Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/n1OGFFzQlv2DW4WWWHfZNZpM89g.roa
File: n1OGFFzQlv2DW4WWWHfZNZpM89g.roa (raw, json)
Hash identifier: E8pRspRk3fDiwwBkhmFibPf+cpLzUlLX/WkUkBHvjgI=
Subject key identifier: 9F:53:86:14:5C:D0:96:FD:83:5B:85:96:58:77:D9:35:9A:4C:F3:D8
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 56A7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/n1OGFFzQlv2DW4WWWHfZNZpM89g.roa
Signing time: Tue 14 May 2024 02:54:08 +0000
ROA not before: Tue 14 May 2024 02:54:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22183 (0x56a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 14 02:54:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9F5386145CD096FD835B85965877D9359A4CF3D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:9b:e1:05:6e:78:ba:01:02:a0:ab:8d:f7:5c:
8c:95:67:0c:e8:43:47:ab:2d:71:10:03:88:84:69:
b4:00:bc:c3:fb:29:9f:fe:fb:16:ed:a3:74:a4:19:
eb:76:7b:03:a8:ec:8c:0c:86:6d:fc:2f:38:92:3d:
e1:b1:17:19:cd:b3:d3:54:be:20:90:3f:58:ef:4c:
d1:83:80:94:f2:fa:3d:bb:1b:86:2b:c2:fc:7a:e1:
84:9a:65:3c:56:94:84:a2:34:90:c7:16:58:54:dc:
73:29:e3:93:f7:e9:eb:c6:7c:a5:1d:8a:dd:f3:f3:
99:a1:a6:fe:69:13:e5:7f:81:d7:ff:ce:40:db:f4:
af:1e:2d:4f:05:a3:91:46:06:76:53:2d:61:a9:fa:
8a:4a:ab:c5:06:d7:31:4b:41:97:61:85:d3:af:85:
62:8e:5b:94:c2:9c:8b:77:bb:3a:e9:4e:2b:85:cd:
b7:1e:e8:fe:d6:71:ea:36:2b:10:1e:b8:c9:03:65:
55:e0:d8:34:37:b7:c1:aa:15:ac:47:a6:9d:34:78:
f4:e3:bf:5b:3f:74:ed:59:9b:12:85:b7:e9:19:51:
db:df:52:3a:65:25:cd:3e:b3:87:37:25:85:a6:fb:
ae:67:85:fb:44:bc:57:2e:52:96:85:0e:a3:bc:b6:
52:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:53:86:14:5C:D0:96:FD:83:5B:85:96:58:77:D9:35:9A:4C:F3:D8
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/n1OGFFzQlv2DW4WWWHfZNZpM89g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
8f:25:fa:e8:6b:de:8e:0c:e7:fe:a8:c4:d5:52:09:cd:72:32:
6d:d8:45:3f:fd:e0:9b:c6:06:36:21:ae:54:32:65:d7:cd:6b:
1c:d4:49:ad:b0:c5:3f:db:e9:ec:c8:b5:59:c6:a4:9f:33:0c:
86:3f:9f:db:e0:3a:e9:20:22:46:a8:62:11:d0:ac:cf:90:8e:
ef:ef:d7:37:47:44:06:ef:06:b5:e0:58:cd:d2:44:b6:71:72:
ef:f5:a2:bd:ff:a0:71:7c:f0:78:7d:c7:e0:20:14:f8:8e:89:
a7:1f:e9:dd:4d:04:44:af:e5:24:da:50:bd:22:4d:3b:a6:7c:
f2:09:6f:e0:04:76:5e:a4:ed:35:b9:49:76:34:99:1b:d8:cc:
05:eb:d4:08:88:a3:6b:17:07:ef:d9:18:27:cc:01:5e:14:db:
ff:94:d7:6e:5c:41:73:15:ba:8b:24:5d:4b:55:af:63:86:e1:
0a:4e:ac:9b:41:16:ca:e3:c0:98:50:fc:b5:0b:f9:bd:83:38:
64:3b:af:67:96:de:6b:77:8b:f4:4d:a3:52:c6:5d:e8:e1:5d:
a6:b4:4f:3e:d0:73:26:ee:ec:6a:a3:13:4f:45:3f:ed:81:ae:
c8:9c:e5:00:f1:66:f0:5e:88:10:ca:d0:de:74:67:12:5b:5d:
79:bf:62:e2
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICVqcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTQw
MjU0MDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlGNTM4NjE0NUNEMDk2
RkQ4MzVCODU5NjU4NzdEOTM1OUE0Q0YzRDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDum+EFbni6AQKgq433XIyVZwzoQ0erLXEQA4iEabQAvMP7KZ/+
+xbto3SkGet2ewOo7IwMhm38LziSPeGxFxnNs9NUviCQP1jvTNGDgJTy+j27G4Yr
wvx64YSaZTxWlISiNJDHFlhU3HMp45P36evGfKUdit3z85mhpv5pE+V/gdf/zkDb
9K8eLU8Fo5FGBnZTLWGp+opKq8UG1zFLQZdhhdOvhWKOW5TCnIt3uzrpTiuFzbce
6P7Wceo2KxAeuMkDZVXg2DQ3t8GqFaxHpp00ePTjv1s/dO1ZmxKFt+kZUdvfUjpl
Jc0+s4c3JYWm+65nhftEvFcuUpaFDqO8tlKDAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUn1OGFFzQlv2DW4WWWHfZNZpM89gwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L24xT0dGRnpRbHYyRFc0
V1dXSGZaTlpwTTg5Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAI8l+uhr3o4M5/6oxNVSCc1yMm3YRT/9
4JvGBjYhrlQyZdfNaxzUSa2wxT/b6ezItVnGpJ8zDIY/n9vgOukgIkaoYhHQrM+Q
ju/v1zdHRAbvBrXgWM3SRLZxcu/1or3/oHF88Hh9x+AgFPiOiacf6d1NBESv5STa
UL0iTTumfPIJb+AEdl6k7TW5SXY0mRvYzAXr1AiIo2sXB+/ZGCfMAV4U2/+U125c
QXMVuoskXUtVr2OG4QpOrJtBFsrjwJhQ/LUL+b2DOGQ7r2eW3mt3i/RNo1LGXejh
Xaa0Tz7Qcybu7GqjE09FP+2Brsic5QDxZvBeiBDK0N50ZxJbXXm/YuI=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:26:13 2025 by rpki-client