Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/zJu4gfZ5_UIu0Mc6Ulf4JbD2I4Y.roa
File: zJu4gfZ5_UIu0Mc6Ulf4JbD2I4Y.roa (raw, json)
Hash identifier: ak2bPON1w0wtFR7IwCvG6UXczx5+6xN7MQU+pbL+V3Q=
Subject key identifier: CC:9B:B8:81:F6:79:FD:42:2E:D0:C7:3A:52:57:F8:25:B0:F6:23:86
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3E27
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zJu4gfZ5_UIu0Mc6Ulf4JbD2I4Y.roa
Signing time: Thu 11 Apr 2024 10:52:46 +0000
ROA not before: Thu 11 Apr 2024 10:52:46 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15911 (0x3e27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 11 10:52:46 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CC9BB881F679FD422ED0C73A5257F825B0F62386
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:99:47:39:57:10:d1:0c:74:36:c4:e6:7e:0c:
ed:4a:56:db:66:c7:82:e2:60:86:75:16:87:e1:1a:
cd:2d:74:9e:08:28:1f:34:54:44:c3:3d:d2:67:e1:
3c:b7:32:d9:f1:e6:fe:58:f9:f9:5e:25:5f:05:9d:
aa:17:04:bf:05:41:08:20:b8:e2:75:71:9b:17:70:
83:ab:29:67:4a:85:13:a7:d9:43:3b:de:ba:d3:4c:
0d:57:05:28:96:0b:ca:2c:23:49:67:07:72:50:46:
87:eb:95:e8:fa:d8:c7:d3:4f:2f:16:9b:6f:21:b9:
cd:40:0a:29:38:7a:be:52:37:15:39:39:2d:20:c1:
6e:d1:b8:f5:a2:61:e0:0d:f7:28:6b:ea:69:cd:60:
b5:22:70:26:b2:a5:1c:9b:86:cc:70:b1:13:95:a9:
7b:e1:f3:24:9c:47:3f:5e:61:4b:b3:d7:c8:1a:42:
c8:ce:56:b7:6c:6b:0d:52:41:19:53:ed:31:cd:4a:
1d:f2:1b:a1:98:22:af:f1:fb:4f:12:af:5e:90:f9:
6d:e7:22:5f:5e:46:a5:c1:05:5d:90:14:9d:9b:a3:
62:a6:3f:4a:1d:ab:f9:52:e9:c2:db:d4:58:8b:78:
72:9c:0b:85:22:9d:a7:38:68:9a:5d:ed:66:c2:81:
16:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:9B:B8:81:F6:79:FD:42:2E:D0:C7:3A:52:57:F8:25:B0:F6:23:86
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zJu4gfZ5_UIu0Mc6Ulf4JbD2I4Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
29:ce:a7:c3:f5:0a:56:a0:85:ae:89:b9:d4:8d:58:88:a6:ab:
1f:b2:7b:a9:c7:2f:4a:a9:25:a3:bb:a1:66:ac:e1:3c:55:d4:
a0:49:b4:e9:4c:f0:32:8d:69:19:5e:f7:23:4a:ae:2f:4e:8b:
c4:85:5d:26:f4:20:1d:ab:a3:ac:4f:d0:5c:52:f3:d4:1e:d4:
e8:11:49:79:9d:c6:f0:aa:b6:aa:44:55:b2:5a:77:c2:52:a9:
7f:a8:8b:98:c0:38:f7:60:13:d7:07:d4:fe:7c:e6:e8:dd:50:
ce:d3:d2:15:61:99:7d:91:fb:43:ca:77:7a:27:21:4c:71:9c:
43:05:c3:16:5b:24:c9:ea:63:41:cb:52:be:e5:d3:52:d5:0a:
ee:df:32:50:3a:06:0f:2e:98:af:2c:57:93:a4:4f:cc:79:e6:
24:bc:7b:31:f1:63:38:a0:af:09:d5:8c:af:0d:61:b0:6b:d7:
09:db:0f:99:0a:ec:26:69:e7:cc:e4:1b:b9:0c:fb:a7:b1:3b:
a0:d8:84:26:3f:2e:96:55:ff:7b:05:48:f3:e1:c7:29:cd:46:
a1:0e:f5:79:8c:05:8f:34:cb:89:da:a3:80:9d:5d:cb:2e:c1:
b6:2a:5e:bf:6f:79:0c:94:dd:b1:ec:cb:c5:ad:b1:3c:b0:93:
ac:88:2c:fa
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPicwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTEx
MDUyNDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENDOUJCODgxRjY3OUZE
NDIyRUQwQzczQTUyNTdGODI1QjBGNjIzODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQmUc5VxDRDHQ2xOZ+DO1KVttmx4LiYIZ1FofhGs0tdJ4IKB80
VETDPdJn4Ty3Mtnx5v5Y+fleJV8FnaoXBL8FQQgguOJ1cZsXcIOrKWdKhROn2UM7
3rrTTA1XBSiWC8osI0lnB3JQRofrlej62MfTTy8Wm28huc1ACik4er5SNxU5OS0g
wW7RuPWiYeAN9yhr6mnNYLUicCaypRybhsxwsROVqXvh8yScRz9eYUuz18gaQsjO
Vrdsaw1SQRlT7THNSh3yG6GYIq/x+08Sr16Q+W3nIl9eRqXBBV2QFJ2bo2KmP0od
q/lS6cLb1FiLeHKcC4Uinac4aJpd7WbCgRaVAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUzJu4gfZ5/UIu0Mc6Ulf4JbD2I4YwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3pKdTRnZlo1X1VJdTBN
YzZVbGY0SmJEMkk0WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBACnOp8P1Clagha6JudSNWIimqx+ye6nH
L0qpJaO7oWas4TxV1KBJtOlM8DKNaRle9yNKri9Oi8SFXSb0IB2ro6xP0FxS89Qe
1OgRSXmdxvCqtqpEVbJad8JSqX+oi5jAOPdgE9cH1P585ujdUM7T0hVhmX2R+0PK
d3onIUxxnEMFwxZbJMnqY0HLUr7l01LVCu7fMlA6Bg8umK8sV5OkT8x55iS8ezHx
YzigrwnVjK8NYbBr1wnbD5kK7CZp58zkG7kM+6exO6DYhCY/LpZV/3sFSPPhxynN
RqEO9XmMBY80y4nao4CdXcsuwbYqXr9veQyU3bHsy8WtsTywk6yILPo=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:47:08 2025 by rpki-client