Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/S_LuT-keaPvt9vKa2szAVMc5qZA.roa
File: S_LuT-keaPvt9vKa2szAVMc5qZA.roa (raw, json)
Hash identifier: AjMKzgshWPWFMcbLgM9gmHucIhlDZUpm6KlW8Im3zuQ=
Subject key identifier: 4B:F2:EE:4F:E9:1E:68:FB:ED:F6:F2:9A:DA:CC:C0:54:C7:39:A9:90
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 48E3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/S_LuT-keaPvt9vKa2szAVMc5qZA.roa
Signing time: Thu 25 Apr 2024 18:23:32 +0000
ROA not before: Thu 25 Apr 2024 18:23:32 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18659 (0x48e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 25 18:23:32 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4BF2EE4FE91E68FBEDF6F29ADACCC054C739A990
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:7f:e2:64:73:0a:86:2b:ae:aa:17:ab:00:6c:
28:90:54:4e:05:c2:cf:e0:ab:83:ec:2d:f7:f9:91:
a5:bc:6c:98:a0:a0:0a:fc:8d:50:de:f4:5e:a9:86:
0a:b5:ff:4e:ce:99:c4:23:7d:09:b5:8a:b5:3c:9b:
65:37:cc:9f:0f:4c:a6:ab:49:a3:23:da:0e:3e:78:
f3:a2:44:6e:7e:f0:8c:63:7d:0a:00:51:86:43:69:
76:dd:b4:5d:77:05:bb:b5:fc:d9:92:8f:82:15:cf:
9e:72:94:70:2d:90:89:16:21:7e:57:aa:3c:3a:63:
e7:03:dc:9c:46:04:3e:60:07:cd:21:4b:90:f0:96:
e6:98:0f:19:5f:c9:4d:fc:13:82:c2:97:1a:ab:18:
5b:4d:3a:27:8f:80:b2:9d:96:b6:c4:23:bc:34:ea:
bd:50:a4:17:38:81:6d:39:20:ec:eb:4e:ff:2e:56:
19:ff:e1:6c:74:8f:d6:64:3b:36:b2:7f:a9:93:2e:
55:5b:15:97:d9:e0:e4:b3:20:b2:3e:5b:c5:0e:12:
0a:ea:78:5c:a1:81:e6:74:3d:9a:a8:70:54:85:6c:
27:cf:e7:48:d5:d8:d6:17:56:9a:c3:67:a4:35:c9:
17:ee:2e:12:cf:c6:c7:de:bf:c2:a3:9d:85:ef:34:
ca:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:F2:EE:4F:E9:1E:68:FB:ED:F6:F2:9A:DA:CC:C0:54:C7:39:A9:90
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/S_LuT-keaPvt9vKa2szAVMc5qZA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
3a:49:66:fb:3e:67:56:32:b8:4c:36:b0:f6:11:c8:0d:1c:00:
e5:29:9b:41:3a:6c:77:9d:c8:40:62:91:48:ab:fc:3b:13:07:
b0:88:05:3d:7e:07:81:02:c9:df:d9:cb:b5:70:34:48:ad:a5:
b3:4a:48:1d:43:4c:7f:7a:8e:50:c8:7d:d4:b6:cc:da:a0:28:
99:c3:c4:0d:99:aa:d7:c0:65:e4:23:b9:2c:01:76:20:22:2e:
68:e0:3c:69:a6:eb:db:9f:d4:b7:88:74:94:64:0c:5b:09:ff:
43:3b:bb:99:ba:af:a1:cf:4c:29:74:50:87:d4:90:74:e3:97:
17:6a:43:58:75:af:3a:27:0a:56:fc:9d:d5:c7:7b:2d:91:86:
4d:d4:b6:c9:1a:c6:3a:bb:d8:55:ad:e9:16:e9:62:66:10:92:
5b:8d:2a:c8:e2:1d:69:1e:d0:31:48:1e:35:77:a5:2b:00:9e:
58:ce:f5:5d:45:12:62:50:0b:4f:87:18:52:40:2c:19:fd:10:
ff:e8:d5:15:b0:76:c9:da:cb:cc:c7:ab:7a:6c:5f:6c:3b:f3:
ac:60:bb:81:fb:58:35:7b:f0:f4:0e:6b:39:47:47:5a:7f:d8:
a4:32:08:08:c8:fc:79:96:36:03:39:53:66:cb:a1:88:78:4d:
df:b1:81:9d
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICSOMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjUx
ODIzMzJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRCRjJFRTRGRTkxRTY4
RkJFREY2RjI5QURBQ0NDMDU0QzczOUE5OTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQf+JkcwqGK66qF6sAbCiQVE4Fws/gq4PsLff5kaW8bJigoAr8
jVDe9F6phgq1/07OmcQjfQm1irU8m2U3zJ8PTKarSaMj2g4+ePOiRG5+8IxjfQoA
UYZDaXbdtF13Bbu1/NmSj4IVz55ylHAtkIkWIX5Xqjw6Y+cD3JxGBD5gB80hS5Dw
luaYDxlfyU38E4LClxqrGFtNOiePgLKdlrbEI7w06r1QpBc4gW05IOzrTv8uVhn/
4Wx0j9ZkOzayf6mTLlVbFZfZ4OSzILI+W8UOEgrqeFyhgeZ0PZqocFSFbCfP50jV
2NYXVprDZ6Q1yRfuLhLPxsfev8KjnYXvNMphAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUS/LuT+keaPvt9vKa2szAVMc5qZAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1NfTHVULWtlYVB2dDl2
S2Eyc3pBVk1jNXFaQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBADpJZvs+Z1YyuEw2sPYRyA0cAOUpm0E6
bHedyEBikUir/DsTB7CIBT1+B4ECyd/Zy7VwNEitpbNKSB1DTH96jlDIfdS2zNqg
KJnDxA2ZqtfAZeQjuSwBdiAiLmjgPGmm69uf1LeIdJRkDFsJ/0M7u5m6r6HPTCl0
UIfUkHTjlxdqQ1h1rzonClb8ndXHey2Rhk3Utskaxjq72FWt6RbpYmYQkluNKsji
HWke0DFIHjV3pSsAnljO9V1FEmJQC0+HGFJALBn9EP/o1RWwdsnay8zHq3psX2w7
86xgu4H7WDV78PQOazlHR1p/2KQyCAjI/HmWNgM5U2bLoYh4Td+xgZ0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:36:26 2025 by rpki-client