Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/sMSJ9GcOvNaGyVzTVEyBXN0Tryo.roa
File: sMSJ9GcOvNaGyVzTVEyBXN0Tryo.roa (raw, json)
Hash identifier: U6L95XRNjjfK3ad0rRsqjYOP+xKK1GdGF57R7Vp051g=
Subject key identifier: B0:C4:89:F4:67:0E:BC:D6:86:C9:5C:D3:54:4C:81:5C:DD:13:AF:2A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 33A3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sMSJ9GcOvNaGyVzTVEyBXN0Tryo.roa
Signing time: Thu 28 Mar 2024 10:22:03 +0000
ROA not before: Thu 28 Mar 2024 10:22:03 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13219 (0x33a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 28 10:22:03 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B0C489F4670EBCD686C95CD3544C815CDD13AF2A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f9:5a:23:d1:3c:7a:a8:dd:5d:37:10:33:e7:
21:58:f5:b1:33:be:a5:6a:3f:29:e3:b0:15:27:fc:
da:b4:97:15:f6:65:bc:a1:2d:e4:f3:44:37:51:e6:
2b:e2:14:9d:cb:2f:88:e6:fd:f3:ee:0a:07:d2:f0:
a0:c4:73:e4:ec:56:9c:9c:33:96:d3:a7:20:fc:58:
5f:66:ce:a4:9c:1b:55:ce:20:30:cf:b3:ce:e0:65:
6c:34:79:68:38:d0:22:77:82:91:fd:7d:75:3f:59:
d5:9b:b8:34:3c:da:6a:7c:4b:01:03:34:41:e3:ea:
fd:2e:f8:bd:a3:16:ea:7f:8c:df:33:3c:da:6c:3b:
cf:d9:68:cc:44:51:f3:44:e9:ce:eb:ec:f7:e2:42:
54:75:d6:2f:a7:b7:51:ec:b3:f2:0c:d2:a2:08:c1:
c0:39:43:13:d7:4a:b1:9d:91:37:11:a2:77:a4:50:
08:57:d3:5b:78:47:f2:9e:4c:1f:d4:03:9b:c7:ab:
87:56:d9:f0:fc:db:37:c8:d1:aa:6a:f3:b9:32:86:
23:a5:97:78:a9:61:6a:0c:44:d7:b8:be:a2:39:40:
96:16:47:da:5f:17:3f:14:0e:52:0d:c7:20:e0:f8:
80:55:e4:df:60:3f:1c:ac:4e:69:23:b3:6f:9b:2e:
87:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:C4:89:F4:67:0E:BC:D6:86:C9:5C:D3:54:4C:81:5C:DD:13:AF:2A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sMSJ9GcOvNaGyVzTVEyBXN0Tryo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
4b:c0:f5:1f:47:35:e8:88:3d:11:8c:1b:8d:f9:41:ad:e7:5f:
0e:28:0c:08:46:77:d7:36:61:e5:96:02:d8:1e:22:97:48:59:
a2:da:54:bc:15:64:ce:b4:cc:e3:ac:37:ff:fa:70:93:6d:20:
e7:d5:71:16:31:12:5c:d3:35:64:0d:bc:47:a6:5f:8f:0d:2c:
89:b0:73:ab:db:71:1b:28:3c:bd:52:80:7c:a2:08:5c:dc:b4:
e8:8a:8a:6e:17:51:3f:f0:50:a2:55:98:d5:65:f3:b1:f6:d7:
5f:3c:6b:20:d9:43:86:33:b8:c6:d6:c8:cb:40:07:d9:8d:83:
3f:f2:aa:b4:1e:87:c2:b8:2a:02:32:f9:a4:63:d7:60:65:a3:
20:d8:f4:1b:c1:6c:d2:fe:c1:13:03:5c:dc:93:d5:50:7d:80:
70:e8:fa:03:99:bb:57:22:e2:cb:dd:98:01:35:06:6e:cc:d6:
d3:af:f7:17:5b:55:14:3d:4e:1b:43:e3:f5:b4:64:e0:53:a3:
11:ce:8a:8c:73:0e:c0:c4:fa:5b:aa:97:6e:ea:c2:a3:20:e1:
59:eb:3f:6a:e8:a3:1c:27:f8:67:f9:f1:80:f7:0e:84:1a:3e:
d0:fd:80:2a:bb:17:45:e3:73:b2:2c:8c:e6:11:36:d7:91:58:
d1:e2:5f:05
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICM6MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjgx
MDIyMDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIwQzQ4OUY0NjcwRUJD
RDY4NkM5NUNEMzU0NEM4MTVDREQxM0FGMkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDG+Voj0Tx6qN1dNxAz5yFY9bEzvqVqPynjsBUn/Nq0lxX2Zbyh
LeTzRDdR5iviFJ3LL4jm/fPuCgfS8KDEc+TsVpycM5bTpyD8WF9mzqScG1XOIDDP
s87gZWw0eWg40CJ3gpH9fXU/WdWbuDQ82mp8SwEDNEHj6v0u+L2jFup/jN8zPNps
O8/ZaMxEUfNE6c7r7PfiQlR11i+nt1Hss/IM0qIIwcA5QxPXSrGdkTcRonekUAhX
01t4R/KeTB/UA5vHq4dW2fD82zfI0apq87kyhiOll3ipYWoMRNe4vqI5QJYWR9pf
Fz8UDlINxyDg+IBV5N9gPxysTmkjs2+bLocLAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUsMSJ9GcOvNaGyVzTVEyBXN0TryowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3NNU0o5R2NPdk5hR3lW
elRWRXlCWE4wVHJ5by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAEvA9R9HNeiIPRGMG435Qa3nXw4oDAhG
d9c2YeWWAtgeIpdIWaLaVLwVZM60zOOsN//6cJNtIOfVcRYxElzTNWQNvEemX48N
LImwc6vbcRsoPL1SgHyiCFzctOiKim4XUT/wUKJVmNVl87H21188ayDZQ4YzuMbW
yMtAB9mNgz/yqrQeh8K4KgIy+aRj12BloyDY9BvBbNL+wRMDXNyT1VB9gHDo+gOZ
u1ci4svdmAE1Bm7M1tOv9xdbVRQ9ThtD4/W0ZOBToxHOioxzDsDE+luql27qwqMg
4VnrP2rooxwn+Gf58YD3DoQaPtD9gCq7F0Xjc7IsjOYRNteRWNHiXwU=
-----END CERTIFICATE-----
Generated at Fri Apr 11 19:05:56 2025 by rpki-client