Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/lczsSFzZREr5G1iqLw0qdlFbjvs.roa
File: lczsSFzZREr5G1iqLw0qdlFbjvs.roa (raw, json)
Hash identifier: XHWUPWJ81p2q7ORSS+mZoQpvuAhJrLBVoZIt+nCxbgY=
Subject key identifier: 95:CC:EC:48:5C:D9:44:4A:F9:1B:58:AA:2F:0D:2A:76:51:5B:8E:FB
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 40CF
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lczsSFzZREr5G1iqLw0qdlFbjvs.roa
Signing time: Sun 14 Apr 2024 23:52:53 +0000
ROA not before: Sun 14 Apr 2024 23:52:53 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16591 (0x40cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 23:52:53 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=95CCEC485CD9444AF91B58AA2F0D2A76515B8EFB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3d:e0:5f:1e:f3:64:8c:83:7e:8a:34:9f:c1:
e4:dd:0b:fb:0b:4b:bb:fe:57:fe:4d:5b:1b:77:54:
8c:48:d8:24:fc:12:60:72:0d:b8:ec:a4:e6:1b:dd:
c7:4f:61:ab:6b:85:61:2b:82:a2:77:fc:bd:56:7f:
29:03:78:d9:d7:f4:3f:23:9b:b6:90:85:3c:ce:65:
87:91:39:5a:74:c5:96:d4:3f:c0:d8:ed:59:4f:f1:
b2:76:aa:1b:20:6e:ce:33:86:ca:66:34:e0:08:03:
a1:fb:db:00:f7:29:d6:bd:19:03:f6:e9:68:81:a7:
0c:91:70:87:0e:ee:0b:6d:fe:97:07:a4:03:b3:6c:
85:41:cb:48:8b:6e:ac:29:e8:5f:1c:34:98:a2:cf:
28:4f:7d:99:3a:4c:dc:67:9c:e3:ce:7d:c7:19:43:
5d:f0:7a:0b:fe:48:d7:1d:73:ea:27:73:62:33:3e:
53:b5:b1:f3:6e:f8:12:f2:fa:88:48:9d:8b:12:e7:
49:8a:41:a7:83:6b:8b:6e:df:7f:83:32:e3:82:6e:
d5:0e:cf:fc:86:8d:e5:7e:e1:bc:d2:30:4f:88:0e:
bc:1f:82:11:1f:42:66:76:0e:cd:b1:0b:4c:cb:34:
28:9e:21:33:cf:de:d2:50:74:8b:0e:dc:1d:92:00:
96:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:CC:EC:48:5C:D9:44:4A:F9:1B:58:AA:2F:0D:2A:76:51:5B:8E:FB
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lczsSFzZREr5G1iqLw0qdlFbjvs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
22:36:9d:d8:75:a7:6e:79:dd:d2:19:98:55:b1:90:14:56:37:
06:33:c8:f5:4b:31:30:9a:f8:31:91:a6:26:5d:f3:64:35:dd:
72:bd:fc:10:43:68:5e:08:1c:fa:16:35:b0:e1:75:e2:4d:5b:
f9:fe:9e:51:48:10:ea:de:3a:0e:c7:29:37:13:63:21:6f:31:
5e:82:51:dc:5b:f3:51:8d:72:b9:80:ef:4a:cc:45:70:41:b4:
8e:fd:6d:09:75:6e:b8:c9:e3:c4:56:02:60:9e:f8:5a:33:7b:
2c:0d:cd:82:04:08:c4:44:56:05:05:e1:3a:6c:06:92:35:a3:
a7:96:07:e1:44:de:81:35:2b:53:dd:aa:4f:03:22:13:ca:3a:
a0:ae:50:a0:4b:d3:63:18:74:0d:fd:9c:e0:cd:22:c0:d6:e7:
84:f5:37:1c:29:68:68:0e:9f:3e:95:f8:e8:0b:8d:e8:ed:2c:
46:67:76:b3:18:b3:3f:8d:1d:0a:5e:84:6c:71:33:92:e8:61:
ec:21:6e:07:b0:42:f0:58:d7:85:83:81:d4:16:b7:35:a6:b3:
68:f1:8d:76:c4:a5:28:b2:ba:61:13:9f:d7:11:89:bf:17:f0:
b7:a2:52:08:60:6f:17:0d:b5:f5:ba:9b:00:94:b1:26:64:b5:
94:4d:da:d0
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQM8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQy
MzUyNTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk1Q0NFQzQ4NUNEOTQ0
NEFGOTFCNThBQTJGMEQyQTc2NTE1QjhFRkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCPeBfHvNkjIN+ijSfweTdC/sLS7v+V/5NWxt3VIxI2CT8EmBy
DbjspOYb3cdPYatrhWErgqJ3/L1WfykDeNnX9D8jm7aQhTzOZYeROVp0xZbUP8DY
7VlP8bJ2qhsgbs4zhspmNOAIA6H72wD3Kda9GQP26WiBpwyRcIcO7gtt/pcHpAOz
bIVBy0iLbqwp6F8cNJiizyhPfZk6TNxnnOPOfccZQ13wegv+SNcdc+onc2IzPlO1
sfNu+BLy+ohInYsS50mKQaeDa4tu33+DMuOCbtUOz/yGjeV+4bzSME+IDrwfghEf
QmZ2Ds2xC0zLNCieITPP3tJQdIsO3B2SAJY/AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUlczsSFzZREr5G1iqLw0qdlFbjvswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2xjenNTRnpaUkVyNUcx
aXFMdzBxZGxGYmp2cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBACI2ndh1p2553dIZmFWxkBRWNwYzyPVL
MTCa+DGRpiZd82Q13XK9/BBDaF4IHPoWNbDhdeJNW/n+nlFIEOreOg7HKTcTYyFv
MV6CUdxb81GNcrmA70rMRXBBtI79bQl1brjJ48RWAmCe+FozeywNzYIECMREVgUF
4TpsBpI1o6eWB+FE3oE1K1Pdqk8DIhPKOqCuUKBL02MYdA39nODNIsDW54T1Nxwp
aGgOnz6V+OgLjejtLEZndrMYsz+NHQpehGxxM5LoYewhbgewQvBY14WDgdQWtzWm
s2jxjXbEpSiyumETn9cRib8X8LeiUghgbxcNtfW6mwCUsSZktZRN2tA=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:46:05 2025 by rpki-client