Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/MzpzJe1vDCGdmmhNhypFlQfC7qw.roa
File: MzpzJe1vDCGdmmhNhypFlQfC7qw.roa (raw, json)
Hash identifier: 7Fdfp+vMYwZKM6y2Pq8Grnfu98Rlvo9fmBxPFxZ2S+g=
Subject key identifier: 33:3A:73:25:ED:6F:0C:21:9D:9A:68:4D:87:2A:45:95:07:C2:EE:AC
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 573F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/MzpzJe1vDCGdmmhNhypFlQfC7qw.roa
Signing time: Tue 14 May 2024 21:54:11 +0000
ROA not before: Tue 14 May 2024 21:54:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22335 (0x573f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 14 21:54:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=333A7325ED6F0C219D9A684D872A459507C2EEAC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:06:76:a0:de:56:48:d2:7b:a6:d0:bf:06:6e:
e9:f3:ee:5f:7f:81:fd:5d:bb:09:d6:c3:82:01:ec:
7e:f3:b2:f5:93:ff:2d:47:61:f6:ee:12:bd:be:27:
c4:83:86:79:98:94:79:a5:db:ef:8d:64:b3:0b:29:
33:76:7c:84:5c:d0:6e:8e:35:ae:ab:7b:a7:a3:38:
fa:ea:f4:bb:7c:c0:2f:68:65:86:7b:27:23:5b:c0:
7f:6d:4a:6e:5e:b9:56:ae:2f:6e:16:dd:92:af:79:
80:92:34:25:39:ff:0a:d5:63:0c:90:f8:b7:cd:fa:
95:21:c5:d9:e2:7b:c8:0b:2a:93:9a:e1:e0:90:62:
6a:0c:38:33:5c:59:6a:9f:22:d8:43:6f:8e:c3:df:
51:8c:84:5f:b6:78:02:35:34:7d:d2:ef:e2:f2:a2:
18:1c:19:7a:2c:72:d7:f2:10:ff:67:8e:93:70:ce:
e6:83:e2:41:34:4b:3c:66:7a:2e:76:1d:7f:5d:aa:
5b:f8:a0:04:fa:ee:95:f9:9e:64:10:7f:a5:51:aa:
d1:1f:ac:e5:7b:7f:1e:dd:84:04:5c:19:a9:a6:2f:
43:ad:03:f5:7e:15:f1:ff:af:eb:7c:7b:01:3b:85:
8b:4d:e8:ae:22:4f:24:90:73:7c:94:da:82:57:97:
32:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:3A:73:25:ED:6F:0C:21:9D:9A:68:4D:87:2A:45:95:07:C2:EE:AC
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/MzpzJe1vDCGdmmhNhypFlQfC7qw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
0d:47:40:eb:1e:e9:d0:2f:4f:a3:70:e8:ed:c0:79:d7:79:1b:
d5:36:d9:45:ae:b5:46:6c:03:4f:28:c9:34:3d:bf:6b:ae:22:
60:46:05:31:81:14:f9:cd:47:3d:ee:a3:c9:37:a8:29:18:a9:
a4:96:99:a9:4f:49:49:7c:af:4a:8c:39:94:85:51:e5:21:e8:
c6:7d:bf:ba:f1:e0:2a:db:3b:63:7d:5f:83:34:ba:db:a5:9a:
37:e7:1c:90:43:55:0c:cf:2c:7d:26:14:69:96:15:83:80:84:
25:90:53:f7:24:69:34:24:31:38:cf:e8:29:18:ad:5c:8f:83:
80:b5:60:e8:52:ee:9a:1a:b0:4c:30:2f:5f:b6:8b:02:fa:7c:
1e:4c:aa:ed:99:ea:b7:28:e7:a7:76:83:0b:9d:a1:1b:c4:a6:
0a:bc:c1:1b:eb:e1:a7:c6:52:0c:af:dd:ed:4e:15:a8:a0:92:
68:a0:49:09:bb:d9:d6:af:b1:f8:7b:56:a2:32:45:40:c3:15:
aa:1a:5f:a9:56:c0:24:51:fe:ad:0a:85:15:f4:9b:f3:44:dd:
23:47:99:06:da:5b:44:1a:4a:b7:f1:a0:76:48:e6:29:e2:d3:
8e:11:5e:2c:3a:c3:3f:72:18:84:d7:6c:36:2d:76:ae:ee:92:
73:f6:ef:b8
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICVz8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTQy
MTU0MTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDMzM0E3MzI1RUQ2RjBD
MjE5RDlBNjg0RDg3MkE0NTk1MDdDMkVFQUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKBnag3lZI0num0L8Gbunz7l9/gf1duwnWw4IB7H7zsvWT/y1H
YfbuEr2+J8SDhnmYlHml2++NZLMLKTN2fIRc0G6ONa6re6ejOPrq9Lt8wC9oZYZ7
JyNbwH9tSm5euVauL24W3ZKveYCSNCU5/wrVYwyQ+LfN+pUhxdnie8gLKpOa4eCQ
YmoMODNcWWqfIthDb47D31GMhF+2eAI1NH3S7+LyohgcGXosctfyEP9njpNwzuaD
4kE0Szxmei52HX9dqlv4oAT67pX5nmQQf6VRqtEfrOV7fx7dhARcGammL0OtA/V+
FfH/r+t8ewE7hYtN6K4iTySQc3yU2oJXlzKpAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUMzpzJe1vDCGdmmhNhypFlQfC7qwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L016cHpKZTF2RENHZG1t
aE5oeXBGbFFmQzdxdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAA1HQOse6dAvT6Nw6O3Aedd5G9U22UWu
tUZsA08oyTQ9v2uuImBGBTGBFPnNRz3uo8k3qCkYqaSWmalPSUl8r0qMOZSFUeUh
6MZ9v7rx4CrbO2N9X4M0utulmjfnHJBDVQzPLH0mFGmWFYOAhCWQU/ckaTQkMTjP
6CkYrVyPg4C1YOhS7poasEwwL1+2iwL6fB5Mqu2Z6rco56d2gwudoRvEpgq8wRvr
4afGUgyv3e1OFaigkmigSQm72davsfh7VqIyRUDDFaoaX6lWwCRR/q0KhRX0m/NE
3SNHmQbaW0QaSrfxoHZI5ini044RXiw6wz9yGITXbDYtdq7uknP277g=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:30:42 2025 by rpki-client