Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ZuLgsHz2UTzs-VGT9f9BeQk8SK0.roa
File: ZuLgsHz2UTzs-VGT9f9BeQk8SK0.roa (raw, json)
Hash identifier: 7X7p1/rEWXL/CgQyak/oWLloGXAOhVrIfmxkyb/WQsY=
Subject key identifier: 66:E2:E0:B0:7C:F6:51:3C:EC:F9:51:93:F5:FF:41:79:09:3C:48:AD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 361F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ZuLgsHz2UTzs-VGT9f9BeQk8SK0.roa
Signing time: Sun 31 Mar 2024 17:52:11 +0000
ROA not before: Sun 31 Mar 2024 17:52:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13855 (0x361f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 17:52:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=66E2E0B07CF6513CECF95193F5FF4179093C48AD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:76:44:e6:2a:29:2e:f4:5e:e0:04:04:0c:73:
90:e2:90:ae:90:bc:1f:29:43:dc:28:43:d8:c0:a3:
c6:85:34:7a:06:d7:0c:1b:93:d8:9c:18:3e:1c:00:
46:63:a7:da:1f:b3:d6:31:36:b2:8d:b3:44:6a:8d:
d9:4a:4e:39:65:cf:f8:ea:fa:56:91:7a:af:b8:5d:
f9:1e:98:57:e2:38:77:5a:1a:92:0f:a1:6c:7d:d4:
d9:34:8f:6d:fa:85:f9:69:fe:a3:4e:01:11:96:cc:
64:4a:fd:de:7c:1b:2c:db:13:f0:cf:f4:42:8e:ca:
0e:a5:6a:c9:a0:20:99:04:3b:c5:8e:92:80:0c:8f:
54:91:4a:b7:af:df:21:15:ce:a4:3b:30:27:0f:b8:
92:ae:5c:66:90:98:f9:7e:38:6c:bb:a6:95:c5:d5:
65:35:19:25:cd:61:ae:32:ee:8b:a3:7e:88:9d:f1:
b4:19:fc:6a:f8:22:fe:eb:8d:dd:76:bf:00:5b:38:
8c:5b:d6:a1:66:8c:17:ce:ae:96:66:80:4d:79:f3:
be:a1:2e:37:cc:3b:e4:aa:b9:c4:c9:94:00:f2:9c:
42:2f:4d:c1:8c:d2:60:e6:9c:0b:dd:99:02:06:e1:
99:8d:ec:af:67:76:ba:72:78:3b:e3:3d:0e:16:22:
55:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:E2:E0:B0:7C:F6:51:3C:EC:F9:51:93:F5:FF:41:79:09:3C:48:AD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ZuLgsHz2UTzs-VGT9f9BeQk8SK0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
96:ef:27:8c:c5:aa:20:d9:c0:5d:ed:02:bf:f8:fd:96:f1:04:
eb:ae:f9:46:3e:95:80:ee:f1:ae:78:a6:e8:68:82:2b:07:ca:
3c:cb:1a:b9:77:d7:80:93:92:aa:54:8d:e4:1e:36:c4:5a:08:
49:f9:08:7f:ec:15:af:81:0b:35:8d:9e:b2:b6:4f:a1:5f:ef:
86:54:99:b9:36:7d:d4:99:11:ee:ad:4b:07:f7:63:cd:5c:3b:
1b:0f:bd:82:f8:bf:9d:a4:40:c9:16:90:bb:ce:a9:50:17:ef:
11:34:06:45:a8:3c:ec:8b:d0:30:87:d4:6c:e2:30:9b:a8:01:
5c:9a:c9:de:e6:56:fc:f7:cf:18:7f:bc:e0:6d:f4:0c:7a:49:
da:7a:69:20:78:30:c1:36:51:a4:ef:8f:55:31:c8:27:d8:d9:
ce:e0:d9:d2:81:03:d4:12:25:8e:5a:f8:60:7e:25:49:fc:f1:
b9:4c:94:2b:70:7e:7e:16:3a:4e:79:1c:bb:8e:cf:74:19:be:
d4:a5:86:26:a9:d2:4c:92:19:26:a0:4e:71:79:17:b6:3e:a9:
1a:66:df:e6:fd:5a:f2:98:0b:4b:28:ce:4e:83:06:88:b4:b1:
56:7d:a1:57:50:2b:3e:f1:ad:6e:73:6b:ec:a3:3d:5f:bc:4c:
6f:3c:d1:56
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNh8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEx
NzUyMTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY2RTJFMEIwN0NGNjUx
M0NFQ0Y5NTE5M0Y1RkY0MTc5MDkzQzQ4QUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD1dkTmKiku9F7gBAQMc5DikK6QvB8pQ9woQ9jAo8aFNHoG1wwb
k9icGD4cAEZjp9ofs9YxNrKNs0RqjdlKTjllz/jq+laReq+4XfkemFfiOHdaGpIP
oWx91Nk0j236hflp/qNOARGWzGRK/d58GyzbE/DP9EKOyg6lasmgIJkEO8WOkoAM
j1SRSrev3yEVzqQ7MCcPuJKuXGaQmPl+OGy7ppXF1WU1GSXNYa4y7oujfoid8bQZ
/Gr4Iv7rjd12vwBbOIxb1qFmjBfOrpZmgE15876hLjfMO+SqucTJlADynEIvTcGM
0mDmnAvdmQIG4ZmN7K9ndrpyeDvjPQ4WIlXnAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUZuLgsHz2UTzs+VGT9f9BeQk8SK0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1p1TGdzSHoyVVR6cy1W
R1Q5ZjlCZVFrOFNLMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAJbvJ4zFqiDZwF3tAr/4/ZbxBOuu+UY+
lYDu8a54puhogisHyjzLGrl314CTkqpUjeQeNsRaCEn5CH/sFa+BCzWNnrK2T6Ff
74ZUmbk2fdSZEe6tSwf3Y81cOxsPvYL4v52kQMkWkLvOqVAX7xE0BkWoPOyL0DCH
1GziMJuoAVyayd7mVvz3zxh/vOBt9Ax6Sdp6aSB4MME2UaTvj1UxyCfY2c7g2dKB
A9QSJY5a+GB+JUn88blMlCtwfn4WOk55HLuOz3QZvtSlhiap0kySGSagTnF5F7Y+
qRpm3+b9WvKYC0sozk6DBoi0sVZ9oVdQKz7xrW5za+yjPV+8TG880VY=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:35:19 2025 by rpki-client