Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/SSzmmu0pcMpeJ3qh3ey-B7iwc3I.roa
File: SSzmmu0pcMpeJ3qh3ey-B7iwc3I.roa (raw, json)
Hash identifier: ycin9lyULsvu3hvq7gvXOkNE12UNXbywALzX09W6oI0=
Subject key identifier: 49:2C:E6:9A:ED:29:70:CA:5E:27:7A:A1:DD:EC:BE:07:B8:B0:73:72
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3AFB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/SSzmmu0pcMpeJ3qh3ey-B7iwc3I.roa
Signing time: Sun 07 Apr 2024 05:22:30 +0000
ROA not before: Sun 07 Apr 2024 05:22:30 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15099 (0x3afb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 7 05:22:30 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=492CE69AED2970CA5E277AA1DDECBE07B8B07372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:8b:8e:03:8b:6b:df:3c:ee:60:cb:af:a3:a0:
66:09:c9:6a:c6:03:bb:eb:ef:bc:94:cf:75:6f:bf:
69:69:fa:42:bf:51:da:34:45:10:51:14:e4:d5:04:
2e:5a:83:7f:84:ec:11:07:0e:8e:28:33:38:ac:e7:
0c:e3:46:b2:59:5c:5e:52:e1:87:b4:5c:ed:2a:87:
5a:fa:ce:bc:38:5f:c2:53:ad:c5:4e:87:46:bc:2f:
f4:11:e5:a9:fc:40:22:a1:52:f0:c8:a8:f9:a0:19:
ac:98:a1:a6:49:a3:6f:b1:f3:e8:04:60:60:b3:1a:
28:4c:92:d6:cf:09:5d:0a:dc:17:0a:7b:93:e0:18:
40:6b:54:c2:8d:dc:ca:17:3e:0e:d5:73:e1:9f:6e:
56:2a:f7:f9:24:53:e6:d6:df:8e:0c:60:4a:a1:1d:
2d:e5:b2:db:1c:e8:9d:df:fe:b0:86:90:cb:a0:35:
54:4b:49:54:ea:1d:d3:36:27:5d:00:81:d8:d9:af:
80:3e:4b:1d:e1:40:3f:ef:af:b2:b4:64:d1:fc:da:
9b:a3:d5:88:c8:0b:cf:48:7d:33:9b:cf:cf:c2:b8:
f5:be:ed:50:cd:fc:6a:b8:fe:db:73:4b:b2:e4:fb:
06:c7:a9:99:14:55:7e:d5:d8:c1:ef:a2:53:d8:a6:
c5:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:2C:E6:9A:ED:29:70:CA:5E:27:7A:A1:DD:EC:BE:07:B8:B0:73:72
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/SSzmmu0pcMpeJ3qh3ey-B7iwc3I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
b3:c5:fc:6e:6a:d0:13:b1:97:eb:03:37:a2:bb:dd:02:45:0a:
28:6d:cc:1f:18:5a:7a:54:19:71:45:cb:c8:29:7e:ca:15:c9:
17:fe:26:8e:f5:ca:9f:48:d6:ed:84:3b:dd:16:a3:cf:74:a6:
a4:76:39:70:f2:70:7b:62:ba:ed:5c:bc:cf:c1:4c:5f:56:a4:
4c:33:2c:85:72:7d:3c:fc:ee:f1:e9:3a:c5:77:d1:6c:93:56:
53:81:d9:65:6c:68:ef:9d:e2:84:03:f2:00:3c:32:85:21:55:
09:16:9b:9b:d2:27:52:35:ae:32:94:b3:4b:76:6c:22:25:45:
15:a3:b7:13:9d:57:62:46:ee:fd:7a:56:79:a7:b5:db:eb:51:
c9:39:fb:4d:c9:a4:d2:0f:87:9d:64:fd:a7:cc:66:a2:11:5c:
3b:56:26:3b:41:6b:32:b7:df:5e:6b:b8:0c:6e:ff:77:ee:71:
c1:98:aa:ac:05:bb:93:af:14:dc:bb:68:cc:ac:74:8d:3c:32:
14:db:84:f1:ad:c7:8d:9e:6e:46:6a:5f:9e:7a:70:d7:96:a2:
5d:31:23:a0:c5:23:83:45:13:5d:45:14:a7:67:13:cd:7f:9e:
87:dd:78:c9:4c:fb:17:b2:a3:8d:12:23:b3:86:38:d3:15:04:
2c:59:c7:c7
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICOvswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDcw
NTIyMzBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ5MkNFNjlBRUQyOTcw
Q0E1RTI3N0FBMURERUNCRTA3QjhCMDczNzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDii44Di2vfPO5gy6+joGYJyWrGA7vr77yUz3Vvv2lp+kK/Udo0
RRBRFOTVBC5ag3+E7BEHDo4oMzis5wzjRrJZXF5S4Ye0XO0qh1r6zrw4X8JTrcVO
h0a8L/QR5an8QCKhUvDIqPmgGayYoaZJo2+x8+gEYGCzGihMktbPCV0K3BcKe5Pg
GEBrVMKN3MoXPg7Vc+GfblYq9/kkU+bW344MYEqhHS3lstsc6J3f/rCGkMugNVRL
SVTqHdM2J10AgdjZr4A+Sx3hQD/vr7K0ZNH82puj1YjIC89IfTObz8/CuPW+7VDN
/Gq4/ttzS7Lk+wbHqZkUVX7V2MHvolPYpsU7AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUSSzmmu0pcMpeJ3qh3ey+B7iwc3IwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1NTem1tdTBwY01wZUoz
cWgzZXktQjdpd2MzSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALPF/G5q0BOxl+sDN6K73QJFCihtzB8Y
WnpUGXFFy8gpfsoVyRf+Jo71yp9I1u2EO90Wo890pqR2OXDycHtiuu1cvM/BTF9W
pEwzLIVyfTz87vHpOsV30WyTVlOB2WVsaO+d4oQD8gA8MoUhVQkWm5vSJ1I1rjKU
s0t2bCIlRRWjtxOdV2JG7v16VnmntdvrUck5+03JpNIPh51k/afMZqIRXDtWJjtB
azK3315ruAxu/3fuccGYqqwFu5OvFNy7aMysdI08MhTbhPGtx42ebkZqX556cNeW
ol0xI6DFI4NFE11FFKdnE81/nofdeMlM+xeyo40SI7OGONMVBCxZx8c=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:38:43 2025 by rpki-client