Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/bSkvAEyry7QRYTyjMVkU7MEJGcw.roa
File: bSkvAEyry7QRYTyjMVkU7MEJGcw.roa (raw, json)
Hash identifier: B57nE0+2AlcU9liYxGE5V0iAa0678ohx2ofGRxWvCIs=
Subject key identifier: 6D:29:2F:00:4C:AB:CB:B4:11:61:3C:A3:31:59:14:EC:C1:09:19:CC
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4AF3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/bSkvAEyry7QRYTyjMVkU7MEJGcw.roa
Signing time: Sun 28 Apr 2024 12:23:36 +0000
ROA not before: Sun 28 Apr 2024 12:23:36 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19187 (0x4af3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 28 12:23:36 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6D292F004CABCBB411613CA3315914ECC10919CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:3a:21:c0:12:f7:1e:ac:c8:9c:8d:53:4b:7e:
5a:ea:1a:05:de:8e:7b:ff:19:e9:ad:e3:0d:2f:ac:
88:c5:a3:7d:31:10:47:b1:0c:6f:ed:14:e8:05:e9:
b9:16:38:57:75:68:44:cc:31:d3:7a:af:08:21:5a:
19:81:46:1d:ee:44:66:fd:df:1e:65:6b:a5:2e:44:
b0:91:35:51:dc:de:b2:a1:1b:42:fb:e0:d4:2f:71:
e1:73:22:93:26:11:ac:25:93:db:53:08:e1:02:03:
80:19:be:fd:9f:7c:bc:93:c9:e0:cc:7d:8c:2f:86:
11:5b:75:bf:52:ab:5d:d1:f5:d7:8b:08:db:f4:82:
02:7d:18:6a:32:97:66:52:eb:1f:62:bd:d4:84:a6:
0c:b2:b5:48:76:8e:1f:7a:8d:54:32:c7:35:be:56:
b1:05:bc:11:fb:65:90:d3:ff:58:2c:c0:04:72:80:
48:92:94:fb:a5:68:45:06:14:ca:0e:b9:8b:01:be:
18:55:f1:c7:74:88:cb:ed:dc:9e:3f:b2:23:de:df:
00:88:bb:15:8c:da:50:42:13:ae:09:fd:57:21:76:
49:7b:ee:59:d5:c7:b2:67:fe:f4:27:7e:1d:e0:bc:
ea:02:01:44:b8:77:81:d0:c4:09:fd:cf:29:16:e6:
ac:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:29:2F:00:4C:AB:CB:B4:11:61:3C:A3:31:59:14:EC:C1:09:19:CC
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/bSkvAEyry7QRYTyjMVkU7MEJGcw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
af:62:b1:38:cc:85:54:19:18:3e:f8:9b:9a:8e:c5:59:3d:87:
5b:15:80:50:fc:b7:5c:a5:c9:ca:12:3c:2b:cc:79:f4:6f:f0:
a1:e1:bd:12:8a:eb:89:c8:c8:a0:e7:6c:42:79:fa:ac:5d:94:
90:4b:df:f9:ef:e3:04:fe:8b:93:2c:b7:f1:52:8a:03:a8:ed:
bd:4f:b2:a3:9e:bb:2d:6d:99:b4:5b:9f:00:a8:bd:dc:5e:1c:
3c:c2:1d:ff:c8:49:06:e4:68:4b:f7:ee:fc:21:00:c0:ec:3d:
b8:f4:35:5d:d5:73:3e:62:e7:fc:76:f0:3d:b5:b3:65:69:de:
3d:37:39:1f:1e:f0:a0:29:c4:e8:bf:d0:cf:a1:7c:94:87:30:
b5:ab:7c:f7:25:c3:c1:8e:4d:8f:4e:1e:df:c3:b1:84:d7:ad:
9b:8b:e1:80:72:3a:cd:d3:f2:3f:96:3b:d1:c0:51:1f:c6:81:
a4:6b:5c:70:29:70:cb:5c:cf:9a:4a:79:e3:77:de:13:18:f7:
1d:e5:25:bd:87:ed:ce:5c:d1:2c:ab:a1:f3:8e:7a:f1:2a:77:
8e:88:f1:84:2f:fb:fa:5c:03:c5:fa:7c:f4:ba:76:8a:f0:8c:
5b:4f:22:ee:66:aa:4d:19:b5:e4:db:44:4b:c4:19:7d:50:3f:
aa:84:07:c0
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICSvMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjgx
MjIzMzZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZEMjkyRjAwNENBQkNC
QjQxMTYxM0NBMzMxNTkxNEVDQzEwOTE5Q0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDuOiHAEvcerMicjVNLflrqGgXejnv/Gemt4w0vrIjFo30xEEex
DG/tFOgF6bkWOFd1aETMMdN6rwghWhmBRh3uRGb93x5la6UuRLCRNVHc3rKhG0L7
4NQvceFzIpMmEawlk9tTCOECA4AZvv2ffLyTyeDMfYwvhhFbdb9Sq13R9deLCNv0
ggJ9GGoyl2ZS6x9ivdSEpgyytUh2jh96jVQyxzW+VrEFvBH7ZZDT/1gswARygEiS
lPulaEUGFMoOuYsBvhhV8cd0iMvt3J4/siPe3wCIuxWM2lBCE64J/Vchdkl77lnV
x7Jn/vQnfh3gvOoCAUS4d4HQxAn9zykW5qxXAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUbSkvAEyry7QRYTyjMVkU7MEJGcwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2JTa3ZBRXlyeTdRUllU
eWpNVmtVN01FSkdjdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAK9isTjMhVQZGD74m5qOxVk9h1sVgFD8
t1ylycoSPCvMefRv8KHhvRKK64nIyKDnbEJ5+qxdlJBL3/nv4wT+i5Mst/FSigOo
7b1PsqOeuy1tmbRbnwCovdxeHDzCHf/ISQbkaEv37vwhAMDsPbj0NV3Vcz5i5/x2
8D21s2Vp3j03OR8e8KApxOi/0M+hfJSHMLWrfPclw8GOTY9OHt/DsYTXrZuL4YBy
Os3T8j+WO9HAUR/GgaRrXHApcMtcz5pKeeN33hMY9x3lJb2H7c5c0SyrofOOevEq
d46I8YQv+/pcA8X6fPS6dorwjFtPIu5mqk0ZteTbREvEGX1QP6qEB8A=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:38:43 2025 by rpki-client