Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/uIIwHcNVCGXVjSOpOnna4C677Nc.roa
File: uIIwHcNVCGXVjSOpOnna4C677Nc.roa (raw, json)
Hash identifier: E5JfaOWdN+JTLoIttcMaSu4YQ0vjum/uUogQIkdrFA0=
Subject key identifier: B8:82:30:1D:C3:55:08:65:D5:8D:23:A9:3A:79:DA:E0:2E:BB:EC:D7
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4DB3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/uIIwHcNVCGXVjSOpOnna4C677Nc.roa
Signing time: Thu 02 May 2024 04:23:43 +0000
ROA not before: Thu 02 May 2024 04:23:43 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19891 (0x4db3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 2 04:23:43 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B882301DC3550865D58D23A93A79DAE02EBBECD7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:78:04:f6:8a:3c:77:ee:21:57:2d:1f:90:40:
c4:01:ad:7d:90:fa:b8:87:4f:a4:0a:8a:b4:2e:f6:
98:2d:43:d6:54:4c:16:d3:9f:eb:df:60:42:46:2c:
08:0b:0d:7a:87:ec:30:78:53:84:d5:dd:74:9c:97:
fb:75:35:d8:90:08:5f:9f:06:68:b0:38:57:03:a6:
c5:ef:bc:b4:30:12:33:d8:8a:1a:b3:1c:92:78:c4:
da:68:db:76:ad:9e:fd:47:76:50:f6:04:90:46:e4:
f7:88:9e:f8:24:29:c1:0d:3e:c4:95:23:a9:c3:a6:
cc:dd:83:9e:a5:ca:3f:26:fe:9a:6f:ad:37:d5:7d:
f3:07:3c:c5:7d:66:de:d7:0a:de:be:8e:c2:ff:f9:
fb:30:02:bb:1e:5a:aa:dc:bc:1b:14:7d:60:e6:33:
22:6f:8d:59:7a:a4:9d:14:cf:0e:e4:b7:a1:cb:56:
3b:8a:8e:c1:15:27:c1:4c:5c:c2:16:56:b1:42:75:
bc:bb:ca:b6:dc:68:aa:3d:1b:5a:42:33:26:cc:8e:
04:11:90:60:eb:2a:54:18:07:b8:7d:87:bf:fa:f3:
5e:e5:0b:a9:0f:02:b7:c3:29:98:21:1e:0d:fb:9a:
85:36:c2:38:cc:25:9f:95:5e:5e:d2:81:92:f7:f0:
44:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:82:30:1D:C3:55:08:65:D5:8D:23:A9:3A:79:DA:E0:2E:BB:EC:D7
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/uIIwHcNVCGXVjSOpOnna4C677Nc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
bb:de:15:3b:16:a7:07:8a:58:4e:f1:a1:4c:2d:54:94:4b:cb:
aa:01:e1:f1:8f:eb:16:56:3f:ff:9c:f9:ea:bc:7d:13:76:8a:
96:9f:c0:93:14:4d:f1:b4:a3:a7:e3:22:d5:03:b7:b5:41:b0:
d4:87:dc:6c:0c:d1:42:f2:20:b2:e9:3a:c3:89:c1:a0:01:80:
0f:2d:e5:f4:de:81:61:c0:18:35:7b:97:20:89:03:9e:bc:16:
cb:fa:37:30:70:09:21:09:f2:35:89:91:d9:d9:c6:58:98:7e:
14:ee:b9:9e:81:81:40:1f:24:9e:bb:e4:d3:81:03:fd:ce:d0:
87:ad:e7:8b:89:ba:ae:ee:c9:5a:02:98:4f:09:2e:f9:9c:80:
20:04:24:c4:de:44:98:68:e8:30:92:7f:db:d4:04:87:87:85:
d5:b5:4c:6d:e0:99:cc:e6:01:3b:91:58:3e:97:b5:c6:41:f1:
4f:4e:21:19:d2:2b:e1:a2:d6:f9:57:71:8a:f4:de:7e:40:d6:
a2:f7:f4:57:1b:da:3e:b9:0a:7e:9a:c8:2c:3f:8a:e0:fc:d6:
61:a1:6c:8c:64:c9:5e:d9:93:80:56:b1:fb:9f:b6:31:a2:48:
cd:1f:2c:00:bc:07:ed:f0:6c:94:46:e8:79:33:7a:06:9f:62:
ce:21:3c:57
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTbMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDIw
NDIzNDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI4ODIzMDFEQzM1NTA4
NjVENThEMjNBOTNBNzlEQUUwMkVCQkVDRDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCheAT2ijx37iFXLR+QQMQBrX2Q+riHT6QKirQu9pgtQ9ZUTBbT
n+vfYEJGLAgLDXqH7DB4U4TV3XScl/t1NdiQCF+fBmiwOFcDpsXvvLQwEjPYihqz
HJJ4xNpo23atnv1HdlD2BJBG5PeInvgkKcENPsSVI6nDpszdg56lyj8m/ppvrTfV
ffMHPMV9Zt7XCt6+jsL/+fswArseWqrcvBsUfWDmMyJvjVl6pJ0Uzw7kt6HLVjuK
jsEVJ8FMXMIWVrFCdby7yrbcaKo9G1pCMybMjgQRkGDrKlQYB7h9h7/6817lC6kP
ArfDKZghHg37moU2wjjMJZ+VXl7SgZL38EQNAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUuIIwHcNVCGXVjSOpOnna4C677NcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3VJSXdIY05WQ0dYVmpT
T3BPbm5hNEM2NzdOYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALveFTsWpweKWE7xoUwtVJRLy6oB4fGP
6xZWP/+c+eq8fRN2ipafwJMUTfG0o6fjItUDt7VBsNSH3GwM0ULyILLpOsOJwaAB
gA8t5fTegWHAGDV7lyCJA568Fsv6NzBwCSEJ8jWJkdnZxliYfhTuuZ6BgUAfJJ67
5NOBA/3O0Iet54uJuq7uyVoCmE8JLvmcgCAEJMTeRJho6DCSf9vUBIeHhdW1TG3g
mczmATuRWD6XtcZB8U9OIRnSK+Gi1vlXcYr03n5A1qL39Fcb2j65Cn6ayCw/iuD8
1mGhbIxkyV7Zk4BWsfuftjGiSM0fLAC8B+3wbJRG6HkzegafYs4hPFc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:29:38 2025 by rpki-client