Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/YRVrlYzSxQyQePY3BBfGf3Bpw1w.roa
File: YRVrlYzSxQyQePY3BBfGf3Bpw1w.roa (raw, json)
Hash identifier: 3g/NK88blBKjG6M6Lxr1wlhZXKhtIjJz6JKSCxVALSk=
Subject key identifier: 61:15:6B:95:8C:D2:C5:0C:90:78:F6:37:04:17:C6:7F:70:69:C3:5C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 35E3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YRVrlYzSxQyQePY3BBfGf3Bpw1w.roa
Signing time: Sun 31 Mar 2024 10:22:11 +0000
ROA not before: Sun 31 Mar 2024 10:22:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13795 (0x35e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 10:22:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=61156B958CD2C50C9078F6370417C67F7069C35C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:55:94:7d:19:93:11:e9:36:af:26:5a:c3:5d:
86:e9:f9:49:e7:55:54:68:e7:c5:34:3d:98:d8:ae:
a4:87:b7:7b:e7:1c:63:34:61:f2:ed:b8:7c:d5:17:
6d:3c:0a:a3:06:80:ed:13:78:87:25:9f:5f:47:e5:
be:0b:c0:66:b3:2c:34:5a:91:41:79:e8:44:6b:32:
05:99:b1:e0:f8:cf:13:af:10:6b:6f:3e:f3:37:95:
96:93:44:70:b0:15:51:d1:68:d1:7d:e1:8c:92:b5:
05:37:a9:0a:ed:94:3d:3e:86:6b:f0:7a:27:b4:1e:
a7:b6:e4:1b:0e:93:46:79:37:29:bf:6a:02:d6:23:
0e:cf:f1:9b:03:1a:0f:3b:d0:2b:e4:ee:15:d5:82:
e9:cd:ae:40:e6:65:77:1e:45:f4:bf:fb:08:e1:68:
f3:1d:f4:c4:b5:ae:ca:e3:44:41:3d:bc:71:9a:a2:
77:2d:3c:b9:c4:d9:b0:a9:88:43:e9:d5:50:e6:a7:
26:46:5f:dd:12:c3:63:ae:4d:c7:fc:9e:6a:84:a3:
eb:4e:43:b8:9d:8b:ba:6e:5e:5d:6b:12:a3:64:64:
65:8c:de:25:16:9a:5c:0d:91:b6:f8:44:90:df:3d:
04:fd:2b:9f:d2:8b:66:f0:ea:8a:1c:84:43:95:b6:
17:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:15:6B:95:8C:D2:C5:0C:90:78:F6:37:04:17:C6:7F:70:69:C3:5C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YRVrlYzSxQyQePY3BBfGf3Bpw1w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
33:a1:79:44:8a:cb:d1:98:96:b4:c2:82:9d:73:c9:5d:4e:60:
a2:5a:4f:3f:d3:53:01:89:c2:b5:fc:e4:cb:cd:d5:a7:5c:d9:
6b:6a:7a:7c:c0:75:10:6c:b1:e4:eb:73:78:8b:40:b6:3a:8f:
de:1f:33:91:8c:21:19:4f:f6:62:46:15:8c:1e:3b:c4:b0:9a:
ec:60:e3:83:72:39:e1:34:52:cc:45:e0:28:f6:a6:02:75:cc:
15:c2:61:92:83:1c:f8:a7:8e:d7:8f:a2:ab:85:6c:ef:7b:14:
06:ca:b6:d6:f7:ea:37:94:35:e9:d6:a8:59:20:f5:4b:02:a4:
f9:2b:05:b0:ce:7f:ed:dc:cb:a2:86:d9:a0:61:94:2a:3b:9e:
6f:77:f5:e6:8f:78:c2:4a:b8:73:be:be:69:9b:52:3d:cb:a7:
f1:df:16:0c:8a:f6:dc:05:05:c4:9d:5c:80:ca:13:04:4a:22:
28:06:51:d0:08:83:f7:fd:f8:58:76:40:24:45:57:6d:03:02:
70:23:d4:85:44:d8:31:a9:86:29:b1:07:76:c3:83:86:a6:fe:
05:2c:e5:65:bf:25:5f:1b:df:df:99:be:49:2d:77:23:c8:ba:
7b:5c:1d:63:27:1f:1d:69:73:d9:59:c1:77:9c:8e:92:4b:ac:
21:1c:fe:f3
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNeMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEx
MDIyMTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYxMTU2Qjk1OENEMkM1
MEM5MDc4RjYzNzA0MTdDNjdGNzA2OUMzNUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCVZR9GZMR6TavJlrDXYbp+UnnVVRo58U0PZjYrqSHt3vnHGM0
YfLtuHzVF208CqMGgO0TeIcln19H5b4LwGazLDRakUF56ERrMgWZseD4zxOvEGtv
PvM3lZaTRHCwFVHRaNF94YyStQU3qQrtlD0+hmvweie0Hqe25BsOk0Z5Nym/agLW
Iw7P8ZsDGg870Cvk7hXVgunNrkDmZXceRfS/+wjhaPMd9MS1rsrjREE9vHGaonct
PLnE2bCpiEPp1VDmpyZGX90Sw2OuTcf8nmqEo+tOQ7idi7puXl1rEqNkZGWM3iUW
mlwNkbb4RJDfPQT9K5/Si2bw6oochEOVtherAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUYRVrlYzSxQyQePY3BBfGf3Bpw1wwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1lSVnJsWXpTeFF5UWVQ
WTNCQmZHZjNCcHcxdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBADOheUSKy9GYlrTCgp1zyV1OYKJaTz/T
UwGJwrX85MvN1adc2WtqenzAdRBsseTrc3iLQLY6j94fM5GMIRlP9mJGFYweO8Sw
muxg44NyOeE0UsxF4Cj2pgJ1zBXCYZKDHPinjtePoquFbO97FAbKttb36jeUNenW
qFkg9UsCpPkrBbDOf+3cy6KG2aBhlCo7nm939eaPeMJKuHO+vmmbUj3Lp/HfFgyK
9twFBcSdXIDKEwRKIigGUdAIg/f9+Fh2QCRFV20DAnAj1IVE2DGphimxB3bDg4am
/gUs5WW/JV8b39+ZvkktdyPIuntcHWMnHx1pc9lZwXecjpJLrCEc/vM=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:39:58 2025 by rpki-client