Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/rz3i1g_Xcno49BmThrUk4js4bf4.roa
File: rz3i1g_Xcno49BmThrUk4js4bf4.roa (raw, json)
Hash identifier: qaIctDybd6anrZfrGwaLGJmgPkgugSYwxDn9hyQFb00=
Subject key identifier: AF:3D:E2:D6:0F:D7:72:7A:38:F4:19:93:86:B5:24:E2:3B:38:6D:FE
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4D5B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rz3i1g_Xcno49BmThrUk4js4bf4.roa
Signing time: Wed 01 May 2024 17:23:39 +0000
ROA not before: Wed 01 May 2024 17:23:39 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19803 (0x4d5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 1 17:23:39 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AF3DE2D60FD7727A38F4199386B524E23B386DFE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:b4:ed:60:42:73:03:49:ad:d0:b0:f5:20:95:
60:2b:e3:6e:cd:0d:ca:4b:55:61:fa:9d:3d:bd:85:
35:32:a3:b3:40:97:7c:14:de:41:86:30:f6:94:64:
3e:0a:ec:cb:49:42:e8:99:55:d6:8d:a1:82:f2:2c:
d7:7f:41:42:2b:3e:a7:ad:99:9e:8f:14:34:4e:45:
24:08:96:63:6f:36:c4:4f:71:ba:dd:27:c8:bd:e3:
8c:9a:78:a8:83:b6:0a:d6:0c:d7:38:ea:4f:14:ed:
32:af:34:a1:62:2a:2d:cd:e2:62:eb:ea:f2:7f:40:
f1:b1:2d:50:43:7e:43:90:59:23:2b:3f:7e:4b:cc:
70:6b:0a:e2:6e:ab:69:c9:8f:75:94:4e:6f:45:38:
53:5d:bb:c4:1d:3c:94:f0:7d:a2:08:30:02:1a:dd:
2c:c0:78:38:34:0a:05:f6:14:cb:39:a8:a2:a1:4f:
50:8b:00:64:f3:63:cb:4f:d4:32:4f:e9:6f:cf:bf:
d8:2c:0d:69:2f:d3:e6:02:7d:69:4d:0a:84:7d:82:
1f:89:93:4c:06:e2:72:6d:d1:1a:45:08:8a:9e:fc:
fc:dd:33:b4:72:3a:e0:8c:ba:8d:3d:6b:e7:f7:3d:
12:65:ff:4b:73:34:45:0c:37:87:1c:c5:ab:f1:42:
ea:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:3D:E2:D6:0F:D7:72:7A:38:F4:19:93:86:B5:24:E2:3B:38:6D:FE
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rz3i1g_Xcno49BmThrUk4js4bf4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
1d:1b:b5:ef:2a:ab:9b:a4:8c:20:8a:b2:0f:cd:09:db:36:a8:
0f:61:52:6d:22:cc:08:b1:25:e5:ec:3b:c5:19:da:54:20:05:
61:69:15:01:7d:77:d5:eb:f8:e6:95:68:c0:1b:72:d0:e2:08:
53:75:3b:fe:3c:43:5c:fb:7b:e2:27:3c:9c:da:3d:73:43:32:
a4:d0:6c:73:b7:d7:3e:05:5d:93:3d:56:14:e4:96:49:38:72:
d1:d0:c0:e7:b7:42:48:30:4d:74:95:73:29:a0:7c:b8:19:4d:
9e:ec:49:6e:65:a5:86:c5:1f:25:bc:83:bf:ec:f9:11:eb:a5:
b3:ed:a0:74:91:49:99:3c:5c:6a:25:b2:1d:46:d8:d5:53:91:
bc:aa:97:e9:74:a6:99:85:6a:dc:39:43:39:9c:74:6c:b7:07:
38:f9:3d:bb:a6:f0:ff:68:0e:5b:e6:43:dd:50:30:97:40:dc:
97:1c:96:47:19:7a:ef:7a:a3:51:d3:57:3d:c8:a4:4f:57:c0:
3b:4c:40:f1:66:02:24:cd:e2:e4:60:e8:23:f1:13:7f:0e:70:
7e:0f:92:3d:df:ad:84:b1:72:88:f0:65:81:03:fa:02:38:e9:
1d:79:db:a5:b4:af:c9:79:0e:98:00:5d:fa:45:24:c0:35:2d:
4e:00:49:f5
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTVswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDEx
NzIzMzlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFGM0RFMkQ2MEZENzcy
N0EzOEY0MTk5Mzg2QjUyNEUyM0IzODZERkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD3tO1gQnMDSa3QsPUglWAr427NDcpLVWH6nT29hTUyo7NAl3wU
3kGGMPaUZD4K7MtJQuiZVdaNoYLyLNd/QUIrPqetmZ6PFDRORSQIlmNvNsRPcbrd
J8i944yaeKiDtgrWDNc46k8U7TKvNKFiKi3N4mLr6vJ/QPGxLVBDfkOQWSMrP35L
zHBrCuJuq2nJj3WUTm9FOFNdu8QdPJTwfaIIMAIa3SzAeDg0CgX2FMs5qKKhT1CL
AGTzY8tP1DJP6W/Pv9gsDWkv0+YCfWlNCoR9gh+Jk0wG4nJt0RpFCIqe/PzdM7Ry
OuCMuo09a+f3PRJl/0tzNEUMN4ccxavxQur1AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUrz3i1g/Xcno49BmThrUk4js4bf4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3J6M2kxZ19YY25vNDlC
bVRoclVrNGpzNGJmNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAB0bte8qq5ukjCCKsg/NCds2qA9hUm0i
zAixJeXsO8UZ2lQgBWFpFQF9d9Xr+OaVaMAbctDiCFN1O/48Q1z7e+InPJzaPXND
MqTQbHO31z4FXZM9VhTklkk4ctHQwOe3QkgwTXSVcymgfLgZTZ7sSW5lpYbFHyW8
g7/s+RHrpbPtoHSRSZk8XGolsh1G2NVTkbyql+l0ppmFatw5QzmcdGy3Bzj5Pbum
8P9oDlvmQ91QMJdA3JcclkcZeu96o1HTVz3IpE9XwDtMQPFmAiTN4uRg6CPxE38O
cH4Pkj3frYSxcojwZYED+gI46R1526W0r8l5DpgAXfpFJMA1LU4ASfU=
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:03:49 2025 by rpki-client