Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Z9SGO96Xv70gEG4_SiE4TX8rq4Q.roa
File: Z9SGO96Xv70gEG4_SiE4TX8rq4Q.roa (raw, json)
Hash identifier: UTgifuW6BdjyEy017k3fjRBLHQf6LohZfX7uxzTnpbA=
Subject key identifier: 67:D4:86:3B:DE:97:BF:BD:20:10:6E:3F:4A:21:38:4D:7F:2B:AB:84
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 33F7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Z9SGO96Xv70gEG4_SiE4TX8rq4Q.roa
Signing time: Thu 28 Mar 2024 20:52:05 +0000
ROA not before: Thu 28 Mar 2024 20:52:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13303 (0x33f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 28 20:52:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=67D4863BDE97BFBD20106E3F4A21384D7F2BAB84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b9:52:5c:44:3f:52:50:56:2a:2d:53:01:ee:
fb:60:36:b8:19:ee:ed:d6:c1:85:64:30:d0:17:13:
01:9d:49:7e:4b:98:2f:fe:94:72:db:a0:49:4a:88:
19:ae:ef:0c:21:29:a7:a8:7a:a3:f0:72:44:ce:6c:
ae:32:b2:95:9d:97:38:3c:5f:6a:63:49:3c:cd:32:
67:72:81:1f:13:ba:06:0f:c7:c5:56:d2:7e:b5:74:
72:e9:c6:58:94:60:b9:02:fb:20:83:31:61:fd:d1:
10:2f:ca:01:68:9c:4f:97:4a:8c:25:05:c0:d5:47:
57:14:77:65:77:94:7a:39:f9:af:ed:31:6c:eb:2a:
a6:dc:f9:b1:7f:a6:dc:fa:7a:dd:ec:b6:f0:f5:5c:
68:06:2f:ff:fb:d3:2b:f2:0b:6d:c5:1a:fa:93:79:
9d:e3:ef:f1:42:69:41:7a:4b:7a:a6:09:53:30:73:
08:89:56:60:72:f3:8b:ac:a4:98:05:10:5c:3d:35:
69:21:01:27:a0:78:45:02:22:35:95:54:6f:cf:fd:
a9:77:47:df:dd:2d:86:9a:02:e7:10:d5:e3:36:0c:
e6:ce:0d:23:7e:7a:0f:87:f9:0d:90:8a:b8:0c:5b:
ce:51:63:6d:a1:d6:bb:c2:16:50:4f:05:6b:5a:f8:
66:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:D4:86:3B:DE:97:BF:BD:20:10:6E:3F:4A:21:38:4D:7F:2B:AB:84
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Z9SGO96Xv70gEG4_SiE4TX8rq4Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
44:19:05:b5:03:69:8e:b6:de:e5:63:e1:9f:19:d0:0f:c6:ac:
1d:e2:04:37:6f:50:56:95:d0:f8:32:eb:d7:bf:a7:f3:20:9b:
36:31:6c:0e:59:bf:66:77:aa:d4:e0:5f:1e:62:ba:e0:42:a5:
37:54:5b:91:7f:be:53:8c:37:aa:86:fc:80:1c:f8:29:76:fd:
f4:67:a1:c2:b4:29:9e:3f:a3:9f:ed:61:6f:f0:63:97:87:39:
83:3d:06:25:43:c4:c1:74:f7:c5:c3:62:b1:41:89:b0:00:d5:
23:3c:a6:f7:bc:74:ce:b5:6e:66:61:c8:3f:6d:27:c9:82:54:
92:6e:95:47:46:59:11:25:64:4b:26:92:6f:ee:1a:d3:77:03:
ab:7d:6f:c4:92:84:3e:0f:e5:6f:36:23:fe:d9:72:d7:76:66:
31:10:ba:82:2d:85:e4:cd:3a:61:35:41:1c:76:8f:4d:91:9c:
bb:fe:79:56:5d:87:cd:ad:5c:31:2c:bb:b0:17:47:ac:90:26:
14:69:58:fd:9b:a9:6f:de:5d:42:b2:2c:b0:3c:50:df:48:11:
34:90:ef:ec:25:45:28:a5:9e:98:ea:84:02:ae:32:16:07:53:
68:20:58:23:5a:e6:a5:3b:92:0f:5d:62:09:1f:91:35:c3:04:
e1:78:fb:36
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICM/cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjgy
MDUyMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY3RDQ4NjNCREU5N0JG
QkQyMDEwNkUzRjRBMjEzODREN0YyQkFCODQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzuVJcRD9SUFYqLVMB7vtgNrgZ7u3WwYVkMNAXEwGdSX5LmC/+
lHLboElKiBmu7wwhKaeoeqPwckTObK4yspWdlzg8X2pjSTzNMmdygR8TugYPx8VW
0n61dHLpxliUYLkC+yCDMWH90RAvygFonE+XSowlBcDVR1cUd2V3lHo5+a/tMWzr
Kqbc+bF/ptz6et3stvD1XGgGL//70yvyC23FGvqTeZ3j7/FCaUF6S3qmCVMwcwiJ
VmBy84uspJgFEFw9NWkhASegeEUCIjWVVG/P/al3R9/dLYaaAucQ1eM2DObODSN+
eg+H+Q2QirgMW85RY22h1rvCFlBPBWta+GaxAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUZ9SGO96Xv70gEG4/SiE4TX8rq4QwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1o5U0dPOTZYdjcwZ0VH
NF9TaUU0VFg4cnE0US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAEQZBbUDaY623uVj4Z8Z0A/GrB3iBDdv
UFaV0Pgy69e/p/MgmzYxbA5Zv2Z3qtTgXx5iuuBCpTdUW5F/vlOMN6qG/IAc+Cl2
/fRnocK0KZ4/o5/tYW/wY5eHOYM9BiVDxMF098XDYrFBibAA1SM8pve8dM61bmZh
yD9tJ8mCVJJulUdGWRElZEsmkm/uGtN3A6t9b8SShD4P5W82I/7Zctd2ZjEQuoIt
heTNOmE1QRx2j02RnLv+eVZdh82tXDEsu7AXR6yQJhRpWP2bqW/eXUKyLLA8UN9I
ETSQ7+wlRSilnpjqhAKuMhYHU2ggWCNa5qU7kg9dYgkfkTXDBOF4+zY=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:42:56 2025 by rpki-client