Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/lDxoE1NAd2575j90rDs2k7nTAfE.roa
File: lDxoE1NAd2575j90rDs2k7nTAfE.roa (raw, json)
Hash identifier: XjIxgbnSuBrdW8ozFcsiYjrqwqcMgQiCsCBhOmEY4vw=
Subject key identifier: 94:3C:68:13:53:40:77:6E:7B:E6:3F:74:AC:3B:36:93:B9:D3:01:F1
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4B13
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lDxoE1NAd2575j90rDs2k7nTAfE.roa
Signing time: Sun 28 Apr 2024 16:23:26 +0000
ROA not before: Sun 28 Apr 2024 16:23:26 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19219 (0x4b13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 28 16:23:26 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=943C68135340776E7BE63F74AC3B3693B9D301F1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:82:f3:8d:28:87:ae:c2:f1:9e:14:fa:90:bd:
e9:44:84:cd:c9:eb:5c:4a:5c:21:27:91:58:57:d6:
eb:b8:17:e4:89:17:0c:77:b6:81:e5:05:3b:4d:7b:
04:b9:cc:13:f1:5b:39:98:13:6b:03:68:a2:90:e1:
df:c3:d6:1f:49:0a:9c:09:b5:f6:b0:76:14:7f:19:
62:39:c1:19:fa:c8:aa:44:75:24:5d:52:2e:3e:f0:
ea:1c:52:05:89:6b:b9:aa:74:34:d5:36:e9:83:eb:
d5:66:56:11:06:13:26:47:a2:2c:46:f6:32:c3:7d:
46:fa:0c:3f:a2:5b:9b:5b:8f:44:b8:ca:14:44:fd:
cf:dc:2f:39:97:c8:79:91:50:fa:9f:be:b4:70:55:
3b:3c:ee:d9:3f:ae:17:67:db:76:a7:5a:6c:31:16:
d7:8a:d2:a7:cb:1a:17:f7:d4:5f:6b:4f:0e:0d:2c:
42:6b:9f:c8:72:c2:75:2f:2f:11:23:dd:ba:0a:c9:
1c:35:c8:ab:60:4c:5f:44:19:3d:dc:d1:ce:fe:e2:
71:59:9b:c4:48:14:7e:fa:87:32:34:b2:4a:e7:de:
c3:35:57:94:32:f6:c5:4a:1d:0a:78:08:c8:0e:e7:
37:13:5e:6e:5e:15:d0:b2:a1:d3:45:d8:7c:4f:4f:
7b:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:3C:68:13:53:40:77:6E:7B:E6:3F:74:AC:3B:36:93:B9:D3:01:F1
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lDxoE1NAd2575j90rDs2k7nTAfE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
aa:23:e9:8e:82:8e:cc:97:fb:a5:fa:a0:b8:cf:09:85:f4:b0:
34:a6:c4:29:4e:51:6c:48:96:4a:2c:4b:dc:2d:fe:e9:ec:81:
7f:75:57:c6:53:87:b3:d6:e9:32:e1:9b:96:09:b9:79:de:55:
a9:9a:a8:cc:0f:8a:3f:b0:d1:ba:03:92:45:f2:e2:02:71:e4:
2f:07:b4:cd:b2:36:a5:fb:eb:1d:5d:dc:f2:b0:63:51:92:80:
85:9b:2f:cb:49:97:87:2d:2d:58:6c:d9:b2:2d:1d:e3:4e:ac:
9a:52:a8:97:29:b7:81:ce:cc:02:0d:21:7a:d5:4f:ff:46:69:
d8:58:6a:45:41:d6:ad:ae:60:85:08:10:db:ff:50:8b:c7:a9:
59:d3:bf:a6:6b:59:bd:fe:71:cb:e7:28:14:06:7d:51:20:2c:
7e:88:8f:2a:a5:62:b0:ae:57:06:ee:05:36:2a:4b:2c:c4:08:
a3:ac:08:01:2b:0e:5a:41:58:e0:94:3e:b4:11:37:e2:5e:0e:
2d:59:3a:1f:e5:4d:49:32:de:c0:13:ae:ae:28:5a:80:52:1b:
a0:66:bc:1e:b7:dc:dd:74:77:7a:d8:a8:c0:34:34:bc:9a:ad:
36:4b:2f:58:66:95:d5:71:c3:63:45:22:75:df:b1:11:d9:2b:
40:9f:7b:dd
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICSxMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjgx
NjIzMjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk0M0M2ODEzNTM0MDc3
NkU3QkU2M0Y3NEFDM0IzNjkzQjlEMzAxRjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzgvONKIeuwvGeFPqQvelEhM3J61xKXCEnkVhX1uu4F+SJFwx3
toHlBTtNewS5zBPxWzmYE2sDaKKQ4d/D1h9JCpwJtfawdhR/GWI5wRn6yKpEdSRd
Ui4+8OocUgWJa7mqdDTVNumD69VmVhEGEyZHoixG9jLDfUb6DD+iW5tbj0S4yhRE
/c/cLzmXyHmRUPqfvrRwVTs87tk/rhdn23anWmwxFteK0qfLGhf31F9rTw4NLEJr
n8hywnUvLxEj3boKyRw1yKtgTF9EGT3c0c7+4nFZm8RIFH76hzI0skrn3sM1V5Qy
9sVKHQp4CMgO5zcTXm5eFdCyodNF2HxPT3shAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUlDxoE1NAd2575j90rDs2k7nTAfEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2xEeG9FMU5BZDI1NzVq
OTByRHMyazduVEFmRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAKoj6Y6CjsyX+6X6oLjPCYX0sDSmxClO
UWxIlkosS9wt/unsgX91V8ZTh7PW6TLhm5YJuXneVamaqMwPij+w0boDkkXy4gJx
5C8HtM2yNqX76x1d3PKwY1GSgIWbL8tJl4ctLVhs2bItHeNOrJpSqJcpt4HOzAIN
IXrVT/9GadhYakVB1q2uYIUIENv/UIvHqVnTv6ZrWb3+ccvnKBQGfVEgLH6Ijyql
YrCuVwbuBTYqSyzECKOsCAErDlpBWOCUPrQRN+JeDi1ZOh/lTUky3sATrq4oWoBS
G6BmvB633N10d3rYqMA0NLyarTZLL1hmldVxw2NFInXfsRHZK0Cfe90=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:42:11 2025 by rpki-client