Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/iv4tDNLUFg_B4iFwbD_0svKGaAA.roa
File: iv4tDNLUFg_B4iFwbD_0svKGaAA.roa (raw, json)
Hash identifier: eeMHxQ9oW9WoDhBgf4bYJXekSfxRi9unsUSSOfrOCXY=
Subject key identifier: 8A:FE:2D:0C:D2:D4:16:0F:C1:E2:21:70:6C:3F:F4:B2:F2:86:68:00
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 34A3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/iv4tDNLUFg_B4iFwbD_0svKGaAA.roa
Signing time: Fri 29 Mar 2024 18:22:05 +0000
ROA not before: Fri 29 Mar 2024 18:22:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13475 (0x34a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 18:22:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8AFE2D0CD2D4160FC1E221706C3FF4B2F2866800
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b7:7f:11:35:5d:1c:1b:8e:dd:7b:81:73:bd:
1a:09:47:9d:07:12:15:42:0a:3f:df:66:58:e3:15:
09:d1:22:71:25:5e:92:22:a0:c2:40:3e:fe:b4:9b:
84:00:ca:b3:da:d6:8a:a2:f7:ad:f1:05:eb:4e:78:
46:46:28:23:0c:e7:cc:95:1b:24:e4:5c:fd:2c:18:
1f:82:e1:4c:75:5d:7a:42:1e:ca:4e:3e:8e:ad:08:
43:07:38:1c:4b:19:b5:b7:b9:a2:db:c4:71:51:76:
39:0d:a7:17:18:bb:cb:4a:68:1c:7f:e8:62:37:9b:
92:d0:2e:47:23:39:d7:90:3c:f5:9c:f6:6e:0e:91:
4b:04:ec:d4:34:a7:cd:74:03:9a:84:4f:b0:2d:aa:
f9:4e:01:90:77:6a:26:6e:39:0f:83:3d:c1:55:68:
19:cc:9e:3a:ca:33:23:18:61:f6:11:7f:db:9e:86:
49:ed:8d:a0:02:7d:21:98:22:3c:3b:1d:2e:e5:06:
8b:4b:cb:85:13:d1:85:1a:2c:2f:e9:bc:61:26:ad:
2d:11:40:da:6e:7b:71:c7:96:b4:a5:ab:0f:6f:33:
d5:c5:45:d9:9f:7c:97:af:b2:ba:1f:15:ea:b4:05:
9b:57:e0:51:53:50:e6:5a:de:c8:40:21:32:16:ca:
62:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:FE:2D:0C:D2:D4:16:0F:C1:E2:21:70:6C:3F:F4:B2:F2:86:68:00
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/iv4tDNLUFg_B4iFwbD_0svKGaAA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
26:af:8c:e6:dc:08:5a:af:2e:b0:3d:fc:1e:16:4c:31:54:b3:
df:b9:0d:85:b7:f2:9a:97:bd:62:1c:ac:bc:44:a2:c8:d1:90:
97:9b:ce:75:da:7d:0c:3c:62:c8:bf:c8:b2:7f:9e:fa:48:bc:
ad:60:56:32:47:e0:ff:44:28:da:4b:31:47:74:f4:48:2c:aa:
3a:fd:4d:d1:8e:24:18:78:82:d9:8b:cc:57:be:5d:43:0b:fd:
9d:3c:8c:b1:95:a0:59:5e:0e:9c:20:49:2e:5a:42:c8:f0:ca:
76:18:4b:4e:41:f5:38:1f:45:65:9c:e4:12:f9:c3:24:53:0e:
ea:e8:e3:81:83:56:db:67:93:10:97:10:dd:74:16:c0:1a:4b:
dc:c8:c8:8a:42:c9:1b:79:c0:26:1b:04:6a:0d:31:70:80:e1:
3f:e6:f8:d3:85:6b:7f:32:0f:b6:e8:45:34:f8:54:56:41:47:
5d:96:bf:6d:48:8d:f9:ab:25:61:2d:54:9f:09:21:1f:8f:5d:
ca:62:75:6d:3b:49:ee:07:06:74:28:0e:35:87:4f:cb:f6:49:
3b:f5:0f:43:09:ea:b0:a1:40:36:41:a2:c4:8d:19:0d:51:3c:
24:fd:f2:98:f3:bf:5d:c5:84:04:55:fa:41:34:c7:d6:da:84:
54:24:1c:8d
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNKMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjkx
ODIyMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhBRkUyRDBDRDJENDE2
MEZDMUUyMjE3MDZDM0ZGNEIyRjI4NjY4MDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIt38RNV0cG47de4FzvRoJR50HEhVCCj/fZljjFQnRInElXpIi
oMJAPv60m4QAyrPa1oqi963xBetOeEZGKCMM58yVGyTkXP0sGB+C4Ux1XXpCHspO
Po6tCEMHOBxLGbW3uaLbxHFRdjkNpxcYu8tKaBx/6GI3m5LQLkcjOdeQPPWc9m4O
kUsE7NQ0p810A5qET7AtqvlOAZB3aiZuOQ+DPcFVaBnMnjrKMyMYYfYRf9uehknt
jaACfSGYIjw7HS7lBotLy4UT0YUaLC/pvGEmrS0RQNpue3HHlrSlqw9vM9XFRdmf
fJevsrofFeq0BZtX4FFTUOZa3shAITIWymLZAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUiv4tDNLUFg/B4iFwbD/0svKGaAAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2l2NHRETkxVRmdfQjRp
RndiRF8wc3ZLR2FBQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBACavjObcCFqvLrA9/B4WTDFUs9+5DYW3
8pqXvWIcrLxEosjRkJebznXafQw8Ysi/yLJ/nvpIvK1gVjJH4P9EKNpLMUd09Egs
qjr9TdGOJBh4gtmLzFe+XUML/Z08jLGVoFleDpwgSS5aQsjwynYYS05B9TgfRWWc
5BL5wyRTDuro44GDVttnkxCXEN10FsAaS9zIyIpCyRt5wCYbBGoNMXCA4T/m+NOF
a38yD7boRTT4VFZBR12Wv21IjfmrJWEtVJ8JIR+PXcpidW07Se4HBnQoDjWHT8v2
STv1D0MJ6rChQDZBosSNGQ1RPCT98pjzv13FhARV+kE0x9bahFQkHI0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:41:30 2025 by rpki-client