Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/XBy-2oaLDkJsUn3vPAcHZpYKkFM.roa
File: XBy-2oaLDkJsUn3vPAcHZpYKkFM.roa (raw, json)
Hash identifier: SbK08co6gF5VsXA7W4GPUJ2H5y7lvbHpsF5JmlI3Hvk=
Subject key identifier: 5C:1C:BE:DA:86:8B:0E:42:6C:52:7D:EF:3C:07:07:66:96:0A:90:53
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3597
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/XBy-2oaLDkJsUn3vPAcHZpYKkFM.roa
Signing time: Sun 31 Mar 2024 00:52:09 +0000
ROA not before: Sun 31 Mar 2024 00:52:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13719 (0x3597)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 00:52:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5C1CBEDA868B0E426C527DEF3C070766960A9053
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:2f:fb:2a:36:08:9f:c8:5d:7a:69:41:b3:1d:
61:33:ec:2f:e4:02:d0:a4:8d:85:b8:9e:26:81:77:
cf:24:eb:35:3a:39:53:d5:8e:4f:43:f8:57:6b:7d:
74:0d:2a:df:1f:5a:96:9a:33:9c:79:f8:de:21:39:
bc:82:4a:c0:a2:82:7f:cb:6c:f0:27:99:8a:31:97:
f4:83:87:ac:5b:40:0a:f2:8d:ca:44:b4:08:78:43:
8a:c5:1f:86:8e:3d:80:c4:22:fc:9c:fd:85:03:e2:
2f:18:0b:ce:64:f7:43:57:71:d9:75:4e:7a:ff:01:
91:c2:91:a4:74:47:f1:fb:1b:21:d2:b7:9f:97:1a:
ac:12:a6:a4:20:0f:fc:9f:94:dd:db:99:c2:ea:66:
4c:3d:8a:70:b6:d8:3e:e7:40:23:fc:f6:40:5c:d0:
d0:7f:69:9c:8d:27:ae:af:39:c8:69:d8:42:dd:10:
c5:02:52:e5:34:b4:9d:85:11:3e:da:69:4d:dd:c7:
bd:20:a9:6b:49:51:bc:f4:2f:0a:ca:05:cb:c0:2b:
3f:6e:62:05:3f:19:b6:4a:41:02:cc:d5:eb:7f:b2:
0b:75:2a:cd:8e:39:f9:57:51:ea:88:fd:e2:fb:2e:
14:e3:ad:af:a3:eb:03:fe:4b:14:87:9d:ad:85:54:
e9:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:1C:BE:DA:86:8B:0E:42:6C:52:7D:EF:3C:07:07:66:96:0A:90:53
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/XBy-2oaLDkJsUn3vPAcHZpYKkFM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
25:a3:b4:57:10:f8:e1:a5:80:22:57:0b:23:c9:f3:92:f5:3f:
26:f1:30:5d:0c:28:9a:3a:32:13:2f:c1:df:fa:ea:a4:6a:c0:
e9:d2:65:b4:6b:4d:be:56:27:70:f2:51:88:ee:ed:a5:18:42:
4a:74:1f:26:27:eb:e1:d6:6a:52:8a:8e:f7:38:0b:94:f9:d5:
dc:d3:1d:ee:f7:66:80:b6:9e:d1:64:05:ea:e8:d7:e0:6c:1a:
d3:5d:f7:0d:f0:39:a0:b1:75:fc:b4:b9:10:8b:5d:28:be:e9:
18:73:40:fa:6b:0c:4d:29:17:bc:4b:70:2d:ba:bc:f6:32:c1:
a9:49:33:ae:b0:7d:e0:87:0d:37:e4:17:74:59:9f:3f:33:8b:
52:2a:f4:44:31:9d:1a:49:16:e7:8c:ee:47:17:88:99:89:69:
fd:17:1f:d6:28:98:04:e5:68:ff:4c:e0:3c:1f:cb:57:a1:2f:
e8:84:c5:72:41:4e:0a:d0:72:01:8e:63:d4:32:19:af:8c:0c:
b1:fa:1b:3d:74:55:80:5c:b9:da:3c:29:d4:7c:a6:18:e4:35:
38:b3:8f:65:e4:c5:63:c4:90:e5:35:a0:49:7e:4d:9f:e3:c2:
9b:25:de:5c:fc:e9:f7:c3:d1:b0:92:c2:49:52:eb:05:b3:39:
9f:e3:b4:3d
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNZcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEw
MDUyMDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVDMUNCRURBODY4QjBF
NDI2QzUyN0RFRjNDMDcwNzY2OTYwQTkwNTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYL/sqNgifyF16aUGzHWEz7C/kAtCkjYW4niaBd88k6zU6OVPV
jk9D+FdrfXQNKt8fWpaaM5x5+N4hObyCSsCign/LbPAnmYoxl/SDh6xbQAryjcpE
tAh4Q4rFH4aOPYDEIvyc/YUD4i8YC85k90NXcdl1Tnr/AZHCkaR0R/H7GyHSt5+X
GqwSpqQgD/yflN3bmcLqZkw9inC22D7nQCP89kBc0NB/aZyNJ66vOchp2ELdEMUC
UuU0tJ2FET7aaU3dx70gqWtJUbz0LwrKBcvAKz9uYgU/GbZKQQLM1et/sgt1Ks2O
OflXUeqI/eL7LhTjra+j6wP+SxSHna2FVOkPAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUXBy+2oaLDkJsUn3vPAcHZpYKkFMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1hCeS0yb2FMRGtKc1Vu
M3ZQQWNIWnBZS2tGTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBACWjtFcQ+OGlgCJXCyPJ85L1PybxMF0M
KJo6MhMvwd/66qRqwOnSZbRrTb5WJ3DyUYju7aUYQkp0HyYn6+HWalKKjvc4C5T5
1dzTHe73ZoC2ntFkBero1+BsGtNd9w3wOaCxdfy0uRCLXSi+6RhzQPprDE0pF7xL
cC26vPYywalJM66wfeCHDTfkF3RZnz8zi1Iq9EQxnRpJFueM7kcXiJmJaf0XH9Yo
mATlaP9M4Dwfy1ehL+iExXJBTgrQcgGOY9QyGa+MDLH6Gz10VYBcudo8KdR8phjk
NTizj2XkxWPEkOU1oEl+TZ/jwpsl3lz86ffD0bCSwklS6wWzOZ/jtD0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:02:19 2025 by rpki-client