Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/kPrAa1vdLefqROQwIhvuoVKpEdY.roa
File: kPrAa1vdLefqROQwIhvuoVKpEdY.roa (raw, json)
Hash identifier: nUJNbZ+mgjke/90ckWC0kO4jqA4u35eabdJWVBD/Qj8=
Subject key identifier: 90:FA:C0:6B:5B:DD:2D:E7:EA:44:E4:30:22:1B:EE:A1:52:A9:11:D6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 47F7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kPrAa1vdLefqROQwIhvuoVKpEdY.roa
Signing time: Wed 24 Apr 2024 12:53:15 +0000
ROA not before: Wed 24 Apr 2024 12:53:15 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18423 (0x47f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 24 12:53:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=90FAC06B5BDD2DE7EA44E430221BEEA152A911D6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:27:8d:ba:2b:09:f3:aa:47:a6:dd:d8:22:cb:
e0:68:d4:6e:a4:bc:75:18:ba:c3:b0:57:7e:0c:29:
8a:2d:cb:8b:25:c1:38:1e:eb:35:cc:9b:f2:30:91:
32:24:6e:04:9d:07:5c:cf:61:77:50:e8:ac:9f:68:
0d:e5:c5:62:14:a1:84:71:18:6e:7a:23:26:01:6a:
d0:e7:8d:0d:d2:cb:f5:6f:c2:e7:1c:bb:ae:33:1f:
ad:90:da:d2:ef:5b:d6:97:fb:cf:78:76:98:6d:e8:
a9:c6:3a:ae:b3:36:1b:6d:50:c5:1e:e3:d3:e5:1b:
32:cf:53:dd:f6:31:f3:b8:44:fa:0a:81:eb:6b:b2:
a0:48:26:40:65:b4:08:b0:9c:6f:c9:11:43:89:1b:
4b:f5:23:5b:92:91:6b:69:1c:00:e5:9c:4f:17:6e:
a2:b3:f6:ba:b9:44:cb:e8:14:ad:86:fd:b1:89:4c:
23:e4:4a:aa:c9:f3:28:dd:61:ae:56:ab:47:ae:da:
00:b4:76:1a:9f:ed:15:8c:c9:c7:6e:d4:2b:f3:09:
16:a3:b3:30:8f:83:75:0b:f9:1d:25:dd:1e:00:6b:
3d:dd:9e:64:33:06:ef:70:da:1a:ba:7b:54:c3:5c:
d1:0f:85:9d:c4:20:a2:68:f3:ba:35:b3:91:7e:d3:
6b:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:FA:C0:6B:5B:DD:2D:E7:EA:44:E4:30:22:1B:EE:A1:52:A9:11:D6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kPrAa1vdLefqROQwIhvuoVKpEdY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
0a:ff:f5:ca:1b:c5:72:1b:f2:7a:fa:16:77:18:fc:21:7e:7a:
20:5a:a7:98:43:a4:cf:68:33:45:c3:d5:e5:22:0e:4b:d4:36:
f6:54:ee:5f:6c:43:dc:ec:f9:7e:b3:da:c3:b6:c9:c8:22:8a:
7b:b6:c6:fc:7c:39:ed:36:1e:98:8f:f9:95:54:ba:61:60:a9:
8f:8d:3f:db:e7:f2:ce:5b:54:6a:2b:11:b2:f7:ac:d4:f2:ec:
b6:f8:9b:bd:7b:62:46:f2:b4:1a:5f:df:58:1c:30:9e:28:05:
1c:2a:42:4b:77:e1:ad:61:b0:c9:02:83:20:27:12:41:87:04:
34:93:ec:dc:9a:c8:46:f0:1b:ba:19:3d:99:c1:70:ee:d0:73:
00:60:91:6b:27:9c:93:c7:41:10:0c:12:81:98:cf:da:fd:c7:
85:d9:08:4d:aa:87:16:4c:45:54:80:63:3a:2f:3f:a3:36:f0:
4e:7c:66:a7:0a:d7:0c:5b:65:8f:b0:2a:74:e1:f3:af:22:26:
73:22:8d:b0:c4:1b:7f:bc:26:38:09:73:ea:17:01:8e:85:d6:
af:45:72:e9:a6:3c:4f:49:52:6f:e9:87:e3:27:31:98:00:5c:
5c:77:76:21:a6:9f:ca:5a:7d:47:ea:ef:37:46:1d:37:eb:cf:
f0:2d:f6:0d
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICR/cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjQx
MjUzMTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkwRkFDMDZCNUJERDJE
RTdFQTQ0RTQzMDIyMUJFRUExNTJBOTExRDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmJ426Kwnzqkem3dgiy+Bo1G6kvHUYusOwV34MKYoty4slwTge
6zXMm/IwkTIkbgSdB1zPYXdQ6KyfaA3lxWIUoYRxGG56IyYBatDnjQ3Sy/Vvwucc
u64zH62Q2tLvW9aX+894dpht6KnGOq6zNhttUMUe49PlGzLPU932MfO4RPoKgetr
sqBIJkBltAiwnG/JEUOJG0v1I1uSkWtpHADlnE8XbqKz9rq5RMvoFK2G/bGJTCPk
SqrJ8yjdYa5Wq0eu2gC0dhqf7RWMycdu1CvzCRajszCPg3UL+R0l3R4Aaz3dnmQz
Bu9w2hq6e1TDXNEPhZ3EIKJo87o1s5F+02vpAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUkPrAa1vdLefqROQwIhvuoVKpEdYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2tQckFhMXZkTGVmcVJP
UXdJaHZ1b1ZLcEVkWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAAr/9cobxXIb8nr6FncY/CF+eiBap5hD
pM9oM0XD1eUiDkvUNvZU7l9sQ9zs+X6z2sO2ycgiinu2xvx8Oe02HpiP+ZVUumFg
qY+NP9vn8s5bVGorEbL3rNTy7Lb4m717YkbytBpf31gcMJ4oBRwqQkt34a1hsMkC
gyAnEkGHBDST7NyayEbwG7oZPZnBcO7QcwBgkWsnnJPHQRAMEoGYz9r9x4XZCE2q
hxZMRVSAYzovP6M28E58ZqcK1wxbZY+wKnTh868iJnMijbDEG3+8JjgJc+oXAY6F
1q9FcummPE9JUm/ph+MnMZgAXFx3diGmn8pafUfq7zdGHTfrz/At9g0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:40:29 2025 by rpki-client