Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/wkttl3lbnPR8eV7iTwOXIOEWmK0.roa
File: wkttl3lbnPR8eV7iTwOXIOEWmK0.roa (raw, json)
Hash identifier: p7vxd3AiYBJqhGB1ly7HzLdB6Sp5885y82S4lh9rYIY=
Subject key identifier: C2:4B:6D:97:79:5B:9C:F4:7C:79:5E:E2:4F:03:97:20:E1:16:98:AD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3CCB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/wkttl3lbnPR8eV7iTwOXIOEWmK0.roa
Signing time: Tue 09 Apr 2024 15:22:38 +0000
ROA not before: Tue 09 Apr 2024 15:22:38 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15563 (0x3ccb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 9 15:22:38 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C24B6D97795B9CF47C795EE24F039720E11698AD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:09:b6:f2:4a:9d:a1:e1:48:98:1e:cf:e0:c2:
54:7d:12:5f:e0:de:f6:d3:eb:75:75:44:36:dc:d5:
f7:73:ff:44:29:fa:ae:0e:a0:d6:b8:b8:d7:65:37:
7e:ff:cc:44:f4:47:01:3c:14:92:36:87:e0:c7:2d:
07:ed:a7:bf:5d:9e:0b:5d:82:2c:b7:ed:7a:8c:e4:
d8:ca:24:72:72:c6:3e:45:9f:24:57:3b:1a:c7:29:
05:02:47:35:b6:65:24:a9:be:be:5d:74:46:74:1e:
5e:2e:3c:eb:ab:d4:70:9e:50:10:b9:99:cf:ba:9f:
56:19:9d:94:3f:35:e7:7c:1f:c9:98:38:a8:b5:a7:
63:fa:87:35:e6:c1:9a:36:5c:1f:f8:f8:41:95:58:
14:91:1a:6f:6c:86:3a:72:3d:84:2b:27:1c:97:42:
01:ba:65:0c:2c:24:a0:9d:fd:19:18:a7:24:84:88:
ec:84:76:61:2c:a8:38:3c:d5:5f:8f:43:f3:64:04:
6b:b0:44:cf:27:1f:80:7c:0d:4e:fc:31:24:f8:07:
fa:a8:aa:d4:04:50:00:d3:de:a7:8f:99:bd:12:44:
73:e0:1a:19:40:60:d8:44:9d:88:ec:d7:df:e0:e7:
e1:6c:a9:33:1c:f2:c6:53:f2:6b:44:dc:34:4c:08:
9f:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:4B:6D:97:79:5B:9C:F4:7C:79:5E:E2:4F:03:97:20:E1:16:98:AD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/wkttl3lbnPR8eV7iTwOXIOEWmK0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
68:0c:94:ec:89:5c:d0:31:16:42:6b:1d:c2:3b:64:08:eb:45:
8c:07:bb:a0:e5:54:55:84:d2:fc:f5:50:5a:e1:c3:aa:f2:7c:
25:d6:06:57:79:c2:a7:52:a9:ed:e9:be:26:55:05:b6:07:9e:
68:a2:42:05:d9:a3:1e:d1:cb:97:86:c0:ce:69:47:ba:5b:ec:
d5:f7:6b:66:f9:35:91:e7:03:05:9e:07:de:6e:5a:93:05:5b:
ac:b0:4d:b6:d2:c9:1a:f8:6c:f2:b6:54:78:a8:c7:c0:3e:11:
97:0c:2c:ff:78:c0:54:4c:9e:f3:2e:3c:6d:ba:ea:e5:0a:69:
c6:73:f1:73:54:b1:fa:de:12:bf:92:1e:a0:fd:5c:ff:ab:a8:
6a:5e:60:08:ae:95:6c:26:f0:77:8e:00:a5:71:f4:0f:9b:3b:
94:31:17:6f:8a:1d:f6:c4:c4:21:fa:a8:7d:6f:8a:41:4b:66:
66:bd:3b:35:62:21:0f:37:51:39:58:67:de:35:da:7b:9b:74:
5c:d5:46:ec:b5:3b:4b:26:74:ac:16:2b:a8:cf:ae:0a:6f:9f:
b4:4b:df:6c:6a:0c:9d:82:93:e7:d1:c3:64:8e:69:cb:6e:22:
46:fb:89:33:86:6c:23:90:67:3f:c4:a1:e6:30:52:be:9f:d7:
56:69:63:9b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPMswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDkx
NTIyMzhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEMyNEI2RDk3Nzk1QjlD
RjQ3Qzc5NUVFMjRGMDM5NzIwRTExNjk4QUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDiCbbySp2h4UiYHs/gwlR9El/g3vbT63V1RDbc1fdz/0Qp+q4O
oNa4uNdlN37/zET0RwE8FJI2h+DHLQftp79dngtdgiy37XqM5NjKJHJyxj5FnyRX
OxrHKQUCRzW2ZSSpvr5ddEZ0Hl4uPOur1HCeUBC5mc+6n1YZnZQ/Ned8H8mYOKi1
p2P6hzXmwZo2XB/4+EGVWBSRGm9shjpyPYQrJxyXQgG6ZQwsJKCd/RkYpySEiOyE
dmEsqDg81V+PQ/NkBGuwRM8nH4B8DU78MST4B/qoqtQEUADT3qePmb0SRHPgGhlA
YNhEnYjs19/g5+FsqTMc8sZT8mtE3DRMCJ85AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUwkttl3lbnPR8eV7iTwOXIOEWmK0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3drdHRsM2xiblBSOGVW
N2lUd09YSU9FV21LMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAGgMlOyJXNAxFkJrHcI7ZAjrRYwHu6Dl
VFWE0vz1UFrhw6ryfCXWBld5wqdSqe3pviZVBbYHnmiiQgXZox7Ry5eGwM5pR7pb
7NX3a2b5NZHnAwWeB95uWpMFW6ywTbbSyRr4bPK2VHiox8A+EZcMLP94wFRMnvMu
PG266uUKacZz8XNUsfreEr+SHqD9XP+rqGpeYAiulWwm8HeOAKVx9A+bO5QxF2+K
HfbExCH6qH1vikFLZma9OzViIQ83UTlYZ9412nubdFzVRuy1O0smdKwWK6jPrgpv
n7RL32xqDJ2Ck+fRw2SOactuIkb7iTOGbCOQZz/EoeYwUr6f11ZpY5s=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:07:02 2025 by rpki-client