieY4a0r66k82tho7mGApUgE
bONwCalcreCb0xEmdZhzYwudyDWqECSWToBjA710+PGWt7XtkD/mnErq8NYLck0o
oVwp42fdpQFfR2v4bpWsPTZQkAyHpOBjvXzW56s906vGVx01aMX+tPxlW8q2F7ZA
bJMgvxwQ5pAIp31pD+K0MfIQHcOU2E0ucdCtAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQURBbbVDoymWHB4GRMx6xh4mgXpkcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1JCYmJWRG95bVdIQjRH
Uk14NnhoNG1nWHBrYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFwwWouoZ6BloSOLrcZFZQ0H6YvnCG8v
bwGPOG53r4Im7uOFoFMOIBpkpbhqZIBwplKQ+BUdsumiRbS2qan7cNVcrSzzzqsJ
0lYUJf3jVsWy8DviKgHLtEy997m7ZdLPqw2qRfey2qiHHGVKlmempqsDVpCNL2DH
tz2Y4/qGlS465E/UWf0b6RGQGXd3Ght0K05VqCz1lb5ZB7Haz3n4LqmyMVAewglM
yysSGckwck6deMn6gVRBshd34ThdoohPP3YGXB5Xq2/gdh/LkeYmL31P6ruw7O4M
vrUagORPCyeZU6pBIfdp+mMiMxQGgKVkHlnC0FItQnAMRazCyERIQqo=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:47:16 2025 by rpki-client