Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/rd5Q5W7yKR7KxfE6nInZHmNDl2c.roa
File: rd5Q5W7yKR7KxfE6nInZHmNDl2c.roa (raw, json)
Hash identifier: etNn3hgiRnQ/jImH/LSswhCfrJLL3YDz3Q51PhUgoG4=
Subject key identifier: AD:DE:50:E5:6E:F2:29:1E:CA:C5:F1:3A:9C:89:D9:1E:63:43:97:67
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4AFB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rd5Q5W7yKR7KxfE6nInZHmNDl2c.roa
Signing time: Sun 28 Apr 2024 13:23:27 +0000
ROA not before: Sun 28 Apr 2024 13:23:27 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19195 (0x4afb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 28 13:23:27 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=ADDE50E56EF2291ECAC5F13A9C89D91E63439767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:43:34:4d:78:22:b9:d7:7b:13:05:6f:7b:af:
6c:aa:2b:4b:e1:e2:fb:88:1e:8d:d9:57:57:1a:0c:
ff:cc:09:b8:05:c8:5f:3b:c3:04:3d:76:70:98:a3:
e5:f0:41:86:08:b8:1e:42:af:41:3d:ef:f9:bd:9e:
90:14:d3:f4:3a:52:7b:bf:d6:d7:63:6c:b1:c5:f9:
6b:42:65:25:df:b5:1a:96:57:66:d2:bf:87:75:cf:
a0:c6:74:55:41:d2:1f:26:ba:c1:cf:61:86:8f:b6:
f7:f3:5a:da:5b:33:18:66:c2:ba:ce:34:8e:b7:37:
43:b0:7e:37:79:e1:58:2a:80:2c:24:d3:dd:7f:d1:
c1:51:58:a2:65:98:cc:5c:fa:58:5a:56:9b:42:c1:
6d:51:f6:38:26:1e:f3:0f:64:25:a8:a0:2b:8e:f2:
a9:c7:28:e7:e7:a3:b6:2a:20:a2:9d:82:5e:41:53:
0e:11:14:e5:45:9a:3e:48:f8:b8:fd:5b:f9:ef:25:
c4:09:9f:4a:aa:71:a0:1a:50:6d:12:3a:80:91:46:
f2:e1:d8:50:e3:aa:66:e9:6c:62:e6:d2:22:ab:52:
ad:28:a7:7c:68:a7:bd:5a:77:09:3a:a4:60:0d:08:
f3:68:e8:d5:d4:de:9c:f3:69:96:ab:08:3f:ee:da:
60:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:DE:50:E5:6E:F2:29:1E:CA:C5:F1:3A:9C:89:D9:1E:63:43:97:67
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rd5Q5W7yKR7KxfE6nInZHmNDl2c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
70:7e:af:63:87:a0:e4:72:f2:50:8f:28:5b:c2:d9:d8:6a:f2:
bb:e7:86:ee:02:54:d7:25:21:66:68:a4:56:a1:48:e7:59:24:
8b:80:73:25:09:42:44:50:02:b0:56:b8:16:c2:97:bb:91:ca:
2a:e2:6e:3f:f5:69:d1:dc:2a:f0:d3:f7:3c:ab:d8:16:6e:d0:
ab:4f:04:ee:cf:48:bc:e9:7b:f3:1c:29:f2:3a:8b:ed:35:99:
a1:da:c5:a4:36:ae:4d:17:88:65:37:6b:47:d3:3b:74:72:85:
61:09:56:f9:aa:01:b2:b5:e4:e4:2a:65:6e:f6:68:33:dc:70:
69:f1:67:d9:2b:3f:1e:eb:2c:9d:1d:42:9c:84:2b:04:51:3f:
72:98:fb:6d:41:72:a7:62:2d:bd:7d:e1:4a:e7:2c:6b:6b:4e:
4f:6d:6c:31:ab:6c:19:66:f9:3d:31:5f:af:19:01:56:5a:3d:
d4:73:74:98:ac:c5:2b:10:b9:55:be:b5:d0:3b:aa:83:7e:45:
9e:b2:d9:99:84:2e:d5:64:c8:1f:0e:36:0e:48:76:af:df:6b:
ea:ff:ea:1f:ff:cf:23:94:2b:e7:a2:e4:e5:76:94:d0:95:46:
89:1c:a9:b1:ca:da:19:43:c7:17:46:ca:ef:a3:ec:f5:67:df:
d8:6e:41:5d
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICSvswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjgx
MzIzMjdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFEREU1MEU1NkVGMjI5
MUVDQUM1RjEzQTlDODlEOTFFNjM0Mzk3NjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDeQzRNeCK513sTBW97r2yqK0vh4vuIHo3ZV1caDP/MCbgFyF87
wwQ9dnCYo+XwQYYIuB5Cr0E97/m9npAU0/Q6Unu/1tdjbLHF+WtCZSXftRqWV2bS
v4d1z6DGdFVB0h8musHPYYaPtvfzWtpbMxhmwrrONI63N0Owfjd54VgqgCwk091/
0cFRWKJlmMxc+lhaVptCwW1R9jgmHvMPZCWooCuO8qnHKOfno7YqIKKdgl5BUw4R
FOVFmj5I+Lj9W/nvJcQJn0qqcaAaUG0SOoCRRvLh2FDjqmbpbGLm0iKrUq0op3xo
p71adwk6pGANCPNo6NXU3pzzaZarCD/u2mAFAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUrd5Q5W7yKR7KxfE6nInZHmNDl2cwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3JkNVE1Vzd5S1I3S3hm
RTZuSW5aSG1ORGwyYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAHB+r2OHoORy8lCPKFvC2dhq8rvnhu4C
VNclIWZopFahSOdZJIuAcyUJQkRQArBWuBbCl7uRyiribj/1adHcKvDT9zyr2BZu
0KtPBO7PSLzpe/McKfI6i+01maHaxaQ2rk0XiGU3a0fTO3RyhWEJVvmqAbK15OQq
ZW72aDPccGnxZ9krPx7rLJ0dQpyEKwRRP3KY+21BcqdiLb194UrnLGtrTk9tbDGr
bBlm+T0xX68ZAVZaPdRzdJisxSsQuVW+tdA7qoN+RZ6y2ZmELtVkyB8ONg5Idq/f
a+r/6h//zyOUK+ei5OV2lNCVRokcqbHK2hlDxxdGyu+j7PVn39huQV0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:58:43 2025 by rpki-client