Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Uaq_PhGHYkI-Yq8h7y_YIYHYsTo.roa
File: Uaq_PhGHYkI-Yq8h7y_YIYHYsTo.roa (raw, json)
Hash identifier: hBlZDxlijuZ7vhofHaqzVCq7Cxl3hltzigBo8dAyABE=
Subject key identifier: 51:AA:BF:3E:11:87:62:42:3E:62:AF:21:EF:2F:D8:21:81:D8:B1:3A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 447B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Uaq_PhGHYkI-Yq8h7y_YIYHYsTo.roa
Signing time: Fri 19 Apr 2024 21:23:05 +0000
ROA not before: Fri 19 Apr 2024 21:23:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17531 (0x447b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 19 21:23:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=51AABF3E118762423E62AF21EF2FD82181D8B13A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d9:1c:32:c2:c9:c8:30:59:03:26:92:e1:2b:
61:6f:ce:d7:36:f1:9b:0b:40:a4:fb:ff:0c:25:c5:
5a:d5:49:5c:6a:e0:d8:1b:53:00:75:cd:db:0d:e6:
a6:bc:76:1d:5a:c6:1a:f1:ee:ed:0d:7e:14:5b:e1:
3b:ad:b9:19:b0:f8:14:34:9e:0c:7d:89:85:2a:0a:
34:3a:b1:bd:03:60:0b:07:a7:a9:38:6c:8f:e0:d2:
94:19:3f:39:d4:02:1e:b7:a2:68:a3:cb:0e:4e:1b:
c9:ed:a7:1e:0e:20:12:0a:10:65:ef:e8:f0:d0:31:
50:e8:fa:f3:16:f8:29:7c:12:58:19:1f:01:d4:e7:
53:56:14:b8:6f:84:23:b0:0e:32:a2:d7:b0:f1:25:
c4:f4:01:0f:7d:a8:86:3b:77:b3:eb:fd:69:2c:4d:
20:fb:84:6c:02:f8:70:a4:02:43:71:2d:74:60:52:
2f:e4:fa:aa:b8:6f:81:ce:88:a9:3c:1d:56:02:d9:
91:18:40:5c:b4:ba:12:d3:81:61:d7:15:6c:56:4c:
86:6a:28:3d:a9:e1:0c:b8:d4:ec:ea:18:43:b8:42:
05:e2:1c:83:c0:4b:ee:b7:61:31:0f:84:34:f2:b1:
e4:b1:e2:cf:99:3e:71:ea:bd:8c:72:31:68:c1:a9:
bd:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:AA:BF:3E:11:87:62:42:3E:62:AF:21:EF:2F:D8:21:81:D8:B1:3A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Uaq_PhGHYkI-Yq8h7y_YIYHYsTo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
0f:ba:4f:03:73:83:fd:75:84:6e:d9:38:03:b7:d4:ae:03:05:
a3:b9:d1:41:76:87:49:7c:f2:fa:33:99:7f:39:95:7c:c4:cf:
db:85:95:56:25:a7:c5:20:1d:75:b2:9e:54:8f:be:71:4d:91:
29:a5:52:1b:6e:25:4e:27:ed:ec:fe:bb:ec:70:61:00:3e:20:
a6:bf:b5:52:05:5c:14:ab:2a:5c:38:9e:6d:5a:90:2f:51:9d:
a1:b8:13:4c:6c:3d:cf:6b:c8:19:0a:01:3b:55:9c:ab:20:94:
97:8a:01:65:8e:1d:a4:46:6a:ce:bb:88:5e:06:7a:aa:5d:62:
ad:f9:1e:8f:e6:85:34:9b:08:1f:7c:80:8c:fb:44:88:a3:b5:
34:44:25:32:aa:af:42:84:6c:5a:22:47:f1:c9:29:ae:78:17:
20:72:01:e0:be:00:f9:f5:eb:f5:b3:91:ed:c9:d9:68:07:e9:
80:5d:e9:7a:0c:e4:8f:c9:25:12:4a:28:a3:25:13:78:51:04:
1c:b1:25:99:e9:79:13:9d:3f:7d:8e:a0:48:96:7e:b1:02:a7:
86:61:e6:5b:64:17:86:a4:28:78:a4:2f:02:8f:ae:d3:63:24:
58:31:90:cd:3c:2d:7e:55:61:2d:23:ec:7a:eb:70:e1:ae:0f:
9d:8f:15:0a
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICRHswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTky
MTIzMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUxQUFCRjNFMTE4NzYy
NDIzRTYyQUYyMUVGMkZEODIxODFEOEIxM0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDH2RwywsnIMFkDJpLhK2Fvztc28ZsLQKT7/wwlxVrVSVxq4Ngb
UwB1zdsN5qa8dh1axhrx7u0NfhRb4TutuRmw+BQ0ngx9iYUqCjQ6sb0DYAsHp6k4
bI/g0pQZPznUAh63omijyw5OG8ntpx4OIBIKEGXv6PDQMVDo+vMW+Cl8ElgZHwHU
51NWFLhvhCOwDjKi17DxJcT0AQ99qIY7d7Pr/WksTSD7hGwC+HCkAkNxLXRgUi/k
+qq4b4HOiKk8HVYC2ZEYQFy0uhLTgWHXFWxWTIZqKD2p4Qy41OzqGEO4QgXiHIPA
S+63YTEPhDTyseSx4s+ZPnHqvYxyMWjBqb0lAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUUaq/PhGHYkI+Yq8h7y/YIYHYsTowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1VhcV9QaEdIWWtJLVlx
OGg3eV9ZSVlIWXNUby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAA+6TwNzg/11hG7ZOAO31K4DBaO50UF2
h0l88vozmX85lXzEz9uFlVYlp8UgHXWynlSPvnFNkSmlUhtuJU4n7ez+u+xwYQA+
IKa/tVIFXBSrKlw4nm1akC9RnaG4E0xsPc9ryBkKATtVnKsglJeKAWWOHaRGas67
iF4GeqpdYq35Ho/mhTSbCB98gIz7RIijtTREJTKqr0KEbFoiR/HJKa54FyByAeC+
APn16/Wzke3J2WgH6YBd6XoM5I/JJRJKKKMlE3hRBByxJZnpeROdP32OoEiWfrEC
p4Zh5ltkF4akKHikLwKPrtNjJFgxkM08LX5VYS0j7HrrcOGuD52PFQo=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:38:35 2025 by rpki-client