Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/28kpN7VjLMWavZOYJuplWBiPWL0.roa
File: 28kpN7VjLMWavZOYJuplWBiPWL0.roa (raw, json)
Hash identifier: JOvb8YEZdit7XWF7cP5U9/U1lx/wHGU84uvGs7W7wUA=
Subject key identifier: DB:C9:29:37:B5:63:2C:C5:9A:BD:93:98:26:EA:65:58:18:8F:58:BD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 51FB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/28kpN7VjLMWavZOYJuplWBiPWL0.roa
Signing time: Tue 07 May 2024 21:23:56 +0000
ROA not before: Tue 07 May 2024 21:23:56 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20987 (0x51fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 7 21:23:56 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DBC92937B5632CC59ABD939826EA6558188F58BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:79:69:19:4e:ca:61:0d:97:6f:a7:1e:2c:d1:
97:be:d6:c2:8e:45:05:ad:e6:7f:70:29:24:52:b7:
d3:9d:dc:61:c4:5b:67:8a:d0:3b:cb:7e:e2:c9:49:
4b:3d:31:35:90:68:37:df:f9:1b:31:f5:77:eb:61:
cf:d1:69:e7:00:12:51:75:1e:99:c7:f8:8f:28:94:
8b:a8:f7:11:9f:94:7d:80:a5:2d:8c:6f:c4:08:9f:
7a:12:ad:3d:b8:23:c9:92:bb:c2:43:4b:b6:69:92:
10:78:83:dd:7c:35:ed:d9:ab:f3:f8:7e:5a:48:3e:
d6:16:61:50:4e:d8:31:48:a2:19:c3:04:9b:6f:7b:
36:5e:2b:1e:36:8e:8a:d3:62:06:75:12:e7:af:db:
63:8a:a0:d7:69:a8:3f:7d:ec:99:6c:65:af:4d:9e:
55:24:a0:3b:f0:27:df:e2:75:19:ba:a4:9c:5e:59:
4a:59:3b:13:89:45:20:1d:45:63:23:13:66:a6:47:
6f:9f:26:e5:01:1c:1d:28:a1:15:39:ae:9f:aa:f9:
61:eb:5b:f1:7e:f8:6d:ad:13:c4:d4:04:0c:25:b4:
8f:51:dd:41:d9:4c:e1:5f:56:71:d4:94:65:40:86:
c6:32:50:12:e0:a9:ac:26:1e:f4:f1:11:ee:9f:a6:
c2:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:C9:29:37:B5:63:2C:C5:9A:BD:93:98:26:EA:65:58:18:8F:58:BD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/28kpN7VjLMWavZOYJuplWBiPWL0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
7f:8e:9e:fc:90:78:50:da:ef:1d:cb:07:61:6e:2f:f4:ac:8e:
df:cd:98:d9:d6:7f:b5:05:65:38:b4:dc:93:93:e8:29:e1:44:
32:dc:d2:d5:38:e9:20:0f:a9:da:52:f5:83:1c:99:62:54:8a:
af:c5:b4:11:7d:11:70:de:f2:73:d2:7a:f5:71:48:29:bb:26:
f1:39:1a:6f:06:dd:54:13:19:4e:f1:18:39:f1:f2:e4:8d:47:
78:83:ca:41:7c:0d:34:6e:77:13:f1:fb:1d:77:1b:9c:96:25:
4b:1b:59:9a:4c:b2:34:bf:4a:25:c5:2c:9a:92:27:d7:69:e4:
2c:b3:40:e7:f4:f9:82:52:12:90:6c:e6:54:73:71:4c:91:d6:
64:ae:5f:b0:0f:99:c2:6a:78:3e:5e:36:34:d4:22:58:7f:b6:
3d:13:77:7c:83:ee:b1:6c:30:bc:23:2c:ba:31:6c:91:03:90:
36:1a:5a:5a:d3:34:81:11:3a:c8:c0:d2:fb:cc:a7:96:fd:81:
87:0f:ff:39:8c:74:8b:ab:6b:7f:94:65:75:9c:35:3f:af:f5:
07:a5:1c:87:d1:ca:ff:3e:77:bc:86:3e:6b:f3:0e:b3:86:f9:
5b:ad:f5:c5:35:ef:73:1f:70:31:2b:cd:fb:f6:3f:6b:4b:59:
ea:5e:b3:7c
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICUfswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDcy
MTIzNTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERCQzkyOTM3QjU2MzJD
QzU5QUJEOTM5ODI2RUE2NTU4MTg4RjU4QkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEeWkZTsphDZdvpx4s0Ze+1sKORQWt5n9wKSRSt9Od3GHEW2eK
0DvLfuLJSUs9MTWQaDff+Rsx9XfrYc/RaecAElF1HpnH+I8olIuo9xGflH2ApS2M
b8QIn3oSrT24I8mSu8JDS7ZpkhB4g918Ne3Zq/P4flpIPtYWYVBO2DFIohnDBJtv
ezZeKx42jorTYgZ1Euev22OKoNdpqD997JlsZa9NnlUkoDvwJ9/idRm6pJxeWUpZ
OxOJRSAdRWMjE2amR2+fJuUBHB0ooRU5rp+q+WHrW/F++G2tE8TUBAwltI9R3UHZ
TOFfVnHUlGVAhsYyUBLgqawmHvTxEe6fpsKJAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU28kpN7VjLMWavZOYJuplWBiPWL0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzI4a3BON1ZqTE1XYXZa
T1lKdXBsV0JpUFdMMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAH+OnvyQeFDa7x3LB2FuL/Ssjt/NmNnW
f7UFZTi03JOT6CnhRDLc0tU46SAPqdpS9YMcmWJUiq/FtBF9EXDe8nPSevVxSCm7
JvE5Gm8G3VQTGU7xGDnx8uSNR3iDykF8DTRudxPx+x13G5yWJUsbWZpMsjS/SiXF
LJqSJ9dp5CyzQOf0+YJSEpBs5lRzcUyR1mSuX7APmcJqeD5eNjTUIlh/tj0Td3yD
7rFsMLwjLLoxbJEDkDYaWlrTNIEROsjA0vvMp5b9gYcP/zmMdIura3+UZXWcNT+v
9QelHIfRyv8+d7yGPmvzDrOG+Vut9cU173MfcDErzfv2P2tLWepes3w=
-----END CERTIFICATE-----
Generated at Sun Jun 15 10:22:26 2025 by rpki-client