Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/UVb1oatZcTYR4fsDC8zDerHcRuY.roa
File: UVb1oatZcTYR4fsDC8zDerHcRuY.roa (raw, json)
Hash identifier: YrabObVvnoUDQ63oOvkIKsYwppA9U/wGXYFOS3SgXcw=
Subject key identifier: 51:56:F5:A1:AB:59:71:36:11:E1:FB:03:0B:CC:C3:7A:B1:DC:46:E6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3A7B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/UVb1oatZcTYR4fsDC8zDerHcRuY.roa
Signing time: Sat 06 Apr 2024 13:22:27 +0000
ROA not before: Sat 06 Apr 2024 13:22:27 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14971 (0x3a7b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 6 13:22:27 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5156F5A1AB59713611E1FB030BCCC37AB1DC46E6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:6e:13:b2:4a:7c:72:cf:e6:53:5a:92:5a:23:
d7:7a:74:f2:d2:bf:fb:f5:5a:6d:56:a0:4a:26:cc:
55:19:79:6d:7f:48:1d:3d:0c:8c:3b:78:1d:0d:25:
ad:57:75:ac:f0:1c:a1:16:45:b0:35:8f:95:00:21:
88:6e:db:42:14:a6:f4:0b:77:1c:5d:b0:dd:f8:4d:
3c:07:ad:bc:2c:d0:bd:52:e1:39:dd:e9:c9:e2:7f:
98:4f:1f:16:11:3a:d2:fd:58:48:e9:17:82:88:10:
df:de:22:de:bd:4f:f1:c5:05:0e:7a:e8:49:65:95:
a6:e5:1e:80:47:33:53:9a:2f:52:61:96:3e:9f:ff:
cd:da:83:b8:85:8d:fc:c9:8a:9e:b6:29:70:80:38:
2c:0f:22:f3:44:61:da:29:5d:b4:75:8b:59:9a:bd:
45:4a:33:d1:7e:9d:2e:2d:43:f2:0f:ba:8d:c9:63:
bb:f3:3e:84:0e:b9:58:49:3e:be:41:3b:9a:5d:e7:
73:a5:df:13:54:2a:ee:12:a4:9a:1a:c1:62:be:82:
40:dd:83:3f:75:1a:81:d1:d8:87:25:ad:70:03:58:
d1:a7:66:23:0a:dc:37:3c:84:c1:5e:55:f7:07:45:
15:25:15:83:8f:16:4a:34:52:ea:36:ed:f5:57:9e:
3e:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:56:F5:A1:AB:59:71:36:11:E1:FB:03:0B:CC:C3:7A:B1:DC:46:E6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/UVb1oatZcTYR4fsDC8zDerHcRuY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
09:ac:ca:0a:fd:6e:0d:51:28:59:1e:9b:a0:7d:5a:d2:3d:f0:
f2:25:6f:70:15:53:47:fa:61:96:35:49:34:9a:3c:88:0b:df:
58:37:cb:fc:ed:47:8e:b8:47:44:d3:9d:e0:07:49:cc:67:cb:
ca:ae:b9:b9:7f:77:7e:43:22:88:79:ba:75:87:36:2a:15:d4:
7a:e9:1e:ac:09:79:a6:23:f1:d7:e2:26:0e:8a:ad:d5:4f:45:
31:7a:11:8c:5c:1b:01:4f:42:6e:5f:59:10:5c:0d:26:84:4d:
67:59:79:52:d3:08:78:9d:5b:70:b8:87:e9:36:d7:66:cc:01:
fb:30:c2:74:7f:8a:8c:84:97:00:46:1a:c6:f7:ea:1b:6a:25:
3a:fe:35:9c:bf:16:a1:c3:3d:e5:d2:4e:fc:e1:49:83:5e:2e:
02:5a:1b:a9:ed:81:f8:74:d2:90:36:6d:5b:4c:87:42:b8:3f:
b8:8d:fa:1b:ae:34:4f:0f:f5:54:ce:38:ff:b4:e3:84:9f:4c:
2e:3f:25:cb:32:cd:6b:0c:19:af:0a:65:88:6b:8a:58:bb:6b:
51:f5:8e:da:db:c8:cf:50:c1:8d:45:88:d8:17:b1:82:c1:ce:
c1:f5:b7:1d:d3:14:dd:ec:11:a7:61:87:42:d3:f0:81:b8:75:
3a:f4:bf:ba
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICOnswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDYx
MzIyMjdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUxNTZGNUExQUI1OTcx
MzYxMUUxRkIwMzBCQ0NDMzdBQjFEQzQ2RTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEbhOySnxyz+ZTWpJaI9d6dPLSv/v1Wm1WoEomzFUZeW1/SB09
DIw7eB0NJa1XdazwHKEWRbA1j5UAIYhu20IUpvQLdxxdsN34TTwHrbws0L1S4Tnd
6cnif5hPHxYROtL9WEjpF4KIEN/eIt69T/HFBQ566ElllablHoBHM1OaL1Jhlj6f
/83ag7iFjfzJip62KXCAOCwPIvNEYdopXbR1i1mavUVKM9F+nS4tQ/IPuo3JY7vz
PoQOuVhJPr5BO5pd53Ol3xNUKu4SpJoawWK+gkDdgz91GoHR2IclrXADWNGnZiMK
3Dc8hMFeVfcHRRUlFYOPFko0Uuo27fVXnj7lAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUUVb1oatZcTYR4fsDC8zDerHcRuYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1VWYjFvYXRaY1RZUjRm
c0RDOHpEZXJIY1J1WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAAmsygr9bg1RKFkem6B9WtI98PIlb3AV
U0f6YZY1STSaPIgL31g3y/ztR464R0TTneAHScxny8quubl/d35DIoh5unWHNioV
1HrpHqwJeaYj8dfiJg6KrdVPRTF6EYxcGwFPQm5fWRBcDSaETWdZeVLTCHidW3C4
h+k212bMAfswwnR/ioyElwBGGsb36htqJTr+NZy/FqHDPeXSTvzhSYNeLgJaG6nt
gfh00pA2bVtMh0K4P7iN+huuNE8P9VTOOP+044SfTC4/JcsyzWsMGa8KZYhrili7
a1H1jtrbyM9QwY1FiNgXsYLBzsH1tx3TFN3sEadhh0LT8IG4dTr0v7o=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:35:17 2025 by rpki-client