Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/fiXPwHfgXiLH4ctfpnZBg6IN8zY.roa
File: fiXPwHfgXiLH4ctfpnZBg6IN8zY.roa (raw, json)
Hash identifier: /QAqZyXie81CzfQOuhlZqwWGIYvg0vVrktS5AvEyI9Q=
Subject key identifier: 7E:25:CF:C0:77:E0:5E:22:C7:E1:CB:5F:A6:76:41:83:A2:0D:F3:36
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4BAF
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/fiXPwHfgXiLH4ctfpnZBg6IN8zY.roa
Signing time: Mon 29 Apr 2024 11:53:33 +0000
ROA not before: Mon 29 Apr 2024 11:53:33 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19375 (0x4baf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 29 11:53:33 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7E25CFC077E05E22C7E1CB5FA6764183A20DF336
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a7:d7:ed:97:4b:11:3c:17:32:87:82:54:71:
7e:6e:76:d8:54:b5:ad:62:09:fe:e8:79:d0:99:87:
6c:6f:62:c2:ef:aa:95:a9:aa:d4:7c:af:9f:89:09:
fc:5b:52:14:98:92:4b:ce:87:c4:5c:ea:9f:ab:86:
4f:cd:d1:10:50:48:10:6f:18:db:16:50:52:7b:1d:
1d:3e:5c:62:d2:6c:b1:eb:fb:0f:dd:52:a7:5c:ee:
62:9f:16:cc:55:9c:3a:41:53:68:fa:cc:35:ec:45:
49:bb:b0:63:06:d9:6a:f5:68:11:02:67:da:16:85:
8a:3e:97:d7:72:f2:19:fd:4d:b4:0c:55:ba:e6:c7:
5f:d2:47:e1:7f:49:46:b4:0e:d6:ce:40:0c:5d:1b:
6e:7e:05:bf:6d:a7:71:f7:62:ff:1f:22:ef:6d:42:
36:5c:19:00:06:b2:71:4d:f9:0f:e0:ff:ce:ac:58:
3a:64:8f:45:8c:12:f1:fb:0f:24:c2:04:32:85:7d:
64:9f:ec:e3:09:ab:3a:4c:c8:00:72:03:d5:6f:1a:
0a:a6:0a:97:a3:a1:41:19:c5:09:bf:1c:7e:22:6d:
7c:19:a5:f7:66:17:11:da:08:81:5a:5a:ba:c1:3a:
7e:6b:9e:65:72:b3:c7:7f:8c:2d:f9:46:49:0d:f3:
03:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:25:CF:C0:77:E0:5E:22:C7:E1:CB:5F:A6:76:41:83:A2:0D:F3:36
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/fiXPwHfgXiLH4ctfpnZBg6IN8zY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
92:22:14:45:a0:a9:bd:7d:55:bd:c1:92:41:18:58:04:7f:60:
0e:c2:d9:b8:0b:6f:23:78:7d:2c:40:e8:02:b3:24:b5:3e:48:
c2:ba:7c:aa:93:6b:ec:37:fa:bc:13:e5:7c:dd:37:59:b7:95:
96:a4:3d:17:68:0b:95:fa:57:de:4c:ac:a1:1c:40:9d:3c:18:
ab:1f:ae:ec:66:b8:e6:52:40:7c:bb:c5:7d:ca:52:3e:b6:15:
45:cb:a0:5b:3e:4c:61:5e:14:58:90:fa:e6:69:ea:f6:46:4d:
72:b9:e9:ec:25:4d:c6:c0:9b:30:9e:ee:31:d4:82:36:e9:bb:
22:b0:fc:91:67:e2:6f:be:b3:d8:31:bd:52:bf:3c:41:80:16:
d1:89:6b:01:e0:a4:fe:34:1c:9a:cf:98:6f:9d:ed:b5:77:07:
50:63:1a:c5:97:c9:b6:cf:da:35:94:be:32:56:06:d7:f3:57:
ed:ec:8f:bd:2a:14:95:98:21:81:8b:06:6d:78:4e:00:a5:80:
34:2a:93:3c:33:e7:21:57:f4:77:6e:da:5a:13:7d:ed:0b:d6:
4c:fb:95:94:d4:1d:3b:78:b3:fd:d4:8c:8c:ec:a2:e3:7e:21:
0a:f9:0c:12:af:b3:ba:81:3b:ca:15:c7:c6:f9:c6:11:95:6c:
39:ea:d4:64
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICS68wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjkx
MTUzMzNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdFMjVDRkMwNzdFMDVF
MjJDN0UxQ0I1RkE2NzY0MTgzQTIwREYzMzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFp9ftl0sRPBcyh4JUcX5udthUta1iCf7oedCZh2xvYsLvqpWp
qtR8r5+JCfxbUhSYkkvOh8Rc6p+rhk/N0RBQSBBvGNsWUFJ7HR0+XGLSbLHr+w/d
Uqdc7mKfFsxVnDpBU2j6zDXsRUm7sGMG2Wr1aBECZ9oWhYo+l9dy8hn9TbQMVbrm
x1/SR+F/SUa0DtbOQAxdG25+Bb9tp3H3Yv8fIu9tQjZcGQAGsnFN+Q/g/86sWDpk
j0WMEvH7DyTCBDKFfWSf7OMJqzpMyAByA9VvGgqmCpejoUEZxQm/HH4ibXwZpfdm
FxHaCIFaWrrBOn5rnmVys8d/jC35RkkN8wO9AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUfiXPwHfgXiLH4ctfpnZBg6IN8zYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2ZpWFB3SGZnWGlMSDRj
dGZwblpCZzZJTjh6WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAJIiFEWgqb19Vb3BkkEYWAR/YA7C2bgL
byN4fSxA6AKzJLU+SMK6fKqTa+w3+rwT5XzdN1m3lZakPRdoC5X6V95MrKEcQJ08
GKsfruxmuOZSQHy7xX3KUj62FUXLoFs+TGFeFFiQ+uZp6vZGTXK56ewlTcbAmzCe
7jHUgjbpuyKw/JFn4m++s9gxvVK/PEGAFtGJawHgpP40HJrPmG+d7bV3B1BjGsWX
ybbP2jWUvjJWBtfzV+3sj70qFJWYIYGLBm14TgClgDQqkzwz5yFX9Hdu2loTfe0L
1kz7lZTUHTt4s/3UjIzsouN+IQr5DBKvs7qBO8oVx8b5xhGVbDnq1GQ=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:29:39 2025 by rpki-client