Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/onnOdjiBZr_YROy8hUh-rNu4PDc.roa
File: onnOdjiBZr_YROy8hUh-rNu4PDc.roa (raw, json)
Hash identifier: cbfaUCJPcCa7RF5e1nHyvdIdq6GaG9t0j/9ovEhzroQ=
Subject key identifier: A2:79:CE:76:38:81:66:BF:D8:44:EC:BC:85:48:7E:AC:DB:B8:3C:37
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4517
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/onnOdjiBZr_YROy8hUh-rNu4PDc.roa
Signing time: Sat 20 Apr 2024 16:53:13 +0000
ROA not before: Sat 20 Apr 2024 16:53:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17687 (0x4517)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 16:53:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A279CE76388166BFD844ECBC85487EACDBB83C37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:93:7a:27:05:0c:f5:b6:58:96:85:a3:f4:43:
c1:af:e0:9e:43:06:25:86:34:ac:6c:91:4e:ec:ae:
6a:40:c7:f2:cf:24:cd:1c:34:88:34:ac:af:eb:ae:
80:46:cf:e0:a8:ec:b9:64:79:f5:fc:e0:28:fd:9d:
a1:e7:dd:05:20:04:20:16:6e:bb:c8:16:f0:95:2c:
c4:d5:fe:67:6a:a2:a9:9c:88:b0:91:b1:16:65:2d:
cb:38:2d:63:a6:c4:c3:b6:bc:26:23:fc:80:23:16:
da:99:04:ac:a6:11:06:a7:0a:21:f6:db:b4:96:50:
ac:53:5e:ca:7b:71:1b:6a:d8:86:7f:bc:fa:73:7a:
2b:53:43:05:49:4a:fc:bf:58:d1:d1:cd:a6:4d:28:
85:63:a0:7c:0e:de:16:0d:b6:11:50:8d:37:a9:61:
d5:04:a8:9a:9e:24:db:e0:6c:20:9d:70:62:1a:d4:
e8:63:d4:f0:98:28:62:0d:ce:01:d9:e3:c8:5d:0c:
43:54:13:89:f6:c9:8b:5a:8d:9b:79:76:0f:5b:38:
d5:84:39:0f:7d:19:23:aa:fb:f0:03:46:04:8c:66:
cf:8c:48:69:50:34:08:6b:e2:1b:39:f5:4d:e8:09:
27:fc:cf:52:f5:56:12:24:65:27:2f:aa:a4:19:aa:
d2:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:79:CE:76:38:81:66:BF:D8:44:EC:BC:85:48:7E:AC:DB:B8:3C:37
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/onnOdjiBZr_YROy8hUh-rNu4PDc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
2e:ce:9c:48:5b:f3:b0:96:6d:f6:44:d1:d1:70:0e:0a:e5:c3:
e7:4f:4c:bf:9f:e2:62:d9:3f:54:2e:b7:94:62:f2:b7:1f:04:
e9:9d:c8:c1:b1:4b:af:4a:b2:ca:e0:a6:ef:8f:19:47:f2:a6:
13:d7:ca:43:75:81:c0:fd:98:eb:eb:dc:9a:c4:92:b1:89:77:
36:91:77:76:f3:91:3b:0a:9d:6c:c1:8e:7b:51:40:77:c3:a4:
d4:86:8b:ee:65:e1:b8:e3:48:e6:c2:d6:eb:f5:ae:de:b0:fe:
4b:2c:e5:a5:32:84:74:a9:33:4d:b1:f9:76:a9:34:ae:58:10:
0b:1f:4a:01:75:b4:8e:e9:c8:12:fa:af:fb:b8:cc:48:3e:47:
55:31:28:85:c3:24:57:f1:7c:4a:0b:d1:22:19:81:88:d4:14:
bc:b0:a8:a2:c7:7d:b9:f4:58:c0:2d:6f:eb:dd:36:a5:0f:61:
09:7d:9a:f8:16:a5:26:2a:2f:5a:3e:50:6c:25:b0:f9:e7:64:
ca:1a:2b:2f:84:69:58:84:8e:eb:cb:93:b0:8c:24:b9:7c:5b:
88:51:98:d2:8c:2a:34:c1:78:c7:a9:72:bf:6a:d9:48:d2:e2:
0c:79:3a:f7:32:44:bc:ab:a9:68:da:b2:3a:78:13:c3:c3:49:
f8:dd:b6:3b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICRRcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAx
NjUzMTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEEyNzlDRTc2Mzg4MTY2
QkZEODQ0RUNCQzg1NDg3RUFDREJCODNDMzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2k3onBQz1tliWhaP0Q8Gv4J5DBiWGNKxskU7srmpAx/LPJM0c
NIg0rK/rroBGz+Co7LlkefX84Cj9naHn3QUgBCAWbrvIFvCVLMTV/mdqoqmciLCR
sRZlLcs4LWOmxMO2vCYj/IAjFtqZBKymEQanCiH227SWUKxTXsp7cRtq2IZ/vPpz
eitTQwVJSvy/WNHRzaZNKIVjoHwO3hYNthFQjTepYdUEqJqeJNvgbCCdcGIa1Ohj
1PCYKGINzgHZ48hdDENUE4n2yYtajZt5dg9bONWEOQ99GSOq+/ADRgSMZs+MSGlQ
NAhr4hs59U3oCSf8z1L1VhIkZScvqqQZqtK7AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUonnOdjiBZr/YROy8hUh+rNu4PDcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L29ubk9kamlCWnJfWVJP
eThoVWgtck51NFBEYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAC7OnEhb87CWbfZE0dFwDgrlw+dPTL+f
4mLZP1Qut5Ri8rcfBOmdyMGxS69Kssrgpu+PGUfyphPXykN1gcD9mOvr3JrEkrGJ
dzaRd3bzkTsKnWzBjntRQHfDpNSGi+5l4bjjSObC1uv1rt6w/kss5aUyhHSpM02x
+XapNK5YEAsfSgF1tI7pyBL6r/u4zEg+R1UxKIXDJFfxfEoL0SIZgYjUFLywqKLH
fbn0WMAtb+vdNqUPYQl9mvgWpSYqL1o+UGwlsPnnZMoaKy+EaViEjuvLk7CMJLl8
W4hRmNKMKjTBeMepcr9q2UjS4gx5OvcyRLyrqWjasjp4E8PDSfjdtjs=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:32:17 2025 by rpki-client