Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/sdVwv1s-uyv2nPXPWxXqS17PG8w.roa
File: sdVwv1s-uyv2nPXPWxXqS17PG8w.roa (raw, json)
Hash identifier: 8zM9fiFhIfrZvl7AGNmyLGhVbh0nxOrAeP+sEqr9Log=
Subject key identifier: B1:D5:70:BF:5B:3E:BB:2B:F6:9C:F5:CF:5B:15:EA:4B:5E:CF:1B:CC
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3C43
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sdVwv1s-uyv2nPXPWxXqS17PG8w.roa
Signing time: Mon 08 Apr 2024 22:22:37 +0000
ROA not before: Mon 08 Apr 2024 22:22:37 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15427 (0x3c43)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 8 22:22:37 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B1D570BF5B3EBB2BF69CF5CF5B15EA4B5ECF1BCC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:df:fb:cc:99:6e:4f:57:85:f9:da:a9:58:56:
bc:fb:01:b8:4b:07:90:2d:35:ae:bd:ea:b5:01:e9:
9c:3c:12:6a:73:f8:4e:83:cc:fe:20:62:7f:bb:76:
9f:70:b9:e6:99:8f:76:80:ed:9f:2d:85:b7:e2:86:
48:c3:c3:55:14:c4:ae:4b:48:d7:23:84:87:1f:95:
89:5e:ac:ca:70:f3:b2:35:34:ca:7f:6a:56:50:17:
39:c3:6a:c6:a4:e7:c7:34:36:cc:ba:b0:1c:6d:2a:
74:e9:93:78:44:d1:13:b3:f2:4c:ca:b6:fd:f4:79:
e5:66:1a:0d:6e:10:2e:8f:3b:e1:73:bd:e8:ac:30:
12:05:20:a7:d7:e4:bf:bb:c9:14:08:ed:bd:0f:3a:
c0:17:d7:6d:8c:8e:d4:26:e2:9c:ec:4b:cc:b4:ee:
ad:e9:f3:f1:2a:b2:00:1a:f1:e8:32:6b:1c:5a:77:
b4:fa:bf:9d:df:d6:fe:4a:30:e4:c7:e5:6a:7f:c8:
ec:d1:38:43:26:51:c9:31:b7:b7:09:ae:d2:96:47:
81:13:48:28:a5:2e:0f:18:49:00:e1:1f:6f:f6:b1:
5b:90:0d:3a:84:d6:37:ad:93:48:7a:72:03:64:00:
30:97:f2:26:56:a6:47:59:77:5c:95:9b:8a:54:bf:
ac:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:D5:70:BF:5B:3E:BB:2B:F6:9C:F5:CF:5B:15:EA:4B:5E:CF:1B:CC
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sdVwv1s-uyv2nPXPWxXqS17PG8w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
16:76:99:ce:6c:84:f8:13:65:76:c9:b7:9a:87:3a:92:a6:b0:
b5:76:b6:a0:2b:4b:bb:80:f4:f8:3f:25:27:6e:18:a7:f3:27:
19:69:41:9a:e4:49:34:56:87:73:01:d4:62:1b:87:77:87:7c:
d8:30:01:5b:ff:43:7f:7a:ff:3d:e5:b4:4e:b5:de:1c:c8:75:
5b:75:89:43:c0:29:bc:dc:97:10:46:7b:8c:ce:3b:48:f1:68:
b3:0e:14:cd:37:9f:11:bb:c5:c5:6d:78:c5:9c:0f:fb:c3:fd:
62:3f:d5:92:32:9e:3d:f3:12:74:9b:3c:34:4a:b3:35:af:90:
7a:e5:88:68:21:35:c7:fb:10:0a:3d:39:9a:21:f7:c7:65:06:
31:7c:72:f4:75:1d:fe:35:df:ef:e7:54:02:99:dd:84:ae:98:
88:d8:1d:f1:f5:2b:00:3d:e6:3d:ef:ed:47:a6:3f:85:e4:a4:
77:57:f8:4b:96:82:c8:42:b4:2a:47:d1:da:21:af:f8:8d:46:
dd:6e:d0:48:6b:7b:6d:15:69:71:d8:3c:4a:78:71:30:d8:ac:
42:11:f5:21:cf:7e:ce:1d:c2:93:0b:65:84:ad:83:54:ca:e2:
f2:ef:a1:6d:98:16:74:02:e6:41:19:ba:64:a7:d1:f7:2b:c4:
4b:71:92:cc
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPEMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDgy
MjIyMzdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIxRDU3MEJGNUIzRUJC
MkJGNjlDRjVDRjVCMTVFQTRCNUVDRjFCQ0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJ3/vMmW5PV4X52qlYVrz7AbhLB5AtNa696rUB6Zw8Empz+E6D
zP4gYn+7dp9wueaZj3aA7Z8thbfihkjDw1UUxK5LSNcjhIcflYlerMpw87I1NMp/
alZQFznDasak58c0Nsy6sBxtKnTpk3hE0ROz8kzKtv30eeVmGg1uEC6PO+Fzveis
MBIFIKfX5L+7yRQI7b0POsAX122MjtQm4pzsS8y07q3p8/EqsgAa8egyaxxad7T6
v53f1v5KMOTH5Wp/yOzROEMmUckxt7cJrtKWR4ETSCilLg8YSQDhH2/2sVuQDTqE
1jetk0h6cgNkADCX8iZWpkdZd1yVm4pUv6z5AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUsdVwv1s+uyv2nPXPWxXqS17PG8wwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3NkVnd2MXMtdXl2Mm5Q
WFBXeFhxUzE3UEc4dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBABZ2mc5shPgTZXbJt5qHOpKmsLV2tqAr
S7uA9Pg/JSduGKfzJxlpQZrkSTRWh3MB1GIbh3eHfNgwAVv/Q396/z3ltE613hzI
dVt1iUPAKbzclxBGe4zOO0jxaLMOFM03nxG7xcVteMWcD/vD/WI/1ZIynj3zEnSb
PDRKszWvkHrliGghNcf7EAo9OZoh98dlBjF8cvR1Hf413+/nVAKZ3YSumIjYHfH1
KwA95j3v7UemP4XkpHdX+EuWgshCtCpH0dohr/iNRt1u0Ehre20VaXHYPEp4cTDY
rEIR9SHPfs4dwpMLZYStg1TK4vLvoW2YFnQC5kEZumSn0fcrxEtxksw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:40:46 2025 by rpki-client