Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/0lGzLdE7RhcvGrdOY2D_yStxaDw.roa
File: 0lGzLdE7RhcvGrdOY2D_yStxaDw.roa (raw, json)
Hash identifier: bUQTlCtgvBY8jgdGzEm93YwLkAW6gsrzSi4nP2wtIAs=
Subject key identifier: D2:51:B3:2D:D1:3B:46:17:2F:1A:B7:4E:63:60:FF:C9:2B:71:68:3C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3C47
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0lGzLdE7RhcvGrdOY2D_yStxaDw.roa
Signing time: Mon 08 Apr 2024 22:52:40 +0000
ROA not before: Mon 08 Apr 2024 22:52:40 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15431 (0x3c47)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 8 22:52:40 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D251B32DD13B46172F1AB74E6360FFC92B71683C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:dd:23:a9:68:5d:06:c3:ea:a2:68:f7:0e:be:
0b:07:41:d3:3c:53:a9:65:ff:04:5b:f8:9f:48:c6:
5f:66:c3:d1:33:da:cf:d2:d4:4d:5d:a5:df:d9:17:
19:ed:b5:3f:37:0d:de:e4:76:6a:76:81:4b:11:de:
df:13:90:6b:2a:7a:fd:d6:ad:e6:cb:82:43:18:65:
b1:c1:39:16:cc:a5:a6:4c:61:52:00:60:6f:a0:03:
fe:a3:9f:d7:09:b1:c8:8a:48:15:98:07:54:bb:f1:
4a:2b:d3:b1:81:16:ab:d7:9f:a4:db:8e:af:be:78:
ad:a4:02:4d:8a:b3:75:c9:ef:99:af:5b:01:e2:f9:
18:92:1e:cb:7e:84:aa:65:0d:9c:99:16:4f:8e:b5:
65:17:61:40:f2:3a:20:6d:d8:33:b9:c2:f9:6a:62:
26:4b:dc:4d:ba:f1:ab:42:ec:64:53:d7:31:6e:26:
9e:0d:88:af:9e:d4:cd:dc:9a:a1:aa:9d:6b:21:02:
ba:bc:a2:d8:0b:b9:6e:3d:12:9a:11:a4:e7:12:24:
97:11:ea:13:81:a2:52:1a:b6:1f:a8:13:0d:d5:a8:
cb:7b:a0:c6:ac:57:16:40:a5:75:bf:f9:f8:01:0d:
91:1a:ab:ff:22:01:ef:45:c5:bc:a3:f9:dd:0f:36:
9e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:51:B3:2D:D1:3B:46:17:2F:1A:B7:4E:63:60:FF:C9:2B:71:68:3C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0lGzLdE7RhcvGrdOY2D_yStxaDw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
89:57:59:a1:c5:07:9b:53:38:e5:97:6a:81:1d:95:51:ce:68:
49:8c:8b:38:bc:ce:5f:3c:89:d6:7a:60:ea:bf:73:be:5c:55:
da:8f:07:52:7b:f4:cd:96:77:db:52:83:63:7f:54:de:06:12:
1e:c1:78:ae:dd:1f:a3:69:47:ce:7a:73:d4:39:c8:46:4c:71:
c9:ff:e4:93:c9:ee:61:ad:33:18:db:3f:be:df:2b:ed:c9:32:
f2:66:70:a4:ab:93:d7:a6:c6:12:8d:7a:8f:e2:d1:b1:51:59:
54:8c:8d:a4:32:22:73:85:aa:f0:e2:9e:bc:fb:07:88:89:5e:
66:0d:19:ca:24:4b:20:24:98:fb:6d:fe:1d:17:97:37:b2:cf:
d5:f7:c8:01:79:7e:40:ac:97:e1:01:35:06:fa:b4:12:54:67:
ff:ba:be:2d:18:47:d0:fc:2c:57:47:f4:95:df:60:be:45:20:
e5:cb:b8:e0:ae:07:ec:56:b9:65:43:2a:63:3d:c3:6c:6f:2f:
2f:88:4a:01:59:60:b1:2b:de:db:85:d0:ca:ad:64:6c:e8:9c:
60:8b:e2:64:44:29:eb:76:89:67:c9:27:79:b5:9c:24:a6:3e:
df:1f:e5:61:55:f2:44:65:af:6d:e7:46:6b:57:7e:76:f6:d2:
da:9b:b7:a8
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPEcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDgy
MjUyNDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQyNTFCMzJERDEzQjQ2
MTcyRjFBQjc0RTYzNjBGRkM5MkI3MTY4M0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDX3SOpaF0Gw+qiaPcOvgsHQdM8U6ll/wRb+J9Ixl9mw9Ez2s/S
1E1dpd/ZFxnttT83Dd7kdmp2gUsR3t8TkGsqev3WrebLgkMYZbHBORbMpaZMYVIA
YG+gA/6jn9cJsciKSBWYB1S78Uor07GBFqvXn6Tbjq++eK2kAk2Ks3XJ75mvWwHi
+RiSHst+hKplDZyZFk+OtWUXYUDyOiBt2DO5wvlqYiZL3E268atC7GRT1zFuJp4N
iK+e1M3cmqGqnWshArq8otgLuW49EpoRpOcSJJcR6hOBolIath+oEw3VqMt7oMas
VxZApXW/+fgBDZEaq/8iAe9Fxbyj+d0PNp7BAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU0lGzLdE7RhcvGrdOY2D/yStxaDwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzBsR3pMZEU3Umhjdkdy
ZE9ZMkRfeVN0eGFEdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAIlXWaHFB5tTOOWXaoEdlVHOaEmMizi8
zl88idZ6YOq/c75cVdqPB1J79M2Wd9tSg2N/VN4GEh7BeK7dH6NpR856c9Q5yEZM
ccn/5JPJ7mGtMxjbP77fK+3JMvJmcKSrk9emxhKNeo/i0bFRWVSMjaQyInOFqvDi
nrz7B4iJXmYNGcokSyAkmPtt/h0Xlzeyz9X3yAF5fkCsl+EBNQb6tBJUZ/+6vi0Y
R9D8LFdH9JXfYL5FIOXLuOCuB+xWuWVDKmM9w2xvLy+ISgFZYLEr3tuF0MqtZGzo
nGCL4mREKet2iWfJJ3m1nCSmPt8f5WFV8kRlr23nRmtXfnb20tqbt6g=
-----END CERTIFICATE-----
Generated at Sun Jun 15 10:21:10 2025 by rpki-client