Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/1nZ3RT0n5C909vrFeUvcx_jYn5g.roa
File: 1nZ3RT0n5C909vrFeUvcx_jYn5g.roa (raw, json)
Hash identifier: /NOCMKtJ8VwUknk3zAog4fiyS8lbxOYL5PK+RNzxMlM=
Subject key identifier: D6:76:77:45:3D:27:E4:2F:74:F6:FA:C5:79:4B:DC:C7:F8:D8:9F:98
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 452F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/1nZ3RT0n5C909vrFeUvcx_jYn5g.roa
Signing time: Sat 20 Apr 2024 19:53:05 +0000
ROA not before: Sat 20 Apr 2024 19:53:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17711 (0x452f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 19:53:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D67677453D27E42F74F6FAC5794BDCC7F8D89F98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:02:11:74:8a:2b:44:70:9d:20:e5:6f:37:74:
92:3b:85:af:06:45:65:f4:a7:72:56:5c:6a:f9:00:
15:3d:ba:31:76:1b:7f:2b:1a:64:b6:7a:b5:d6:7f:
dc:cf:75:95:f7:d8:ea:08:22:47:26:7d:e9:8b:dd:
79:07:35:56:71:54:13:8d:60:5e:a6:49:6b:ea:f6:
80:38:2e:f3:4f:16:e4:68:89:ba:fb:dd:17:0f:58:
51:5a:b6:c5:ab:f6:26:7a:ad:0a:18:91:d6:e5:c5:
14:0a:f9:11:0c:34:63:ce:2c:e2:64:f4:5f:75:ae:
b3:41:f3:dc:5b:49:5f:92:a8:5f:22:3e:bb:f2:29:
a1:1d:f5:4d:e7:9b:02:31:0f:f3:9d:81:41:e3:7c:
f4:92:0f:17:d4:a0:59:b3:6a:53:f0:68:06:76:4c:
74:57:c4:b1:d4:9d:2a:40:66:ac:73:98:6d:f7:89:
fe:2a:9c:14:28:4c:46:54:e4:c9:6c:42:5a:ae:2d:
09:7b:2a:79:48:c9:95:2f:7b:12:86:08:ac:5c:0c:
18:26:14:08:6d:f3:af:4f:6f:ae:d9:dc:2a:03:df:
c3:a1:a2:6e:89:27:8b:ee:01:d2:34:de:f9:af:44:
ea:92:e8:10:2b:43:f2:02:ee:61:b1:35:3c:7d:9e:
58:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:76:77:45:3D:27:E4:2F:74:F6:FA:C5:79:4B:DC:C7:F8:D8:9F:98
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/1nZ3RT0n5C909vrFeUvcx_jYn5g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
0b:70:6e:81:ff:a1:78:6e:06:aa:53:68:03:70:06:dd:6d:18:
21:35:2c:30:d7:6d:f8:81:6d:99:8e:af:4c:9d:05:b3:aa:eb:
fd:b7:de:ef:5e:55:8a:b0:53:0b:31:93:68:cc:88:9a:2d:bc:
4b:13:64:9d:70:f3:af:4f:86:d6:3d:21:e0:5c:55:71:f7:4a:
9b:81:66:a2:61:bb:b5:24:46:56:cf:2c:fe:c4:a5:09:13:d7:
7a:2a:30:66:22:41:a2:3a:80:9b:4a:bb:f9:16:14:7f:0d:1d:
41:b6:a9:ca:b7:1e:5a:9a:ec:d3:99:59:c1:50:e9:80:3d:f6:
e5:57:d1:be:57:58:18:2e:83:6d:3f:3b:db:06:16:11:98:9f:
a8:d5:d0:a8:a5:82:5e:9c:35:2b:08:4b:16:47:74:89:2f:32:
09:0f:49:23:ee:24:80:fc:eb:fe:b9:61:c1:57:3d:9e:0c:8c:
8c:c2:a9:35:20:94:1e:4c:47:08:56:35:13:65:f8:ef:b7:33:
8a:5f:b7:e1:11:7e:bb:17:66:ea:68:f8:63:24:6b:ba:34:37:
8d:ef:ef:92:ba:53:ee:c5:35:bd:c3:13:a2:59:a5:2a:0f:2c:
b6:34:2d:58:0c:07:91:58:e1:7e:b7:16:44:58:be:f0:4f:96:
41:05:27:2f
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICRS8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAx
OTUzMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ2NzY3NzQ1M0QyN0U0
MkY3NEY2RkFDNTc5NEJEQ0M3RjhEODlGOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCiAhF0iitEcJ0g5W83dJI7ha8GRWX0p3JWXGr5ABU9ujF2G38r
GmS2erXWf9zPdZX32OoIIkcmfemL3XkHNVZxVBONYF6mSWvq9oA4LvNPFuRoibr7
3RcPWFFatsWr9iZ6rQoYkdblxRQK+REMNGPOLOJk9F91rrNB89xbSV+SqF8iPrvy
KaEd9U3nmwIxD/OdgUHjfPSSDxfUoFmzalPwaAZ2THRXxLHUnSpAZqxzmG33if4q
nBQoTEZU5MlsQlquLQl7KnlIyZUvexKGCKxcDBgmFAht869Pb67Z3CoD38Ohom6J
J4vuAdI03vmvROqS6BArQ/IC7mGxNTx9nlhNAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU1nZ3RT0n5C909vrFeUvcx/jYn5gwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzFuWjNSVDBuNUM5MDl2
ckZlVXZjeF9qWW41Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAAtwboH/oXhuBqpTaANwBt1tGCE1LDDX
bfiBbZmOr0ydBbOq6/233u9eVYqwUwsxk2jMiJotvEsTZJ1w869PhtY9IeBcVXH3
SpuBZqJhu7UkRlbPLP7EpQkT13oqMGYiQaI6gJtKu/kWFH8NHUG2qcq3Hlqa7NOZ
WcFQ6YA99uVX0b5XWBgug20/O9sGFhGYn6jV0Kilgl6cNSsISxZHdIkvMgkPSSPu
JID86/65YcFXPZ4MjIzCqTUglB5MRwhWNRNl+O+3M4pft+ERfrsXZupo+GMka7o0
N43v75K6U+7FNb3DE6JZpSoPLLY0LVgMB5FY4X63FkRYvvBPlkEFJy8=
-----END CERTIFICATE-----
Generated at Sat Jun 21 00:22:50 2025 by rpki-client