Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/epQnWKLqNDzrHgZYBhUm-XBMyw8.roa
File: epQnWKLqNDzrHgZYBhUm-XBMyw8.roa (raw, json)
Hash identifier: mD92ml35QnblodfQWduQoBTxExmVuexnXsJT8V689JQ=
Subject key identifier: 7A:94:27:58:A2:EA:34:3C:EB:1E:06:58:06:15:26:F9:70:4C:CB:0F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3ACF
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/epQnWKLqNDzrHgZYBhUm-XBMyw8.roa
Signing time: Sat 06 Apr 2024 23:52:56 +0000
ROA not before: Sat 06 Apr 2024 23:52:56 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15055 (0x3acf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 6 23:52:56 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7A942758A2EA343CEB1E0658061526F9704CCB0F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:bd:5a:aa:3f:48:b2:7a:c6:06:8c:ae:01:5c:
54:3c:ca:ca:cb:4a:09:bf:01:b6:0c:86:0b:db:ee:
93:13:c7:85:a3:be:c1:c8:dc:bc:52:13:26:0c:0b:
c2:50:ab:6c:cc:23:81:77:34:fd:53:06:f0:b9:1b:
3d:0d:9c:a9:d4:5f:66:ed:c7:4e:ad:29:17:d3:76:
ef:4b:1d:2a:a9:ff:01:e1:ef:ff:e4:c1:4f:53:6a:
c5:5a:99:eb:6c:96:5a:3b:1f:60:ab:5a:38:b3:e5:
bf:13:f2:a4:87:72:94:b5:20:43:d7:13:63:21:64:
3c:9d:12:66:e8:3d:bb:22:b8:a6:cf:03:f6:76:99:
67:2e:c7:7a:bf:f1:91:e3:1a:21:b5:7c:13:4c:e5:
b5:d1:5b:bb:5f:47:d0:8a:f1:ca:43:8f:12:68:00:
55:5f:d7:a0:c5:72:0d:6d:24:18:07:21:47:44:60:
b6:6f:94:b4:e2:ae:68:7d:5b:d1:5c:6a:44:53:66:
4f:21:9c:90:61:16:5e:c6:ef:99:ab:db:c6:98:83:
d0:04:c3:f9:2f:e1:ce:2f:5a:20:79:e4:94:99:c7:
40:6a:2b:af:5f:a7:ee:0f:86:38:6a:7c:16:cf:14:
26:21:5d:f3:7e:c1:be:fe:18:c4:f1:4a:19:25:02:
bb:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:94:27:58:A2:EA:34:3C:EB:1E:06:58:06:15:26:F9:70:4C:CB:0F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/epQnWKLqNDzrHgZYBhUm-XBMyw8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
94:a4:5b:98:46:b9:ec:b9:a7:9b:83:f1:d1:17:c4:f3:67:d3:
65:4c:90:d6:dc:4b:bf:ae:d6:cd:3e:60:50:d9:13:c0:1a:2a:
1a:9d:66:77:05:f1:6d:9a:c7:0f:ae:9f:0a:a7:f3:9e:65:f5:
aa:52:e4:20:99:7c:f6:9c:36:23:0a:8e:5a:dd:0f:6e:0d:4d:
71:86:18:eb:09:04:1e:06:d9:25:98:d9:d4:60:5f:12:92:52:
6b:84:5d:4c:3e:71:58:17:dd:a1:e2:58:d0:ad:2c:da:48:6f:
cd:4a:97:71:f7:3f:8b:3b:10:5e:22:3e:dd:a6:d1:ea:a1:18:
aa:9d:39:18:cd:c9:1e:69:9a:05:6b:c3:92:57:bd:da:06:3d:
90:95:2b:ea:f4:57:83:09:f0:5e:7c:4c:f6:12:14:f0:a3:53:
95:af:5f:9c:80:bc:21:70:c1:45:a1:b6:2e:0c:04:1c:ce:0d:
a0:64:d3:e3:1a:60:fa:8d:db:e6:dc:c0:5d:df:fd:c7:b1:11:
92:99:e7:eb:ed:63:a9:78:ef:28:7b:3b:82:46:5a:c4:53:f8:
37:72:93:a1:ac:eb:e3:cc:ae:04:38:2f:ab:24:a0:19:cc:cf:
8a:7a:60:3e:25:25:8b:8f:84:78:23:ca:4b:7d:1b:7f:ba:a0:
aa:15:a4:f5
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICOs8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDYy
MzUyNTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdBOTQyNzU4QTJFQTM0
M0NFQjFFMDY1ODA2MTUyNkY5NzA0Q0NCMEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIvVqqP0iyesYGjK4BXFQ8ysrLSgm/AbYMhgvb7pMTx4WjvsHI
3LxSEyYMC8JQq2zMI4F3NP1TBvC5Gz0NnKnUX2btx06tKRfTdu9LHSqp/wHh7//k
wU9TasVametsllo7H2CrWjiz5b8T8qSHcpS1IEPXE2MhZDydEmboPbsiuKbPA/Z2
mWcux3q/8ZHjGiG1fBNM5bXRW7tfR9CK8cpDjxJoAFVf16DFcg1tJBgHIUdEYLZv
lLTirmh9W9FcakRTZk8hnJBhFl7G75mr28aYg9AEw/kv4c4vWiB55JSZx0BqK69f
p+4PhjhqfBbPFCYhXfN+wb7+GMTxShklArtdAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUepQnWKLqNDzrHgZYBhUm+XBMyw8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2VwUW5XS0xxTkR6ckhn
WllCaFVtLVhCTXl3OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAJSkW5hGuey5p5uD8dEXxPNn02VMkNbc
S7+u1s0+YFDZE8AaKhqdZncF8W2axw+unwqn855l9apS5CCZfPacNiMKjlrdD24N
TXGGGOsJBB4G2SWY2dRgXxKSUmuEXUw+cVgX3aHiWNCtLNpIb81Kl3H3P4s7EF4i
Pt2m0eqhGKqdORjNyR5pmgVrw5JXvdoGPZCVK+r0V4MJ8F58TPYSFPCjU5WvX5yA
vCFwwUWhti4MBBzODaBk0+MaYPqN2+bcwF3f/cexEZKZ5+vtY6l47yh7O4JGWsRT
+Ddyk6Gs6+PMrgQ4L6skoBnMz4p6YD4lJYuPhHgjykt9G3+6oKoVpPU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:43:14 2025 by rpki-client