Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/hKtAFWqKXUenErKzborQ9goqNn0.roa
File: hKtAFWqKXUenErKzborQ9goqNn0.roa (raw, json)
Hash identifier: hQuHnAYtO7blCS+oyUuf20sOFOJ5bcm5InKZB1FvFYM=
Subject key identifier: 84:AB:40:15:6A:8A:5D:47:A7:12:B2:B3:6E:8A:D0:F6:0A:2A:36:7D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4BC3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hKtAFWqKXUenErKzborQ9goqNn0.roa
Signing time: Mon 29 Apr 2024 14:23:30 +0000
ROA not before: Mon 29 Apr 2024 14:23:30 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19395 (0x4bc3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 29 14:23:30 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=84AB40156A8A5D47A712B2B36E8AD0F60A2A367D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b7:44:aa:ce:2a:e3:fa:ef:6f:07:0a:f5:69:
0c:e5:c5:b5:31:4d:f5:04:3d:1a:12:d7:ce:15:5b:
8a:17:9a:4d:0f:25:bc:82:e5:48:0f:e8:62:d8:e0:
a4:43:b8:da:95:b8:26:d3:5f:9f:53:ce:e3:09:51:
2a:ad:38:ce:ae:94:f0:00:44:94:1c:d6:8d:05:6e:
c1:78:ae:1b:eb:08:59:d6:bd:b4:4b:88:ac:73:ec:
02:cc:0e:19:04:42:2e:5c:2a:4c:f5:82:7b:31:5d:
e2:a1:0f:40:bf:db:c0:c2:89:5b:e9:20:1a:6b:25:
65:3a:fb:c0:bc:09:ff:7f:7b:e7:be:99:a6:e5:5f:
f9:0c:46:79:ad:64:33:08:7c:f5:49:3f:56:ea:7d:
20:79:74:3c:79:7c:73:a0:51:be:2a:f2:f9:b3:72:
22:98:f1:3a:11:b9:4e:00:71:21:16:44:d8:7a:c7:
f1:e7:4a:4d:d3:ee:f0:72:04:17:65:00:56:ee:37:
6a:fb:d6:ed:50:98:25:46:ae:ae:2e:a5:d4:1d:f5:
ff:6f:33:f4:c6:3b:0a:f4:b6:71:d5:69:e0:c3:ca:
de:23:2d:8a:3d:9f:24:67:73:45:df:f4:69:7a:4f:
29:97:f8:a0:1d:f2:b0:fc:3c:73:e1:25:a9:15:ce:
a3:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:AB:40:15:6A:8A:5D:47:A7:12:B2:B3:6E:8A:D0:F6:0A:2A:36:7D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hKtAFWqKXUenErKzborQ9goqNn0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
b6:e0:b5:a2:b9:c9:c0:98:4a:20:73:14:8a:bd:28:5a:83:f2:
9e:08:29:6e:25:69:37:f4:3e:11:07:b4:9e:fe:13:5f:4c:db:
92:ad:38:a2:bb:02:12:93:b8:a4:34:fc:60:20:fc:f7:b3:8f:
85:78:d0:59:5c:36:90:ce:76:82:a1:9e:db:df:7d:5b:e1:a0:
ac:6d:63:31:e2:a0:aa:2a:76:da:55:8e:b6:b1:0e:59:50:b5:
e1:07:d9:57:d7:fe:52:e7:fc:29:2d:82:cc:8c:80:ae:d0:81:
01:cc:92:41:9d:59:9c:d3:26:6f:b8:3c:7b:b7:6a:9b:7d:7d:
a2:7e:dc:27:ec:82:e3:57:c6:96:af:0e:24:c4:f9:02:b7:78:
df:0f:da:08:97:83:ec:46:b3:2a:96:c1:cd:77:bb:96:0b:80:
73:2c:a5:8b:7b:ec:02:e3:6c:d6:3f:92:91:58:e8:7a:43:fa:
74:90:90:ed:44:40:e4:3d:e9:38:84:ee:4a:a9:ac:a3:2c:6a:
33:e9:47:59:bb:1b:be:be:88:95:69:53:9a:62:2c:5b:ba:5b:
4e:74:e4:0e:7a:c7:d0:0c:44:34:e8:f4:96:af:f1:e3:36:cb:
04:90:29:87:b0:9b:2c:e6:9c:52:3e:05:e6:79:f6:4a:45:07:
28:76:32:4a
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICS8MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjkx
NDIzMzBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg0QUI0MDE1NkE4QTVE
NDdBNzEyQjJCMzZFOEFEMEY2MEEyQTM2N0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRt0Sqzirj+u9vBwr1aQzlxbUxTfUEPRoS184VW4oXmk0PJbyC
5UgP6GLY4KRDuNqVuCbTX59TzuMJUSqtOM6ulPAARJQc1o0FbsF4rhvrCFnWvbRL
iKxz7ALMDhkEQi5cKkz1gnsxXeKhD0C/28DCiVvpIBprJWU6+8C8Cf9/e+e+mabl
X/kMRnmtZDMIfPVJP1bqfSB5dDx5fHOgUb4q8vmzciKY8ToRuU4AcSEWRNh6x/Hn
Sk3T7vByBBdlAFbuN2r71u1QmCVGrq4updQd9f9vM/TGOwr0tnHVaeDDyt4jLYo9
nyRnc0Xf9Gl6TymX+KAd8rD8PHPhJakVzqMHAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUhKtAFWqKXUenErKzborQ9goqNn0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2hLdEFGV3FLWFVlbkVy
S3pib3JROWdvcU5uMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALbgtaK5ycCYSiBzFIq9KFqD8p4IKW4l
aTf0PhEHtJ7+E19M25KtOKK7AhKTuKQ0/GAg/Pezj4V40FlcNpDOdoKhntvffVvh
oKxtYzHioKoqdtpVjraxDllQteEH2VfX/lLn/CktgsyMgK7QgQHMkkGdWZzTJm+4
PHu3apt9faJ+3CfsguNXxpavDiTE+QK3eN8P2giXg+xGsyqWwc13u5YLgHMspYt7
7ALjbNY/kpFY6HpD+nSQkO1EQOQ96TiE7kqprKMsajPpR1m7G76+iJVpU5piLFu6
W0505A56x9AMRDTo9Jav8eM2ywSQKYewmyzmnFI+BeZ59kpFByh2Mko=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:19:23 2025 by rpki-client