Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/y2H4C8JUJZbnyVMr_iZpA1iN54M.roa
File: y2H4C8JUJZbnyVMr_iZpA1iN54M.roa (raw, json)
Hash identifier: X4RrsYXClNW4L+ocY8MHumwN/nOAQod88oHNXNwO9tc=
Subject key identifier: CB:61:F8:0B:C2:54:25:96:E7:C9:53:2B:FE:26:69:03:58:8D:E7:83
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3A6B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/y2H4C8JUJZbnyVMr_iZpA1iN54M.roa
Signing time: Sat 06 Apr 2024 11:22:27 +0000
ROA not before: Sat 06 Apr 2024 11:22:27 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14955 (0x3a6b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 6 11:22:27 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CB61F80BC2542596E7C9532BFE266903588DE783
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:e4:79:27:02:cc:4f:1e:c2:5b:d7:43:a3:cf:
9a:23:fe:52:30:6e:9c:2c:59:ad:c6:48:cf:ed:4b:
eb:dc:bd:e4:80:41:ce:b1:16:30:17:e1:ec:61:21:
38:ed:af:1a:ef:f6:64:da:e8:0c:67:9d:23:5b:a2:
25:49:73:c2:fd:43:3e:cf:ab:62:9a:e1:c8:17:ed:
33:e1:81:2f:4c:29:02:8d:b5:1f:65:20:5b:62:4a:
e3:f2:11:a6:f7:ce:43:0a:6e:f5:4b:e7:de:1e:8c:
29:65:c8:bf:e8:d0:6c:e0:0d:10:62:7d:8d:56:f1:
4f:21:50:a7:4c:cf:95:10:83:9a:43:72:85:be:aa:
8a:58:94:ac:00:73:4d:4e:fc:a9:08:65:f8:83:25:
3b:c7:b4:5a:91:65:27:0d:b4:26:e4:c1:7a:6a:f0:
aa:20:48:80:5d:4d:20:a1:d0:78:bd:6e:98:7c:aa:
16:c3:fe:47:c5:9f:20:ed:e7:30:57:0d:9e:01:31:
6a:ff:f4:da:52:4d:75:1e:a3:8b:46:ef:3d:b7:1b:
01:9e:26:8b:c8:06:a3:c5:51:b2:80:4c:e4:13:fd:
f8:a7:e8:0c:02:8c:68:93:44:ab:b2:8b:86:da:a8:
6e:ba:50:ac:91:7e:d7:58:63:1c:7c:5f:80:16:3a:
0d:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:61:F8:0B:C2:54:25:96:E7:C9:53:2B:FE:26:69:03:58:8D:E7:83
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/y2H4C8JUJZbnyVMr_iZpA1iN54M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
96:b4:ef:8e:8e:5d:d1:c4:61:34:b9:18:d6:9c:12:2e:1d:bd:
c1:cc:48:8a:1f:4d:b1:69:71:c6:f4:58:39:98:d9:8a:db:24:
a6:33:17:d7:56:52:66:e3:cf:7d:5f:a1:12:07:8a:7c:56:4e:
c3:27:01:46:07:30:a4:cd:22:8d:28:21:1b:82:79:dc:8e:2b:
cc:fa:95:cb:0e:73:dc:e2:3d:9a:0a:99:3b:e5:59:31:d7:ed:
ee:46:c5:36:55:67:be:e5:05:d0:af:bf:0f:05:35:66:be:e6:
5c:f0:6f:11:ac:08:c7:69:ba:17:d3:81:63:a5:a1:2e:f6:24:
03:b5:7e:be:4f:f6:ef:fc:05:af:80:d9:34:76:68:55:4b:a6:
a0:81:44:d8:82:62:7a:4b:ce:cb:aa:ee:44:44:d3:10:5f:3e:
a6:e9:e5:bd:35:5d:64:57:5e:2d:6c:aa:40:8f:7e:56:ed:3e:
99:9e:0d:02:c8:9d:c1:25:4a:ad:32:07:cb:8d:72:4b:83:7d:
97:b5:8b:e7:08:16:a6:97:f2:c7:22:7c:04:72:98:97:28:34:
55:c8:20:3b:89:fd:5a:1a:ea:dd:60:8c:26:a6:b0:9a:c0:d6:
ac:a0:8d:c5:85:f7:81:bc:ee:67:7b:2a:f7:da:e6:2a:38:fd:
59:0d:97:1a
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICOmswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDYx
MTIyMjdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENCNjFGODBCQzI1NDI1
OTZFN0M5NTMyQkZFMjY2OTAzNTg4REU3ODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDp5HknAsxPHsJb10Ojz5oj/lIwbpwsWa3GSM/tS+vcveSAQc6x
FjAX4exhITjtrxrv9mTa6AxnnSNboiVJc8L9Qz7Pq2Ka4cgX7TPhgS9MKQKNtR9l
IFtiSuPyEab3zkMKbvVL594ejCllyL/o0GzgDRBifY1W8U8hUKdMz5UQg5pDcoW+
qopYlKwAc01O/KkIZfiDJTvHtFqRZScNtCbkwXpq8KogSIBdTSCh0Hi9bph8qhbD
/kfFnyDt5zBXDZ4BMWr/9NpSTXUeo4tG7z23GwGeJovIBqPFUbKATOQT/fin6AwC
jGiTRKuyi4baqG66UKyRftdYYxx8X4AWOg3JAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUy2H4C8JUJZbnyVMr/iZpA1iN54MwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3kySDRDOEpVSlpibnlW
TXJfaVpwQTFpTjU0TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAJa0746OXdHEYTS5GNacEi4dvcHMSIof
TbFpccb0WDmY2YrbJKYzF9dWUmbjz31foRIHinxWTsMnAUYHMKTNIo0oIRuCedyO
K8z6lcsOc9ziPZoKmTvlWTHX7e5GxTZVZ77lBdCvvw8FNWa+5lzwbxGsCMdpuhfT
gWOloS72JAO1fr5P9u/8Ba+A2TR2aFVLpqCBRNiCYnpLzsuq7kRE0xBfPqbp5b01
XWRXXi1sqkCPflbtPpmeDQLIncElSq0yB8uNckuDfZe1i+cIFqaX8scifARymJco
NFXIIDuJ/Voa6t1gjCamsJrA1qygjcWF94G87md7Kvfa5io4/VkNlxo=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:24:20 2025 by rpki-client