Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/uyQ5vivKVlK5HUypFpWR554mq20.roa
File: uyQ5vivKVlK5HUypFpWR554mq20.roa (raw, json)
Hash identifier: 974z8f2Tkk91i1v3LR51BhAaUKItilxzk39wrXdiVYg=
Subject key identifier: BB:24:39:BE:2B:CA:56:52:B9:1D:4C:A9:16:95:91:E7:9E:26:AB:6D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 444B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/uyQ5vivKVlK5HUypFpWR554mq20.roa
Signing time: Fri 19 Apr 2024 15:23:01 +0000
ROA not before: Fri 19 Apr 2024 15:23:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17483 (0x444b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 19 15:23:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=BB2439BE2BCA5652B91D4CA9169591E79E26AB6D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:65:94:de:7c:2e:1d:91:ab:8f:41:cf:d1:76:
b7:f1:1e:43:a2:66:eb:fa:31:f8:93:df:c5:a3:a7:
a3:ce:2c:f7:10:5e:fe:55:bd:c9:68:23:d4:1b:15:
bf:ec:0a:b5:41:da:e4:6f:f6:ea:47:8f:b5:58:b0:
01:d3:fa:3c:02:07:df:69:7f:6c:ef:38:c6:c4:05:
87:2e:5a:76:42:a1:22:f5:e0:88:e7:75:6d:42:b9:
43:c3:e9:b0:2e:62:2f:0f:76:15:bf:ec:13:b0:05:
95:22:67:14:be:05:1c:28:ca:0a:29:9e:a6:03:96:
b1:18:67:fa:8b:72:e7:cc:69:b7:47:74:01:15:ed:
9e:92:9e:a9:21:fd:99:7d:6b:61:6f:eb:fc:ec:54:
fe:f3:36:ba:13:e6:0d:2a:d9:d8:5c:e4:89:64:50:
45:2d:56:59:2b:58:61:64:f7:66:d5:be:47:41:5b:
cc:7d:5e:95:0c:03:f9:65:e4:44:c7:4d:3f:3c:7b:
32:eb:b2:54:68:fa:35:e2:7d:4a:2a:63:97:0b:15:
04:c6:eb:9e:2b:03:2e:70:9c:ea:ee:bb:5f:2b:0c:
e6:87:7e:56:c3:ec:ed:d2:72:ee:dd:2b:07:4b:7f:
e4:6c:de:1f:03:89:38:65:b6:9e:74:36:a2:7b:be:
e8:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:24:39:BE:2B:CA:56:52:B9:1D:4C:A9:16:95:91:E7:9E:26:AB:6D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/uyQ5vivKVlK5HUypFpWR554mq20.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
3b:4b:57:d7:37:3c:8f:8a:c7:30:58:ca:53:26:23:1c:be:5c:
c9:7d:73:42:c4:e2:a2:c6:3a:21:c1:16:a2:7b:d9:6b:59:19:
c4:cb:bd:d4:8e:a9:5d:9a:73:86:e1:50:98:2b:cb:e4:98:f9:
eb:9f:1b:19:8f:35:cd:02:11:03:0c:04:e7:89:54:76:15:d3:
61:d6:d8:c2:b9:fb:ee:f2:a3:6d:4f:5d:4f:33:9f:bc:cd:57:
bf:4f:15:52:b9:da:93:26:f0:2e:25:1b:f7:bc:cd:84:68:32:
b1:ec:49:11:70:45:ef:fb:d6:42:13:2d:df:ea:be:f5:6c:e8:
86:26:40:75:27:31:f0:dc:eb:58:0e:e6:ba:a4:e0:55:ee:93:
9b:c4:15:5f:23:42:be:46:d2:ac:1a:fc:e9:e9:14:ed:27:f7:
ea:e7:23:69:63:cc:06:3d:0c:8f:18:bd:ba:b0:ba:32:4e:1a:
4b:66:eb:d8:b7:04:92:0b:ff:0e:12:72:52:c2:54:b7:2e:0f:
8d:1b:4b:43:9a:ec:82:e4:4f:f6:36:d6:c4:09:90:95:ee:56:
fa:81:92:da:e0:c9:9a:32:95:a2:20:0f:ed:81:5a:f8:84:c4:
15:fd:8c:b2:21:a3:a6:c8:8c:c3:7e:66:48:a5:10:35:89:53:
ee:72:1f:15
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICREswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTkx
NTIzMDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJCMjQzOUJFMkJDQTU2
NTJCOTFENENBOTE2OTU5MUU3OUUyNkFCNkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVZZTefC4dkauPQc/RdrfxHkOiZuv6MfiT38Wjp6POLPcQXv5V
vcloI9QbFb/sCrVB2uRv9upHj7VYsAHT+jwCB99pf2zvOMbEBYcuWnZCoSL14Ijn
dW1CuUPD6bAuYi8PdhW/7BOwBZUiZxS+BRwoygopnqYDlrEYZ/qLcufMabdHdAEV
7Z6Snqkh/Zl9a2Fv6/zsVP7zNroT5g0q2dhc5IlkUEUtVlkrWGFk92bVvkdBW8x9
XpUMA/ll5ETHTT88ezLrslRo+jXifUoqY5cLFQTG654rAy5wnOruu18rDOaHflbD
7O3Scu7dKwdLf+Rs3h8DiThltp50NqJ7vuhvAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUuyQ5vivKVlK5HUypFpWR554mq20wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3V5UTV2aXZLVmxLNUhV
eXBGcFdSNTU0bXEyMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBADtLV9c3PI+KxzBYylMmIxy+XMl9c0LE
4qLGOiHBFqJ72WtZGcTLvdSOqV2ac4bhUJgry+SY+eufGxmPNc0CEQMMBOeJVHYV
02HW2MK5++7yo21PXU8zn7zNV79PFVK52pMm8C4lG/e8zYRoMrHsSRFwRe/71kIT
Ld/qvvVs6IYmQHUnMfDc61gO5rqk4FXuk5vEFV8jQr5G0qwa/OnpFO0n9+rnI2lj
zAY9DI8YvbqwujJOGktm69i3BJIL/w4SclLCVLcuD40bS0Oa7ILkT/Y21sQJkJXu
VvqBktrgyZoylaIgD+2BWviExBX9jLIho6bIjMN+ZkilEDWJU+5yHxU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:45:11 2025 by rpki-client