Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/YAu63vNDlA8X016TDVXvTGMMJH0.roa
File: YAu63vNDlA8X016TDVXvTGMMJH0.roa (raw, json)
Hash identifier: gPcddy1O5ddDRozOBYZU2Nsda9/3aKxqLA4/cH2kGWY=
Subject key identifier: 60:0B:BA:DE:F3:43:94:0F:17:D3:5E:93:0D:55:EF:4C:63:0C:24:7D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4A93
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YAu63vNDlA8X016TDVXvTGMMJH0.roa
Signing time: Sun 28 Apr 2024 00:23:25 +0000
ROA not before: Sun 28 Apr 2024 00:23:25 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19091 (0x4a93)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 28 00:23:25 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=600BBADEF343940F17D35E930D55EF4C630C247D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:75:74:6f:24:5e:b0:fc:71:cb:7d:b1:9e:c0:
17:8e:be:24:71:5c:9b:86:d7:cd:fc:b3:41:e9:94:
7b:3f:cf:48:d4:1d:f6:42:82:13:49:ba:f2:b0:2a:
74:42:9c:5e:cf:d2:54:65:a3:d8:ee:84:9f:9d:f2:
e4:22:a8:15:f3:1c:77:0b:e4:46:ea:3b:f5:dd:c8:
d8:c1:bd:e0:4c:67:1c:3e:ba:90:db:72:7f:3d:c6:
bd:9a:2c:9d:d5:aa:5b:da:00:aa:59:53:6f:d9:b9:
60:f9:1f:5e:95:45:ea:0c:63:1c:f7:35:72:8f:87:
aa:e3:d8:f2:e3:23:88:53:32:38:f9:47:ee:6b:88:
7b:35:ef:fa:e1:e8:63:42:78:f5:73:cf:33:22:d2:
af:1f:29:71:a4:e5:35:fc:58:5a:2d:99:8f:85:42:
a3:2a:40:9b:21:78:21:9e:ba:98:34:6d:b3:8c:38:
55:2c:a8:29:bd:df:a5:79:5a:bd:5f:0e:a2:c9:62:
9f:73:e9:2b:0c:be:9d:14:46:cc:06:33:10:25:bc:
3a:0e:58:66:e4:c9:f1:2c:4d:dc:22:ec:d7:13:dc:
1d:bb:0b:0a:df:e0:e7:26:44:7f:1b:b4:8c:13:7f:
1a:8b:00:47:04:08:75:7c:30:7c:b9:20:0e:32:99:
0c:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:0B:BA:DE:F3:43:94:0F:17:D3:5E:93:0D:55:EF:4C:63:0C:24:7D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YAu63vNDlA8X016TDVXvTGMMJH0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
aa:fb:ea:b8:76:58:c8:b0:cd:12:0f:6e:04:0f:bd:1a:2b:00:
2e:1b:12:18:f2:f4:0c:5e:79:a3:94:27:0e:6c:6c:c4:43:f3:
c3:8e:c0:0e:6b:35:df:2f:1b:86:4b:ad:28:ad:2f:b2:ce:da:
e0:b1:44:ec:43:20:72:ef:98:6a:0a:e4:d3:53:0b:72:90:82:
6b:72:b7:5f:54:26:ce:e4:ff:74:58:fc:ae:bf:b4:49:b6:bd:
47:c7:30:2e:ec:d4:df:d5:2c:87:61:57:85:20:c7:13:91:c5:
e4:6f:96:13:d7:8d:83:ab:08:eb:23:98:1f:78:a9:b5:77:02:
9d:16:ba:87:0d:ed:49:e6:aa:d2:0a:f8:3b:db:08:05:08:ea:
98:a5:51:25:e3:50:ed:fc:c3:0a:ea:41:da:0c:6a:eb:d4:7b:
dd:b4:31:51:cf:14:86:68:e2:9f:0a:2a:71:94:2b:a8:8b:78:
b7:12:c3:34:a9:79:e7:c3:d6:52:f4:32:ee:5a:61:b5:71:31:
5c:40:98:ed:f8:e1:76:13:a1:fb:3d:3f:68:cf:41:6c:4a:ce:
c9:11:94:c1:8f:19:c6:05:e9:78:9f:0c:2d:a8:6a:9a:e8:8f:
e4:98:bc:14:ca:66:9a:63:e5:a0:a4:ea:60:58:7a:c4:97:62:
67:01:02:e6
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICSpMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjgw
MDIzMjVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYwMEJCQURFRjM0Mzk0
MEYxN0QzNUU5MzBENTVFRjRDNjMwQzI0N0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQdXRvJF6w/HHLfbGewBeOviRxXJuG1838s0HplHs/z0jUHfZC
ghNJuvKwKnRCnF7P0lRlo9juhJ+d8uQiqBXzHHcL5EbqO/XdyNjBveBMZxw+upDb
cn89xr2aLJ3VqlvaAKpZU2/ZuWD5H16VReoMYxz3NXKPh6rj2PLjI4hTMjj5R+5r
iHs17/rh6GNCePVzzzMi0q8fKXGk5TX8WFotmY+FQqMqQJsheCGeupg0bbOMOFUs
qCm936V5Wr1fDqLJYp9z6SsMvp0URswGMxAlvDoOWGbkyfEsTdwi7NcT3B27Cwrf
4OcmRH8btIwTfxqLAEcECHV8MHy5IA4ymQxRAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUYAu63vNDlA8X016TDVXvTGMMJH0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1lBdTYzdk5EbEE4WDAx
NlREVlh2VEdNTUpIMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAKr76rh2WMiwzRIPbgQPvRorAC4bEhjy
9AxeeaOUJw5sbMRD88OOwA5rNd8vG4ZLrSitL7LO2uCxROxDIHLvmGoK5NNTC3KQ
gmtyt19UJs7k/3RY/K6/tEm2vUfHMC7s1N/VLIdhV4UgxxORxeRvlhPXjYOrCOsj
mB94qbV3Ap0WuocN7UnmqtIK+DvbCAUI6pilUSXjUO38wwrqQdoMauvUe920MVHP
FIZo4p8KKnGUK6iLeLcSwzSpeefD1lL0Mu5aYbVxMVxAmO344XYTofs9P2jPQWxK
zskRlMGPGcYF6XifDC2oaproj+SYvBTKZppj5aCk6mBYesSXYmcBAuY=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:04:46 2025 by rpki-client