Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/nU2J_lh8nSEjpKiXxzpTB4ptpmI.roa
File: nU2J_lh8nSEjpKiXxzpTB4ptpmI.roa (raw, json)
Hash identifier: t17iqc2169GDWZfcChgz3c2MUa1FHXoSSkCWel1QyJ8=
Subject key identifier: 9D:4D:89:FE:58:7C:9D:21:23:A4:A8:97:C7:3A:53:07:8A:6D:A6:62
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 35A7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/nU2J_lh8nSEjpKiXxzpTB4ptpmI.roa
Signing time: Sun 31 Mar 2024 02:52:10 +0000
ROA not before: Sun 31 Mar 2024 02:52:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13735 (0x35a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 02:52:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9D4D89FE587C9D2123A4A897C73A53078A6DA662
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:7c:30:07:02:63:8d:d2:43:a6:a9:d5:85:db:
50:9e:18:ff:17:ec:76:29:04:57:33:08:fe:6a:99:
0b:50:d7:8e:7e:78:e0:8c:52:0b:4d:3b:20:16:80:
4d:b8:98:72:2e:a3:09:a5:fa:a3:f3:f5:11:a0:e7:
ae:21:8e:8f:15:ae:91:8d:2d:2d:62:16:ce:b3:13:
21:82:62:15:21:2b:48:bc:d9:ae:46:f7:54:38:0b:
44:d0:c0:40:12:f0:70:6f:97:cf:fb:39:4a:34:af:
de:50:07:42:dd:e2:38:47:98:ef:f8:5c:f6:e0:38:
2e:fc:e7:a1:0f:f1:ec:1d:2a:dd:42:83:a3:ec:8e:
60:fa:9b:34:33:02:7c:51:36:4e:66:a7:a1:0e:da:
90:82:28:27:df:de:0d:f1:df:a0:1c:c8:e6:94:08:
39:6a:e4:1a:ac:50:78:58:33:c9:73:c1:67:b2:5b:
06:44:87:fa:0e:ad:d0:34:e9:ee:b7:09:5c:2a:5a:
96:14:3c:f8:6f:b4:2a:e6:a9:16:dd:62:4f:48:56:
9b:7f:20:fd:d3:c2:e1:9a:a2:ca:67:7d:56:88:30:
d2:85:5b:d6:5a:7a:66:f5:39:0c:c2:52:a7:a5:db:
23:10:8c:07:66:c7:13:ce:51:69:fa:47:d4:7f:8d:
00:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:4D:89:FE:58:7C:9D:21:23:A4:A8:97:C7:3A:53:07:8A:6D:A6:62
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/nU2J_lh8nSEjpKiXxzpTB4ptpmI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
9c:58:9b:19:f6:57:c7:31:98:81:da:8d:2b:f1:7e:b2:bf:b2:
fd:8b:4d:db:02:f3:fa:28:d7:21:6e:85:fc:64:3d:15:f5:a2:
c4:63:6a:d8:ad:85:4c:60:16:9a:0a:de:a4:bc:dd:e7:30:09:
2d:d9:74:24:63:91:41:79:b4:24:40:b1:ee:23:3d:4e:6d:a1:
f9:e0:02:2f:12:1b:ed:b2:28:91:ed:c4:e4:ea:bb:0a:50:88:
7e:d6:aa:44:38:4f:51:9f:a6:a7:a8:bf:e0:b4:7c:20:ff:54:
76:d0:55:26:02:97:7d:e0:d6:55:2c:c3:21:d7:bb:ac:89:e0:
44:56:aa:ab:f7:82:f8:9e:df:64:74:a0:57:37:85:d2:9e:64:
74:22:b0:2b:10:d5:62:fe:2e:e9:a3:06:24:f9:2c:b5:e9:0b:
9d:8c:33:13:17:e7:ee:39:e2:05:2b:4f:e4:0d:6f:fa:42:40:
de:2e:8c:b9:f7:2a:57:92:04:15:5e:ee:ad:1b:8c:a8:b0:a6:
84:02:47:2b:cb:dc:35:de:3e:2a:93:67:24:43:1c:f9:2f:29:
dd:24:29:c5:c2:25:98:b0:b1:30:a5:00:27:8d:67:cc:29:7e:
3a:27:be:35:89:7b:6b:14:23:8a:1e:fa:6d:b9:de:b6:ea:23:
5f:03:65:60
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNacwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEw
MjUyMTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlENEQ4OUZFNTg3QzlE
MjEyM0E0QTg5N0M3M0E1MzA3OEE2REE2NjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhfDAHAmON0kOmqdWF21CeGP8X7HYpBFczCP5qmQtQ145+eOCM
UgtNOyAWgE24mHIuowml+qPz9RGg564hjo8VrpGNLS1iFs6zEyGCYhUhK0i82a5G
91Q4C0TQwEAS8HBvl8/7OUo0r95QB0Ld4jhHmO/4XPbgOC7856EP8ewdKt1Cg6Ps
jmD6mzQzAnxRNk5mp6EO2pCCKCff3g3x36AcyOaUCDlq5BqsUHhYM8lzwWeyWwZE
h/oOrdA06e63CVwqWpYUPPhvtCrmqRbdYk9IVpt/IP3TwuGaospnfVaIMNKFW9Za
emb1OQzCUqel2yMQjAdmxxPOUWn6R9R/jQCBAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUnU2J/lh8nSEjpKiXxzpTB4ptpmIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L25VMkpfbGg4blNFanBL
aVh4enBUQjRwdHBtSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAJxYmxn2V8cxmIHajSvxfrK/sv2LTdsC
8/oo1yFuhfxkPRX1osRjatithUxgFpoK3qS83ecwCS3ZdCRjkUF5tCRAse4jPU5t
ofngAi8SG+2yKJHtxOTquwpQiH7WqkQ4T1Gfpqeov+C0fCD/VHbQVSYCl33g1lUs
wyHXu6yJ4ERWqqv3gvie32R0oFc3hdKeZHQisCsQ1WL+LumjBiT5LLXpC52MMxMX
5+454gUrT+QNb/pCQN4ujLn3KleSBBVe7q0bjKiwpoQCRyvL3DXePiqTZyRDHPkv
Kd0kKcXCJZiwsTClACeNZ8wpfjonvjWJe2sUI4oe+m253rbqI18DZWA=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:48:57 2025 by rpki-client