Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/cp3mDuIuIujQnXfQk9waUoH0-Oc.roa
File: cp3mDuIuIujQnXfQk9waUoH0-Oc.roa (raw, json)
Hash identifier: CnB/ahNggFFgiJjiNjA0zIxnob4g/wEMR1+FN4ACONs=
Subject key identifier: 72:9D:E6:0E:E2:2E:22:E8:D0:9D:77:D0:93:DC:1A:52:81:F4:F8:E7
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3CE3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/cp3mDuIuIujQnXfQk9waUoH0-Oc.roa
Signing time: Tue 09 Apr 2024 18:22:39 +0000
ROA not before: Tue 09 Apr 2024 18:22:39 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15587 (0x3ce3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 9 18:22:39 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=729DE60EE22E22E8D09D77D093DC1A5281F4F8E7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a2:a5:5b:8f:c5:d5:72:27:39:82:81:7f:3e:
07:4d:ed:c4:6d:54:5d:76:a7:b5:33:46:50:85:4a:
02:7d:4e:b2:2f:d8:97:70:7c:2e:31:f2:b5:3c:4d:
e1:6c:bb:77:4d:19:de:e9:34:3c:87:d7:94:3f:e6:
92:0e:1b:1d:28:c9:89:33:be:79:cd:08:10:13:2a:
65:32:c7:24:65:68:3d:b0:9c:e3:bd:59:55:e1:15:
bb:fc:87:4a:7f:20:52:b4:37:af:76:d3:a1:10:34:
9a:a0:0e:09:e7:88:96:03:4e:9f:3c:28:b6:4a:a6:
ee:c3:65:e1:09:59:64:c0:9a:9d:73:a3:54:47:40:
df:2d:94:0d:3f:26:f2:40:98:e9:2d:79:19:89:d1:
7d:62:fa:fb:af:56:62:e2:73:7d:e5:58:d5:1a:19:
eb:24:73:ca:bd:65:03:83:68:ad:10:44:cc:e1:3e:
93:bb:c3:6f:9b:85:82:96:6a:0d:39:7c:b0:5d:a1:
31:1c:93:53:f5:ce:6b:fa:4c:c2:11:95:ea:8f:a4:
e8:fd:91:9a:e1:7c:ba:4f:2e:3d:2b:74:b3:0b:f9:
5f:c6:94:09:d1:fb:e3:3e:08:f8:6a:ce:89:87:1a:
bb:0c:08:9c:47:93:dd:7f:6d:4e:68:72:11:1f:51:
1c:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:9D:E6:0E:E2:2E:22:E8:D0:9D:77:D0:93:DC:1A:52:81:F4:F8:E7
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/cp3mDuIuIujQnXfQk9waUoH0-Oc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
1c:c9:1c:b5:d9:6a:8d:71:f6:ea:c0:43:4d:fa:42:a3:c6:ef:
c9:63:31:e9:58:0b:e2:cb:1a:7a:e1:b1:85:58:17:23:96:c4:
26:2e:02:40:2c:4f:bc:5f:4c:1d:0e:f8:18:79:e0:b4:82:a5:
f2:ef:00:60:13:91:ce:ee:54:1c:d6:f8:97:a2:18:fb:b2:a8:
c4:b1:47:cd:af:b9:a8:12:1f:df:7e:39:e3:20:3d:8e:4e:1b:
fe:4c:ae:95:7b:70:4c:83:7e:04:a8:1e:60:6b:da:af:96:7d:
b0:70:24:13:86:fb:c3:03:ca:a0:b5:14:b1:77:ae:c9:08:1d:
21:0f:04:b3:93:b1:be:6e:ba:d2:bc:99:c9:6a:be:6e:f9:30:
e1:9e:6d:07:f6:d9:fe:76:87:fd:77:30:2e:8a:7a:58:fd:06:
b4:3d:c9:25:d1:f3:48:b6:05:f7:8d:16:cf:d6:0f:fa:61:4c:
50:63:2a:40:8f:08:12:ad:5c:44:d0:7a:fe:83:df:88:c4:43:
9f:f6:91:f1:fa:aa:5e:e0:a2:22:18:f0:17:b9:68:7e:fb:20:
ae:c4:b4:35:aa:a5:36:97:0b:4b:a5:7d:e1:42:0a:18:79:c2:
5d:1d:70:e7:fa:cb:8b:1e:31:84:cc:a4:a2:10:9d:a8:cf:f8:
d3:37:de:2e
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPOMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDkx
ODIyMzlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDcyOURFNjBFRTIyRTIy
RThEMDlENzdEMDkzREMxQTUyODFGNEY4RTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFoqVbj8XVcic5goF/PgdN7cRtVF12p7UzRlCFSgJ9TrIv2Jdw
fC4x8rU8TeFsu3dNGd7pNDyH15Q/5pIOGx0oyYkzvnnNCBATKmUyxyRlaD2wnOO9
WVXhFbv8h0p/IFK0N69206EQNJqgDgnniJYDTp88KLZKpu7DZeEJWWTAmp1zo1RH
QN8tlA0/JvJAmOkteRmJ0X1i+vuvVmLic33lWNUaGeskc8q9ZQODaK0QRMzhPpO7
w2+bhYKWag05fLBdoTEck1P1zmv6TMIRleqPpOj9kZrhfLpPLj0rdLML+V/GlAnR
++M+CPhqzomHGrsMCJxHk91/bU5ochEfURxzAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUcp3mDuIuIujQnXfQk9waUoH0+OcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2NwM21EdUl1SXVqUW5Y
ZlFrOXdhVW9IMC1PYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBABzJHLXZao1x9urAQ036QqPG78ljMelY
C+LLGnrhsYVYFyOWxCYuAkAsT7xfTB0O+Bh54LSCpfLvAGATkc7uVBzW+JeiGPuy
qMSxR82vuagSH99+OeMgPY5OG/5MrpV7cEyDfgSoHmBr2q+WfbBwJBOG+8MDyqC1
FLF3rskIHSEPBLOTsb5uutK8mclqvm75MOGebQf22f52h/13MC6Kelj9BrQ9ySXR
80i2BfeNFs/WD/phTFBjKkCPCBKtXETQev6D34jEQ5/2kfH6ql7goiIY8Be5aH77
IK7EtDWqpTaXC0ulfeFCChh5wl0dcOf6y4seMYTMpKIQnajP+NM33i4=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:42:20 2025 by rpki-client