Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/caiFOZew8n0oFWjvfKa-GoLYsUU.roa
File: caiFOZew8n0oFWjvfKa-GoLYsUU.roa (raw, json)
Hash identifier: WNPCTfsJ3QQajDBZIDMn0jjhkSt4ixxOBTLn8aE2xjo=
Subject key identifier: 71:A8:85:39:97:B0:F2:7D:28:15:68:EF:7C:A6:BE:1A:82:D8:B1:45
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4D07
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/caiFOZew8n0oFWjvfKa-GoLYsUU.roa
Signing time: Wed 01 May 2024 06:53:36 +0000
ROA not before: Wed 01 May 2024 06:53:36 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19719 (0x4d07)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 1 06:53:36 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=71A8853997B0F27D281568EF7CA6BE1A82D8B145
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ec:1c:bd:32:37:d9:25:5e:56:f3:41:84:27:
06:cb:bd:b8:fb:21:99:b1:64:e7:f5:6d:af:66:aa:
99:26:4b:22:8d:43:87:f6:d9:a4:27:04:cb:d4:37:
9c:c3:f8:b5:85:b8:96:38:88:16:d9:c5:57:47:74:
0a:61:05:65:98:51:ed:0e:db:17:e5:3b:14:45:8c:
e3:fd:37:7e:3f:37:2a:17:16:58:69:de:08:f5:24:
b6:06:72:76:7e:f1:f3:f2:00:08:9f:c3:33:a6:d8:
d6:8a:6f:9f:c7:61:dd:6d:e4:a7:b3:2f:31:c3:c2:
0b:cd:22:ca:3b:92:e2:6c:7e:ed:36:51:16:52:b7:
36:66:9b:bd:d8:93:6a:b2:84:f6:d2:53:ce:8e:05:
a0:fe:aa:09:d3:df:73:46:66:52:ab:36:ec:f3:89:
9d:99:0a:6f:17:96:e8:29:e6:06:2c:2f:aa:77:0b:
b7:1d:51:ea:6b:8c:89:a5:65:7d:9b:ee:eb:e5:29:
51:dd:96:d3:95:15:f6:b5:fd:be:d7:61:04:3c:a7:
71:af:20:67:5d:68:90:85:1a:a3:3e:d3:bf:db:f8:
06:d3:64:5d:d1:54:24:70:9d:c8:8e:de:8b:63:77:
48:3b:8f:4f:d0:4e:b8:a5:b4:34:f3:bc:dd:b5:ec:
dd:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:A8:85:39:97:B0:F2:7D:28:15:68:EF:7C:A6:BE:1A:82:D8:B1:45
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/caiFOZew8n0oFWjvfKa-GoLYsUU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
25:f8:8c:88:c4:27:ee:2b:1b:d7:50:b2:81:4f:8d:b6:a5:ad:
db:86:f8:97:21:3e:3a:53:b8:5b:6a:1d:52:72:b6:18:8d:6d:
9c:50:a8:d1:18:cc:6c:32:d9:f8:3e:52:d6:3d:30:dc:32:b4:
52:ad:14:1f:51:cd:1c:5c:48:44:0c:c0:e6:3d:c0:9d:63:a8:
66:63:a0:0d:05:d4:42:56:3c:67:1f:17:0a:14:73:49:40:8a:
f9:c7:c4:40:de:f2:b5:ff:b1:a5:24:80:83:c3:e8:65:39:4c:
4f:9e:39:c8:24:06:eb:e6:93:0a:c2:04:6b:55:b9:ae:f7:b1:
74:63:2b:47:39:c2:e6:37:07:52:ef:a9:ff:29:9e:2c:be:ed:
1d:fa:4c:d9:ee:26:75:ae:e7:b5:73:0b:7f:87:67:3b:61:ca:
f2:59:47:a0:c9:b9:25:e3:12:85:1b:6b:95:42:69:59:aa:b8:
08:47:e2:e1:b9:14:ff:c3:4c:90:86:ed:34:11:b6:d2:3b:58:
c2:e5:22:08:d3:b4:e0:dc:a4:94:93:83:fb:a5:26:da:41:f8:
df:3d:32:c8:d8:4e:79:1e:f8:4f:02:e2:b6:8b:bf:e7:74:29:
1a:5c:4b:d9:ab:7f:61:e9:9c:13:24:ff:bb:5a:f8:c7:b9:bd:
5f:05:43:65
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTQcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDEw
NjUzMzZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDcxQTg4NTM5OTdCMEYy
N0QyODE1NjhFRjdDQTZCRTFBODJEOEIxNDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCo7By9MjfZJV5W80GEJwbLvbj7IZmxZOf1ba9mqpkmSyKNQ4f2
2aQnBMvUN5zD+LWFuJY4iBbZxVdHdAphBWWYUe0O2xflOxRFjOP9N34/NyoXFlhp
3gj1JLYGcnZ+8fPyAAifwzOm2NaKb5/HYd1t5KezLzHDwgvNIso7kuJsfu02URZS
tzZmm73Yk2qyhPbSU86OBaD+qgnT33NGZlKrNuzziZ2ZCm8Xlugp5gYsL6p3C7cd
UeprjImlZX2b7uvlKVHdltOVFfa1/b7XYQQ8p3GvIGddaJCFGqM+07/b+AbTZF3R
VCRwnciO3otjd0g7j0/QTriltDTzvN217N1jAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUcaiFOZew8n0oFWjvfKa+GoLYsUUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2NhaUZPWmV3OG4wb0ZX
anZmS2EtR29MWXNVVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBACX4jIjEJ+4rG9dQsoFPjbalrduG+Jch
PjpTuFtqHVJythiNbZxQqNEYzGwy2fg+UtY9MNwytFKtFB9RzRxcSEQMwOY9wJ1j
qGZjoA0F1EJWPGcfFwoUc0lAivnHxEDe8rX/saUkgIPD6GU5TE+eOcgkBuvmkwrC
BGtVua73sXRjK0c5wuY3B1Lvqf8pniy+7R36TNnuJnWu57VzC3+HZzthyvJZR6DJ
uSXjEoUba5VCaVmquAhH4uG5FP/DTJCG7TQRttI7WMLlIgjTtODcpJSTg/ulJtpB
+N89MsjYTnke+E8C4raLv+d0KRpcS9mrf2HpnBMk/7ta+Me5vV8FQ2U=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:44:15 2025 by rpki-client