Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/OoN7FZtusDjTdvKC4Uml563D0qg.roa
File: OoN7FZtusDjTdvKC4Uml563D0qg.roa (raw, json)
Hash identifier: sPLeSze0Ap77/1Qc+arLNQmgo8CqSP66yGq4yqRB9Y4=
Subject key identifier: 3A:83:7B:15:9B:6E:B0:38:D3:76:F2:82:E1:49:A5:E7:AD:C3:D2:A8
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4D7B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/OoN7FZtusDjTdvKC4Uml563D0qg.roa
Signing time: Wed 01 May 2024 21:23:40 +0000
ROA not before: Wed 01 May 2024 21:23:40 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19835 (0x4d7b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 1 21:23:40 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3A837B159B6EB038D376F282E149A5E7ADC3D2A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:61:00:7f:c3:a6:16:5f:4c:34:de:7a:bf:9c:
47:03:86:91:e9:55:5a:a4:8d:82:18:69:70:6d:5d:
cd:be:66:be:78:4a:ae:6a:91:67:1d:0b:ed:0f:05:
3d:5a:30:8d:d5:ed:92:55:cb:5f:c4:9e:9c:d0:31:
2d:90:39:6a:cd:d0:80:15:57:e4:6a:47:e8:f8:30:
5a:4f:71:7e:4e:60:3b:91:46:e3:03:ea:df:03:93:
a5:62:75:0f:fa:10:17:1f:87:5e:0d:fe:be:fd:1e:
23:6e:55:22:d6:67:98:73:9b:0b:3d:2a:c8:ee:64:
66:70:cf:a6:ad:27:e6:ed:83:0b:e2:26:5a:47:0d:
1d:14:10:2a:4e:a9:a0:14:ae:b4:e4:de:95:fa:ed:
ff:6b:5e:1a:de:ac:57:0e:06:71:2b:45:d1:2e:e4:
06:f3:63:04:87:47:43:36:08:b3:ca:55:a1:21:c0:
0a:52:fd:46:02:57:e6:b8:1d:d0:e4:9c:a8:be:d4:
82:04:c8:72:49:67:21:f8:9a:88:81:ad:0f:7e:c9:
93:a2:ba:14:36:1a:70:68:5f:46:14:cb:19:3a:4b:
d3:49:ec:29:51:fc:97:03:85:25:ec:87:ef:4f:53:
69:92:6e:bc:b9:82:bb:4d:fb:ca:1e:f7:bb:55:18:
a4:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:83:7B:15:9B:6E:B0:38:D3:76:F2:82:E1:49:A5:E7:AD:C3:D2:A8
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/OoN7FZtusDjTdvKC4Uml563D0qg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
41:c5:d9:1c:71:18:ee:25:cf:08:26:0f:19:ed:a4:50:58:1e:
ac:7e:8b:a4:9b:15:1d:f7:16:b6:ed:30:51:12:26:49:67:f0:
1d:ef:1e:be:5c:61:1a:95:22:24:9b:9c:9c:d3:46:ba:45:4e:
3f:ba:ac:b3:42:42:9b:38:df:94:9c:98:0e:a1:55:02:e2:be:
2d:4c:82:78:b1:e8:fc:49:8d:57:6f:c0:1f:ed:08:49:6a:f2:
e6:a4:ef:e8:bc:fe:43:92:d4:a0:b6:c9:2a:8c:e0:e9:68:3e:
a4:2d:24:59:97:07:1a:04:da:4e:55:4a:8f:c9:a2:a4:74:82:
a3:19:6e:34:f4:75:dc:76:b3:ca:bf:39:56:6b:1c:d8:20:f1:
00:77:c5:c7:86:ee:1c:92:9a:c2:2d:73:d3:72:5e:be:89:31:
74:1f:b6:f7:e4:5f:ed:ae:88:b7:43:5c:da:c8:9a:cc:8d:b1:
5a:fc:68:b9:af:f2:b5:d8:85:1d:b4:e9:5f:10:e2:74:ce:1e:
4d:73:82:32:2a:0f:2d:72:fc:a5:14:39:aa:bc:d9:df:62:b1:
76:36:13:9d:b9:22:31:fe:aa:31:c7:1c:08:50:f1:f6:69:45:
ec:e1:4c:23:3e:3e:1c:99:75:02:0a:95:9d:e6:7e:2b:e5:d9:
f8:8f:6c:9e
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTXswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDEy
MTIzNDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNBODM3QjE1OUI2RUIw
MzhEMzc2RjI4MkUxNDlBNUU3QURDM0QyQTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzYQB/w6YWX0w03nq/nEcDhpHpVVqkjYIYaXBtXc2+Zr54Sq5q
kWcdC+0PBT1aMI3V7ZJVy1/EnpzQMS2QOWrN0IAVV+RqR+j4MFpPcX5OYDuRRuMD
6t8Dk6VidQ/6EBcfh14N/r79HiNuVSLWZ5hzmws9KsjuZGZwz6atJ+btgwviJlpH
DR0UECpOqaAUrrTk3pX67f9rXhrerFcOBnErRdEu5AbzYwSHR0M2CLPKVaEhwApS
/UYCV+a4HdDknKi+1IIEyHJJZyH4moiBrQ9+yZOiuhQ2GnBoX0YUyxk6S9NJ7ClR
/JcDhSXsh+9PU2mSbry5grtN+8oe97tVGKRFAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUOoN7FZtusDjTdvKC4Uml563D0qgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L09vTjdGWnR1c0RqVGR2
S0M0VW1sNTYzRDBxZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAEHF2RxxGO4lzwgmDxntpFBYHqx+i6Sb
FR33FrbtMFESJkln8B3vHr5cYRqVIiSbnJzTRrpFTj+6rLNCQps435ScmA6hVQLi
vi1Mgnix6PxJjVdvwB/tCElq8uak7+i8/kOS1KC2ySqM4OloPqQtJFmXBxoE2k5V
So/JoqR0gqMZbjT0ddx2s8q/OVZrHNgg8QB3xceG7hySmsItc9NyXr6JMXQftvfk
X+2uiLdDXNrImsyNsVr8aLmv8rXYhR206V8Q4nTOHk1zgjIqDy1y/KUUOaq82d9i
sXY2E525IjH+qjHHHAhQ8fZpRezhTCM+PhyZdQIKlZ3mfivl2fiPbJ4=
-----END CERTIFICATE-----
Generated at Sat Jun 21 05:04:32 2025 by rpki-client