Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/cWVy3VeK-IksxMsYGvVe4BTJ-GA.roa
File: cWVy3VeK-IksxMsYGvVe4BTJ-GA.roa (raw, json)
Hash identifier: DCXwD39WFVivDxvoyZcXUzEF66ecWFQkh0NtfFe69Tc=
Subject key identifier: 71:65:72:DD:57:8A:F8:89:2C:C4:CB:18:1A:F5:5E:E0:14:C9:F8:60
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3A1F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/cWVy3VeK-IksxMsYGvVe4BTJ-GA.roa
Signing time: Sat 06 Apr 2024 01:52:26 +0000
ROA not before: Sat 06 Apr 2024 01:52:26 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14879 (0x3a1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 6 01:52:26 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=716572DD578AF8892CC4CB181AF55EE014C9F860
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ec:4e:fa:67:d6:7e:c4:c5:b8:7a:75:db:a8:
3f:74:ee:a1:4e:dd:e8:f5:39:b5:f8:04:28:a9:66:
9f:13:40:36:16:6d:e2:57:fc:a4:f7:fe:98:17:8b:
17:c7:10:0a:96:0d:d5:a6:20:9a:39:9e:82:81:ce:
b6:2c:c9:18:8a:1f:7b:87:ef:35:5b:b3:22:eb:8a:
93:09:e1:84:2a:52:7a:88:a2:35:3a:4d:9f:6f:1d:
06:a6:d1:a1:75:75:aa:cc:36:5f:b8:1b:57:89:7f:
f1:93:4d:41:14:a7:9e:f8:c3:cd:df:89:c0:ac:e1:
28:64:e2:47:d8:0a:84:01:c7:37:b0:ef:09:ec:0d:
60:b7:10:cd:df:81:e5:98:f9:0f:aa:2a:8a:e3:bb:
ad:db:b1:ad:d5:72:a6:f5:89:39:1f:c7:56:e1:81:
e3:c1:cf:e6:f4:26:e5:44:bd:39:c6:87:b2:36:af:
20:59:52:d0:64:a6:1b:b9:c4:5d:00:a0:c2:84:09:
9c:df:49:85:01:9c:33:f5:21:75:2c:0a:25:cd:55:
e1:2f:fb:70:9f:16:b9:9a:7f:20:17:a3:90:75:77:
18:f7:c9:35:ea:3e:9b:a4:90:5d:e2:5a:96:53:d2:
21:4d:ac:72:32:23:c4:d9:ea:e0:24:18:ec:e2:71:
d0:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:65:72:DD:57:8A:F8:89:2C:C4:CB:18:1A:F5:5E:E0:14:C9:F8:60
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/cWVy3VeK-IksxMsYGvVe4BTJ-GA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
9a:ff:02:e0:05:a3:ae:fb:2d:76:b4:5f:76:50:79:b8:2f:93:
55:cf:56:dc:5a:94:6c:4a:57:eb:87:93:5b:93:2a:4a:cb:25:
c2:f5:0b:fa:5b:df:e4:1b:b8:03:9a:de:38:b7:28:cb:29:39:
20:28:c2:99:f0:93:f8:32:8a:e6:78:dc:41:9b:68:a0:f7:b2:
01:5e:4c:df:e4:45:ef:db:4a:23:cb:8f:ce:4f:42:c0:42:a3:
01:7a:8f:ec:92:54:5e:4c:8e:15:92:fe:1d:32:15:6e:81:c0:
b7:60:6b:25:f7:3c:6f:a2:3a:d0:9f:2f:33:7a:ee:09:c9:3b:
5f:9d:bc:9c:ce:25:b6:c4:46:33:01:41:7a:87:48:e5:34:eb:
b1:71:77:a2:0f:61:67:5c:f5:1b:13:0f:bf:5e:f6:6a:22:19:
50:ec:9f:e3:9d:a4:b1:3d:84:69:52:2f:37:7f:e7:7c:05:fc:
c1:42:c9:70:0c:b8:f7:1d:16:e6:5c:61:ac:63:a8:33:b4:cf:
22:32:e3:0e:00:ea:77:eb:e9:cb:7b:e4:0d:45:01:68:e9:17:
dc:41:7f:f4:c3:81:91:16:53:5d:ad:a4:9e:85:16:21:92:a1:
97:70:19:2f:22:a3:17:2a:43:2e:78:0b:34:f9:c4:8f:a4:2e:
40:69:b3:5c
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICOh8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDYw
MTUyMjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDcxNjU3MkRENTc4QUY4
ODkyQ0M0Q0IxODFBRjU1RUUwMTRDOUY4NjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDI7E76Z9Z+xMW4enXbqD907qFO3ej1ObX4BCipZp8TQDYWbeJX
/KT3/pgXixfHEAqWDdWmIJo5noKBzrYsyRiKH3uH7zVbsyLripMJ4YQqUnqIojU6
TZ9vHQam0aF1darMNl+4G1eJf/GTTUEUp574w83ficCs4Shk4kfYCoQBxzew7wns
DWC3EM3fgeWY+Q+qKorju63bsa3Vcqb1iTkfx1bhgePBz+b0JuVEvTnGh7I2ryBZ
UtBkphu5xF0AoMKECZzfSYUBnDP1IXUsCiXNVeEv+3CfFrmafyAXo5B1dxj3yTXq
PpukkF3iWpZT0iFNrHIyI8TZ6uAkGOzicdCvAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUcWVy3VeK+IksxMsYGvVe4BTJ+GAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2NXVnkzVmVLLUlrc3hN
c1lHdlZlNEJUSi1HQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAJr/AuAFo677LXa0X3ZQebgvk1XPVtxa
lGxKV+uHk1uTKkrLJcL1C/pb3+QbuAOa3ji3KMspOSAowpnwk/gyiuZ43EGbaKD3
sgFeTN/kRe/bSiPLj85PQsBCowF6j+ySVF5MjhWS/h0yFW6BwLdgayX3PG+iOtCf
LzN67gnJO1+dvJzOJbbERjMBQXqHSOU067Fxd6IPYWdc9RsTD79e9moiGVDsn+Od
pLE9hGlSLzd/53wF/MFCyXAMuPcdFuZcYaxjqDO0zyIy4w4A6nfr6ct75A1FAWjp
F9xBf/TDgZEWU12tpJ6FFiGSoZdwGS8ioxcqQy54CzT5xI+kLkBps1w=
-----END CERTIFICATE-----
Generated at Fri Apr 11 10:28:03 2025 by rpki-client