Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/i0yFdDxMs1mAkIaPCzDQoZT4J44.roa
File: i0yFdDxMs1mAkIaPCzDQoZT4J44.roa (raw, json)
Hash identifier: RE1nR+APmzwK1u9hioE/48wMmnSzYhXkICTg3XWEDo8=
Subject key identifier: 8B:4C:85:74:3C:4C:B3:59:80:90:86:8F:0B:30:D0:A1:94:F8:27:8E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4257
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/i0yFdDxMs1mAkIaPCzDQoZT4J44.roa
Signing time: Wed 17 Apr 2024 00:53:08 +0000
ROA not before: Wed 17 Apr 2024 00:53:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16983 (0x4257)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 00:53:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8B4C85743C4CB3598090868F0B30D0A194F8278E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:e8:fd:6f:db:17:47:3a:67:56:96:33:57:20:
c5:37:10:91:81:2f:c2:ab:45:02:fd:1a:21:94:c7:
fa:d9:e9:20:21:49:81:60:e0:07:23:eb:08:b1:82:
40:89:6b:a7:b2:23:e1:d9:b1:d2:b3:20:fc:dd:3b:
1e:73:9b:ff:f8:d6:e4:1e:25:7b:ea:0e:60:27:4c:
fe:58:4b:fd:49:36:ea:c9:57:3e:95:9b:d0:20:97:
32:8b:db:00:74:dc:c9:7a:fc:a4:f1:d8:fb:57:0d:
8d:c5:d6:a7:f7:5c:f5:ec:31:e8:91:55:dc:39:fb:
47:3e:96:d3:53:ad:b3:ed:98:00:a2:a7:44:83:cf:
78:91:6e:38:6f:23:31:af:34:ff:1e:1b:6d:45:eb:
fe:8b:55:21:f4:6a:39:bc:30:76:cb:f7:25:45:a8:
ba:86:36:ed:56:0d:08:d7:78:90:13:97:06:24:ec:
b8:d5:9f:16:e8:da:00:62:ff:5b:8a:56:34:d7:22:
11:6d:3a:98:c7:96:67:71:4e:f8:36:eb:d2:bf:bf:
d3:aa:3d:a8:b7:b8:90:c2:5b:f9:55:b8:5f:18:e6:
cf:37:0b:93:3b:ce:41:95:8a:23:e7:07:6a:47:e5:
be:33:ec:56:13:f9:9d:17:26:88:2e:e5:26:c6:2b:
aa:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:4C:85:74:3C:4C:B3:59:80:90:86:8F:0B:30:D0:A1:94:F8:27:8E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/i0yFdDxMs1mAkIaPCzDQoZT4J44.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
8a:39:7a:c4:3b:02:ae:7e:53:7c:be:e4:36:b1:87:12:cb:02:
01:bd:2e:f5:8f:71:56:27:6f:27:6c:00:bc:f7:89:c4:44:e0:
97:cf:6c:16:77:9f:71:69:9a:74:a7:80:e1:ae:a2:8c:0c:51:
ee:c6:50:4a:95:88:d5:09:7e:4a:02:00:49:06:45:a4:98:a8:
3f:93:36:90:45:de:05:6a:2e:f0:d0:93:95:ae:1c:cc:13:64:
4c:5a:57:38:b5:f2:f3:38:32:12:d0:68:08:98:8d:fe:df:0d:
32:d6:03:e4:97:ab:a0:5d:18:82:a8:3d:59:e9:d9:c9:90:8f:
92:95:60:07:20:20:ec:de:5e:71:cb:db:89:f7:d8:30:2a:2b:
b9:19:c0:38:ae:91:72:22:d6:24:df:fe:e1:e9:c5:c4:9a:80:
ae:95:47:48:c1:42:7d:52:6d:3b:f7:8c:ee:89:8e:51:39:d8:
d3:37:de:c9:14:d1:8c:6c:db:51:46:28:bc:de:f1:4c:4f:b8:
6b:4c:d6:3c:ba:bc:92:6a:95:c2:d4:9e:24:6a:b7:37:f9:e2:
dd:5b:7d:a8:bc:34:96:c2:07:39:5a:89:2d:8d:05:de:75:79:
76:d0:c5:b2:1e:97:40:29:80:38:55:87:b0:00:94:96:99:86:
bd:a7:e2:86
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQlcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcw
MDUzMDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhCNEM4NTc0M0M0Q0Iz
NTk4MDkwODY4RjBCMzBEMEExOTRGODI3OEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDo6P1v2xdHOmdWljNXIMU3EJGBL8KrRQL9GiGUx/rZ6SAhSYFg
4Acj6wixgkCJa6eyI+HZsdKzIPzdOx5zm//41uQeJXvqDmAnTP5YS/1JNurJVz6V
m9AglzKL2wB03Ml6/KTx2PtXDY3F1qf3XPXsMeiRVdw5+0c+ltNTrbPtmACip0SD
z3iRbjhvIzGvNP8eG21F6/6LVSH0ajm8MHbL9yVFqLqGNu1WDQjXeJATlwYk7LjV
nxbo2gBi/1uKVjTXIhFtOpjHlmdxTvg269K/v9OqPai3uJDCW/lVuF8Y5s83C5M7
zkGViiPnB2pH5b4z7FYT+Z0XJogu5SbGK6rfAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUi0yFdDxMs1mAkIaPCzDQoZT4J44wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2kweUZkRHhNczFtQWtJ
YVBDekRRb1pUNEo0NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAIo5esQ7Aq5+U3y+5DaxhxLLAgG9LvWP
cVYnbydsALz3icRE4JfPbBZ3n3FpmnSngOGuoowMUe7GUEqViNUJfkoCAEkGRaSY
qD+TNpBF3gVqLvDQk5WuHMwTZExaVzi18vM4MhLQaAiYjf7fDTLWA+SXq6BdGIKo
PVnp2cmQj5KVYAcgIOzeXnHL24n32DAqK7kZwDiukXIi1iTf/uHpxcSagK6VR0jB
Qn1SbTv3jO6JjlE52NM33skU0Yxs21FGKLze8UxPuGtM1jy6vJJqlcLUniRqtzf5
4t1bfai8NJbCBzlaiS2NBd51eXbQxbIel0ApgDhVh7AAlJaZhr2n4oY=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:32:26 2025 by rpki-client