Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/jIpF7_8WEQ00Ez0-qr0w1sg1Rd8.roa
File: jIpF7_8WEQ00Ez0-qr0w1sg1Rd8.roa (raw, json)
Hash identifier: BHRTY/zXF2uhk1pOJKyDlYzV40pZ0gptER7mM6dKBwQ=
Subject key identifier: 8C:8A:45:EF:FF:16:11:0D:34:13:3D:3E:AA:BD:30:D6:C8:35:45:DF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4807
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/jIpF7_8WEQ00Ez0-qr0w1sg1Rd8.roa
Signing time: Wed 24 Apr 2024 14:53:18 +0000
ROA not before: Wed 24 Apr 2024 14:53:18 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18439 (0x4807)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 24 14:53:18 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8C8A45EFFF16110D34133D3EAABD30D6C83545DF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b4:5c:57:04:72:f1:52:45:16:53:34:17:ce:
31:1e:35:77:51:83:78:ef:77:ff:71:d9:a8:5b:5e:
4a:bb:00:cf:b9:ba:dc:f4:0e:d8:36:7f:1a:e5:6e:
f2:5f:1e:6d:40:0f:f7:46:35:6d:b5:e1:bc:55:0c:
e6:5b:2d:30:43:14:d8:8f:7f:06:10:47:bb:8f:49:
61:b7:17:81:a5:42:01:16:c0:f8:8d:bc:33:3d:64:
31:be:a9:e1:97:c0:f8:4f:1b:e6:26:c9:d2:ef:44:
3d:a6:06:16:ad:a7:4e:75:50:5c:ac:df:43:5d:58:
76:96:61:f3:eb:88:3e:b3:22:66:f6:41:f7:e0:80:
a6:cf:c7:55:19:cd:2d:77:8e:ff:34:b7:7d:8d:16:
b2:95:77:47:eb:6d:ae:d5:77:e2:52:24:98:86:0b:
63:07:8b:36:a6:32:0d:31:72:1c:67:c8:34:1b:1c:
35:20:74:ea:cc:f9:5e:32:dd:15:9c:c4:2c:e6:12:
8d:78:f0:da:8d:d2:c7:1c:6b:9f:9a:2a:0d:99:7d:
f7:c7:19:f6:f4:70:26:e4:e6:7b:41:96:02:c8:57:
a1:da:bb:5f:b8:bf:c3:4b:9c:3d:73:0c:8b:7a:86:
e3:be:d6:08:20:32:ee:ad:4c:08:84:cd:4a:a2:17:
4d:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:8A:45:EF:FF:16:11:0D:34:13:3D:3E:AA:BD:30:D6:C8:35:45:DF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/jIpF7_8WEQ00Ez0-qr0w1sg1Rd8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
42:58:e5:60:21:1c:50:13:0e:3c:3e:57:fb:21:ed:43:99:c3:
e8:c5:57:ac:09:13:6b:09:80:c9:00:5c:8a:46:59:99:3d:49:
b6:06:de:02:e2:61:e1:86:e9:0f:41:3d:f8:b9:e4:c7:41:23:
55:e0:b7:c1:33:8a:5a:bd:51:b0:0d:68:86:5f:a5:f3:08:77:
97:65:b5:d6:cf:e6:36:85:c6:f1:a9:b7:c9:9e:06:9b:3c:a7:
23:06:43:7d:7d:5f:8a:e7:4f:46:c4:69:83:b7:35:11:cb:2a:
6d:31:56:e4:76:12:37:71:28:e9:e4:50:03:a9:1f:90:0b:27:
b6:ce:45:d8:39:e9:b1:ab:0e:0f:c5:3f:37:48:a8:70:24:53:
ad:3f:4d:6a:8a:d3:84:54:23:3e:a1:f4:d5:f6:9d:fb:7c:4a:
b8:cd:38:60:96:fe:03:31:a2:c8:a5:42:d9:e8:1e:0f:b6:34:
b3:90:6b:69:6e:1e:39:7a:9f:2b:77:46:89:30:40:e4:f6:bd:
c6:f7:88:eb:c3:f4:39:23:9e:bd:2a:dd:d7:d6:aa:f7:19:8f:
b9:e7:c5:ac:43:46:7d:73:08:8d:f2:89:27:8f:1e:25:f8:41:
09:2b:b3:6b:d1:a4:48:d1:c8:b1:99:3c:0e:2a:c0:82:e9:f1:
35:04:e1:fd
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICSAcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjQx
NDUzMThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhDOEE0NUVGRkYxNjEx
MEQzNDEzM0QzRUFBQkQzMEQ2QzgzNTQ1REYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCttFxXBHLxUkUWUzQXzjEeNXdRg3jvd/9x2ahbXkq7AM+5utz0
Dtg2fxrlbvJfHm1AD/dGNW214bxVDOZbLTBDFNiPfwYQR7uPSWG3F4GlQgEWwPiN
vDM9ZDG+qeGXwPhPG+YmydLvRD2mBhatp051UFys30NdWHaWYfPriD6zImb2Qffg
gKbPx1UZzS13jv80t32NFrKVd0frba7Vd+JSJJiGC2MHizamMg0xchxnyDQbHDUg
dOrM+V4y3RWcxCzmEo148NqN0scca5+aKg2ZfffHGfb0cCbk5ntBlgLIV6Hau1+4
v8NLnD1zDIt6huO+1gggMu6tTAiEzUqiF029AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUjIpF7/8WEQ00Ez0+qr0w1sg1Rd8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2pJcEY3XzhXRVEwMEV6
MC1xcjB3MXNnMVJkOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAEJY5WAhHFATDjw+V/sh7UOZw+jFV6wJ
E2sJgMkAXIpGWZk9SbYG3gLiYeGG6Q9BPfi55MdBI1Xgt8Ezilq9UbANaIZfpfMI
d5dltdbP5jaFxvGpt8meBps8pyMGQ319X4rnT0bEaYO3NRHLKm0xVuR2EjdxKOnk
UAOpH5ALJ7bORdg56bGrDg/FPzdIqHAkU60/TWqK04RUIz6h9NX2nft8SrjNOGCW
/gMxosilQtnoHg+2NLOQa2luHjl6nyt3RokwQOT2vcb3iOvD9Dkjnr0q3dfWqvcZ
j7nnxaxDRn1zCI3yiSePHiX4QQkrs2vRpEjRyLGZPA4qwILp8TUE4f0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:43:30 2025 by rpki-client