Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/YScHYHMcQCid5iWZr5wuMlILQJM.roa
File: YScHYHMcQCid5iWZr5wuMlILQJM.roa (raw, json)
Hash identifier: cNe1pg8B7wNXwadUe9Y71WzshLEucKC++ILMbYIDpz4=
Subject key identifier: 61:27:07:60:73:1C:40:28:9D:E6:25:99:AF:9C:2E:32:52:0B:40:93
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3DC3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YScHYHMcQCid5iWZr5wuMlILQJM.roa
Signing time: Wed 10 Apr 2024 22:22:47 +0000
ROA not before: Wed 10 Apr 2024 22:22:47 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15811 (0x3dc3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 10 22:22:47 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=61270760731C40289DE62599AF9C2E32520B4093
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7a:1f:82:e7:67:0f:f4:ea:b0:22:38:ba:53:
8c:e1:d8:56:b3:e4:ab:86:bd:e6:19:d6:d8:53:03:
b7:4c:24:40:f0:88:19:07:bc:29:b6:87:36:85:a7:
1a:6f:d9:cd:b3:f4:88:d1:ea:3a:f7:c2:93:52:0f:
92:4c:99:68:19:0b:9a:25:8b:74:c4:91:a0:f9:0e:
ed:85:23:fa:ec:50:e0:99:6c:c7:12:c1:29:11:98:
94:94:69:93:ab:6b:fe:11:51:f6:4a:6f:55:ee:17:
67:4d:2e:2a:e2:c7:a4:af:71:c5:5e:f5:36:66:d5:
63:5e:8b:d2:3a:27:8f:e7:79:9c:f6:b2:93:73:03:
85:cf:b1:2f:03:cc:fe:2e:2d:15:c8:27:c5:23:7f:
67:57:e5:e9:c0:b7:7d:a3:ff:68:ec:86:d7:b7:1c:
1c:a4:cc:e8:10:cf:33:3a:0a:cb:43:48:05:9f:0a:
e7:db:ef:91:8d:9e:ab:56:ba:0a:ae:bb:e1:d8:8d:
6c:fb:dc:09:34:fc:27:bb:01:0e:2b:5c:86:7f:d8:
a9:04:8a:25:0a:1d:86:94:aa:7a:28:47:4e:73:23:
08:4a:4e:07:bb:86:97:dc:69:fa:3d:a0:d3:8f:44:
e8:0c:00:0a:ee:fd:ff:28:5b:06:a4:ac:61:c1:dc:
13:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:27:07:60:73:1C:40:28:9D:E6:25:99:AF:9C:2E:32:52:0B:40:93
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YScHYHMcQCid5iWZr5wuMlILQJM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
3e:4e:26:a6:61:d9:60:8c:15:71:0a:5d:90:9f:56:43:58:d5:
1f:e9:ae:c6:16:ad:60:f8:d1:00:b5:29:4c:0b:e8:37:27:be:
e7:cf:a9:10:e0:66:22:6f:72:c7:5d:38:ed:25:ef:e1:51:2c:
3b:ac:1b:0b:43:60:18:70:cc:70:30:64:ea:43:20:dc:6b:de:
fe:a0:a9:a0:c5:56:a5:c0:dc:eb:0f:27:3f:bf:47:c6:8c:d3:
2f:9d:5e:5f:62:56:4d:ee:7a:5c:46:76:2d:c3:ee:6a:ec:dd:
37:45:9e:0d:e8:ce:62:b1:c3:7c:3e:b8:46:33:25:7c:3f:9c:
2b:78:e8:c0:32:ea:25:47:76:7c:18:c7:68:f1:7a:eb:4f:ef:
b2:cc:f6:c0:61:d4:78:ec:0b:9c:ba:94:00:9e:1c:c5:04:f5:
fe:63:4e:7d:e4:99:ef:c1:fa:ef:60:8b:75:38:b4:20:69:26:
97:92:b5:8c:6b:38:00:35:1c:8b:c0:26:42:e6:d3:97:97:00:
72:c2:92:11:1e:d8:f6:14:fe:d4:d7:1a:62:82:6f:90:46:29:
a7:52:0a:ab:b0:ba:7c:c4:85:1f:98:95:4e:7e:de:70:b8:91:
23:3e:80:2d:6e:ff:13:fd:4e:32:74:22:e9:83:b4:da:88:34:
0d:98:98:98
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPcMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTAy
MjIyNDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYxMjcwNzYwNzMxQzQw
Mjg5REU2MjU5OUFGOUMyRTMyNTIwQjQwOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCteh+C52cP9OqwIji6U4zh2Faz5KuGveYZ1thTA7dMJEDwiBkH
vCm2hzaFpxpv2c2z9IjR6jr3wpNSD5JMmWgZC5oli3TEkaD5Du2FI/rsUOCZbMcS
wSkRmJSUaZOra/4RUfZKb1XuF2dNLirix6SvccVe9TZm1WNei9I6J4/neZz2spNz
A4XPsS8DzP4uLRXIJ8Ujf2dX5enAt32j/2jshte3HBykzOgQzzM6CstDSAWfCufb
75GNnqtWugquu+HYjWz73Ak0/Ce7AQ4rXIZ/2KkEiiUKHYaUqnooR05zIwhKTge7
hpfcafo9oNOPROgMAAru/f8oWwakrGHB3BP/AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUYScHYHMcQCid5iWZr5wuMlILQJMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1lTY0hZSE1jUUNpZDVp
V1pyNXd1TWxJTFFKTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAD5OJqZh2WCMFXEKXZCfVkNY1R/prsYW
rWD40QC1KUwL6DcnvufPqRDgZiJvcsddOO0l7+FRLDusGwtDYBhwzHAwZOpDINxr
3v6gqaDFVqXA3OsPJz+/R8aM0y+dXl9iVk3uelxGdi3D7mrs3TdFng3ozmKxw3w+
uEYzJXw/nCt46MAy6iVHdnwYx2jxeutP77LM9sBh1HjsC5y6lACeHMUE9f5jTn3k
me/B+u9gi3U4tCBpJpeStYxrOAA1HIvAJkLm05eXAHLCkhEe2PYU/tTXGmKCb5BG
KadSCquwunzEhR+YlU5+3nC4kSM+gC1u/xP9TjJ0IumDtNqINA2YmJg=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:41:24 2025 by rpki-client