Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/NpwEuAMA7HW5TFnUHGx7O9D6nAA.roa
File: NpwEuAMA7HW5TFnUHGx7O9D6nAA.roa (raw, json)
Hash identifier: 7yqMyMnaNAbiL77tdy02r1merIF3Awtulh7D5b6hgxk=
Subject key identifier: 36:9C:04:B8:03:00:EC:75:B9:4C:59:D4:1C:6C:7B:3B:D0:FA:9C:00
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 44EF
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/NpwEuAMA7HW5TFnUHGx7O9D6nAA.roa
Signing time: Sat 20 Apr 2024 11:53:11 +0000
ROA not before: Sat 20 Apr 2024 11:53:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17647 (0x44ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 11:53:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=369C04B80300EC75B94C59D41C6C7B3BD0FA9C00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:cb:62:db:b8:aa:67:e1:82:c2:32:3e:93:7e:
66:2e:9b:a2:1e:dc:10:a9:69:c6:de:ef:92:91:07:
67:ef:27:3a:ea:2e:a2:86:53:0c:65:f4:b2:bf:8d:
a3:4e:ff:61:4d:e9:51:8e:71:3b:3b:50:84:c5:c2:
d2:18:42:26:46:5c:6f:f5:9e:de:4a:fd:4e:d3:5d:
b4:66:6a:a2:46:bd:c2:52:f5:dc:f6:45:99:0d:d6:
74:a2:3b:c2:d9:f8:7a:54:82:20:73:66:bd:27:c2:
7e:a7:dd:be:5e:3d:98:70:1a:09:54:c5:11:8e:09:
06:58:76:18:15:72:86:55:2e:c1:1d:16:39:11:23:
5a:20:5c:54:07:0a:7b:f8:8e:24:27:e2:ea:f7:5e:
0f:4c:94:40:3a:12:ec:d2:b8:94:d6:fd:81:aa:7c:
3f:a7:4e:31:86:25:7b:7a:2f:e8:9d:50:43:c9:69:
fc:0e:5f:bf:c8:d8:61:fb:8b:84:a6:a1:09:26:3a:
f2:ae:02:54:e2:24:44:a0:3a:3c:5f:07:b1:60:e4:
bf:bd:e3:1e:18:12:ed:64:6e:7a:4d:33:6e:22:98:
86:ae:bb:3e:5a:c4:f4:29:ec:8d:f8:50:f2:4c:6d:
3a:b5:bc:00:40:49:9d:0d:31:e5:b0:ed:1a:ab:87:
c3:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:9C:04:B8:03:00:EC:75:B9:4C:59:D4:1C:6C:7B:3B:D0:FA:9C:00
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/NpwEuAMA7HW5TFnUHGx7O9D6nAA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
a8:36:2b:50:eb:00:86:0c:7a:d9:b4:94:49:f2:2e:c1:e4:7c:
38:2b:fd:ce:d2:b3:c0:9a:1d:4f:88:e4:11:94:a0:96:04:91:
ef:43:64:bb:10:3c:d5:2c:1c:8b:e4:8f:fb:ae:5f:a3:ef:21:
98:09:fd:f3:b9:90:dc:a3:cd:fd:85:7c:85:06:55:61:8d:cb:
b9:d1:98:bf:79:f5:ca:d5:6c:c3:de:3e:d8:c6:a3:68:65:37:
04:10:0c:00:f6:e0:48:f0:6e:7f:16:56:56:19:57:dc:de:46:
e2:f2:9e:b8:c1:34:25:0e:92:a0:91:1d:e3:d3:8e:b6:8e:93:
48:50:e8:09:9a:59:bd:7b:8e:8a:08:86:14:0e:55:2e:fd:3d:
b6:1e:9c:12:7e:e3:a8:f8:d7:d5:2e:5c:c0:0b:88:5c:43:f0:
26:4a:34:14:97:1e:dc:e8:d6:4f:75:de:fb:51:79:59:3e:0d:
3c:99:cb:1a:0d:45:d3:e9:97:f2:b0:b3:2e:db:c7:5b:20:9c:
67:14:c9:c5:93:20:bc:5e:1c:4f:0a:3d:dd:85:93:45:8a:ba:
0e:48:68:bc:14:33:c6:ce:52:97:f6:e6:7a:f8:4d:db:7a:f6:
ba:c0:5b:54:9e:62:1c:dd:49:56:e1:b0:0c:a1:87:d4:e9:21:
dd:33:50:35
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICRO8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAx
MTUzMTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM2OUMwNEI4MDMwMEVD
NzVCOTRDNTlENDFDNkM3QjNCRDBGQTlDMDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+y2LbuKpn4YLCMj6TfmYum6Ie3BCpacbe75KRB2fvJzrqLqKG
Uwxl9LK/jaNO/2FN6VGOcTs7UITFwtIYQiZGXG/1nt5K/U7TXbRmaqJGvcJS9dz2
RZkN1nSiO8LZ+HpUgiBzZr0nwn6n3b5ePZhwGglUxRGOCQZYdhgVcoZVLsEdFjkR
I1ogXFQHCnv4jiQn4ur3Xg9MlEA6EuzSuJTW/YGqfD+nTjGGJXt6L+idUEPJafwO
X7/I2GH7i4SmoQkmOvKuAlTiJESgOjxfB7Fg5L+94x4YEu1kbnpNM24imIauuz5a
xPQp7I34UPJMbTq1vABASZ0NMeWw7Rqrh8OdAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUNpwEuAMA7HW5TFnUHGx7O9D6nAAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L05wd0V1QU1BN0hXNVRG
blVIR3g3TzlENm5BQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAKg2K1DrAIYMetm0lEnyLsHkfDgr/c7S
s8CaHU+I5BGUoJYEke9DZLsQPNUsHIvkj/uuX6PvIZgJ/fO5kNyjzf2FfIUGVWGN
y7nRmL959crVbMPePtjGo2hlNwQQDAD24Ejwbn8WVlYZV9zeRuLynrjBNCUOkqCR
HePTjraOk0hQ6AmaWb17jooIhhQOVS79PbYenBJ+46j419UuXMALiFxD8CZKNBSX
Htzo1k913vtReVk+DTyZyxoNRdPpl/Kwsy7bx1sgnGcUycWTILxeHE8KPd2Fk0WK
ug5IaLwUM8bOUpf25nr4Tdt69rrAW1SeYhzdSVbhsAyhh9TpId0zUDU=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:28:37 2025 by rpki-client