Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/mPtppQ93h5QSzO59V0l4l5V6WO8.roa
File: mPtppQ93h5QSzO59V0l4l5V6WO8.roa (raw, json)
Hash identifier: y/8DLbjSn3jobw2cG7tIwgaMETH0V6dCbzO9Qc/sTO0=
Subject key identifier: 98:FB:69:A5:0F:77:87:94:12:CC:EE:7D:57:49:78:97:95:7A:58:EF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 48BB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mPtppQ93h5QSzO59V0l4l5V6WO8.roa
Signing time: Thu 25 Apr 2024 13:23:32 +0000
ROA not before: Thu 25 Apr 2024 13:23:32 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18619 (0x48bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 25 13:23:32 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=98FB69A50F77879412CCEE7D57497897957A58EF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:03:04:96:be:ba:07:05:22:7b:b4:81:34:84:
45:a3:3f:80:db:41:e2:b8:28:50:fe:69:f8:23:45:
50:8c:61:3e:a4:ee:70:a9:3c:2e:06:1c:ce:4e:e4:
92:65:98:18:30:d0:55:1e:8c:99:8b:05:b2:6a:5d:
ef:55:8a:4a:c6:c9:14:9e:14:17:53:08:93:19:29:
97:ff:02:ef:f4:44:90:d1:7b:ec:f1:b8:9d:4a:bb:
c8:29:a9:44:4e:b7:e7:79:78:77:f7:68:d0:0b:87:
16:b8:46:a7:0f:e0:46:ac:ab:77:72:9b:88:95:0b:
90:24:ca:e2:d7:4e:66:41:fa:48:00:8f:38:71:c8:
b0:a0:cf:ac:0b:ef:a3:02:15:20:59:54:14:15:0d:
65:df:00:89:5c:81:d3:d3:9d:b4:5c:67:86:6a:30:
40:be:11:49:71:32:19:fa:62:ef:ca:7f:6c:2b:59:
c4:88:c0:00:ef:4e:59:ce:ba:68:8d:9c:bf:ee:1f:
d5:18:88:b2:4a:de:31:15:86:03:23:8a:2c:70:39:
c0:e0:8c:6b:f6:4c:dc:3c:19:52:9b:34:cf:8b:76:
a2:96:e1:ef:c6:45:90:2a:49:e0:9e:06:3e:68:34:
f7:ac:92:61:45:33:9f:0e:8d:f5:63:e4:43:e1:4e:
64:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:FB:69:A5:0F:77:87:94:12:CC:EE:7D:57:49:78:97:95:7A:58:EF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mPtppQ93h5QSzO59V0l4l5V6WO8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
8a:83:f3:91:f8:fc:f3:5f:c8:15:19:5f:f9:09:8d:53:c1:6d:
97:1b:a6:fe:30:85:ea:2d:0b:4e:75:47:7d:03:cb:43:4e:bd:
62:71:50:b2:da:50:79:73:06:32:4f:db:76:a4:02:17:44:79:
4f:da:01:09:de:a9:49:fd:b6:87:a2:5f:13:42:75:9d:c1:48:
31:1f:9f:88:21:38:a1:2a:6f:1e:55:62:cc:61:e3:b0:8f:3c:
a0:8b:65:97:4a:92:8c:e2:ce:a6:97:0d:5d:3a:64:dc:3d:9f:
cd:24:02:6d:67:93:52:29:e9:0f:f7:14:5b:50:10:7e:c2:c7:
a0:37:e7:2a:bd:43:ff:d4:c0:a5:36:ce:7a:74:3b:0c:8c:6f:
4f:05:4e:86:a3:db:eb:a8:31:37:fb:3f:d4:1b:11:d8:90:44:
0e:69:5c:4c:5f:c3:f1:9b:56:68:92:ff:ef:b8:11:fc:99:b1:
69:8b:fa:0a:cd:5e:61:b4:db:f0:4a:2e:2c:21:6f:4f:3e:24:
05:73:a8:f2:30:da:8e:b9:f6:d5:c3:c5:98:6d:e5:bf:45:c8:
e7:8d:63:15:37:17:83:a4:73:ad:fe:a9:c6:5e:59:9a:36:7f:
be:4a:c1:a3:29:a1:f9:a8:7d:65:e9:b6:96:07:98:87:53:09:
2d:7d:30:51
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICSLswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjUx
MzIzMzJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk4RkI2OUE1MEY3Nzg3
OTQxMkNDRUU3RDU3NDk3ODk3OTU3QTU4RUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+AwSWvroHBSJ7tIE0hEWjP4DbQeK4KFD+afgjRVCMYT6k7nCp
PC4GHM5O5JJlmBgw0FUejJmLBbJqXe9VikrGyRSeFBdTCJMZKZf/Au/0RJDRe+zx
uJ1Ku8gpqUROt+d5eHf3aNALhxa4RqcP4Easq3dym4iVC5AkyuLXTmZB+kgAjzhx
yLCgz6wL76MCFSBZVBQVDWXfAIlcgdPTnbRcZ4ZqMEC+EUlxMhn6Yu/Kf2wrWcSI
wADvTlnOumiNnL/uH9UYiLJK3jEVhgMjiixwOcDgjGv2TNw8GVKbNM+LdqKW4e/G
RZAqSeCeBj5oNPeskmFFM58OjfVj5EPhTmQ7AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUmPtppQ93h5QSzO59V0l4l5V6WO8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L21QdHBwUTkzaDVRU3pP
NTlWMGw0bDVWNldPOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAIqD85H4/PNfyBUZX/kJjVPBbZcbpv4w
heotC051R30Dy0NOvWJxULLaUHlzBjJP23akAhdEeU/aAQneqUn9toeiXxNCdZ3B
SDEfn4ghOKEqbx5VYsxh47CPPKCLZZdKkozizqaXDV06ZNw9n80kAm1nk1Ip6Q/3
FFtQEH7Cx6A35yq9Q//UwKU2znp0OwyMb08FToaj2+uoMTf7P9QbEdiQRA5pXExf
w/GbVmiS/++4EfyZsWmL+grNXmG02/BKLiwhb08+JAVzqPIw2o659tXDxZht5b9F
yOeNYxU3F4Okc63+qcZeWZo2f75KwaMpofmofWXptpYHmIdTCS19MFE=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:32:22 2025 by rpki-client