Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/T9JzZgplDTeORRc1n0gUp0EznKE.roa
File: T9JzZgplDTeORRc1n0gUp0EznKE.roa (raw, json)
Hash identifier: Gtsy0bh1bIaVH6qskBB+zYvVmZmhv3uwc+4bM1Y7rNs=
Subject key identifier: 4F:D2:73:66:0A:65:0D:37:8E:45:17:35:9F:48:14:A7:41:33:9C:A1
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3B13
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/T9JzZgplDTeORRc1n0gUp0EznKE.roa
Signing time: Sun 07 Apr 2024 08:22:31 +0000
ROA not before: Sun 07 Apr 2024 08:22:31 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15123 (0x3b13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 7 08:22:31 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4FD273660A650D378E4517359F4814A741339CA1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f8:13:78:0b:86:51:72:78:47:60:f5:a7:09:
68:95:d3:f6:8e:4a:f7:ff:eb:3c:a5:d7:aa:6f:3d:
5a:b5:60:84:91:85:8d:98:42:86:1b:31:0d:59:94:
a6:01:24:9c:e8:a9:6c:66:9f:12:16:7d:c2:95:63:
52:29:68:96:fd:ee:0a:e2:a5:c3:95:68:b2:28:d3:
35:0a:48:40:a4:67:28:9a:10:49:36:9e:e0:f0:62:
88:e4:82:04:7e:7b:32:9d:a4:a1:bd:0c:01:2d:55:
46:b5:9b:86:55:51:da:fc:8e:49:49:22:3a:e3:46:
17:50:d3:b3:e0:6b:e7:6f:67:87:d8:ea:8c:04:10:
11:9b:6a:87:9e:db:bc:04:73:96:63:d8:32:51:a2:
72:f5:2b:d9:3f:10:c5:cc:f3:b9:8a:2a:8d:b4:92:
8e:5c:9a:26:df:1b:fe:5e:c7:ba:2d:ff:8c:7d:32:
f9:ea:ed:a0:0d:6b:7d:92:80:9a:90:a3:c7:d4:33:
ef:38:42:0d:2b:ee:d7:72:54:1e:3c:64:f2:2f:28:
7c:5a:1e:91:d8:b6:f6:35:47:bd:ea:1a:1c:71:cb:
5c:68:c7:2f:44:1a:8d:2a:07:c7:c7:41:1a:fd:ed:
05:10:e4:78:df:57:08:47:f2:0e:2a:a4:08:f4:de:
f2:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:D2:73:66:0A:65:0D:37:8E:45:17:35:9F:48:14:A7:41:33:9C:A1
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/T9JzZgplDTeORRc1n0gUp0EznKE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
8c:62:86:be:e1:01:fc:42:66:75:96:be:dc:a2:cd:08:b7:dd:
05:37:ab:7e:54:7d:d2:7c:3d:b6:9f:9d:e4:ff:30:de:6e:fa:
47:f6:de:7b:b1:91:4c:63:e4:8e:ed:79:08:38:a7:1d:62:1f:
e7:b1:3a:9e:3e:63:4f:44:4f:25:39:05:7e:3c:69:a2:1a:7a:
05:30:9a:12:7e:f7:d8:c5:2f:68:40:03:39:0f:bf:7f:c0:39:
8f:94:b8:bd:ca:8f:e4:a3:23:b6:d8:3e:0e:07:2a:0e:16:86:
ee:6a:5a:3a:bd:60:f9:c1:c0:8a:b3:49:f6:c1:7c:29:63:0c:
73:8b:b8:19:dd:ea:2f:06:5f:c2:ee:7e:cc:7f:0f:b1:b4:de:
9e:cc:85:2d:f4:65:fe:28:cd:bd:7e:49:b2:12:ef:57:40:a9:
46:77:7b:0c:ba:b3:35:0d:aa:a3:cc:d4:9d:f7:db:70:97:20:
1f:ad:db:27:47:c6:58:04:51:71:84:25:a0:1a:ec:e5:89:ca:
eb:a8:f0:b2:d1:89:54:a8:7a:76:dd:78:e3:8f:a0:8e:91:3c:
59:79:90:75:04:3d:7f:21:b6:95:84:84:14:f9:4f:10:fe:ce:
f9:ac:54:05:1d:7c:d2:19:bb:7c:6d:6b:17:32:87:55:b0:f2:
24:e1:85:48
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICOxMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDcw
ODIyMzFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRGRDI3MzY2MEE2NTBE
Mzc4RTQ1MTczNTlGNDgxNEE3NDEzMzlDQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDA+BN4C4ZRcnhHYPWnCWiV0/aOSvf/6zyl16pvPVq1YISRhY2Y
QoYbMQ1ZlKYBJJzoqWxmnxIWfcKVY1IpaJb97gripcOVaLIo0zUKSECkZyiaEEk2
nuDwYojkggR+ezKdpKG9DAEtVUa1m4ZVUdr8jklJIjrjRhdQ07Pga+dvZ4fY6owE
EBGbaoee27wEc5Zj2DJRonL1K9k/EMXM87mKKo20ko5cmibfG/5ex7ot/4x9Mvnq
7aANa32SgJqQo8fUM+84Qg0r7tdyVB48ZPIvKHxaHpHYtvY1R73qGhxxy1xoxy9E
Go0qB8fHQRr97QUQ5HjfVwhH8g4qpAj03vJpAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUT9JzZgplDTeORRc1n0gUp0EznKEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1Q5SnpaZ3BsRFRlT1JS
YzFuMGdVcDBFem5LRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAIxihr7hAfxCZnWWvtyizQi33QU3q35U
fdJ8PbafneT/MN5u+kf23nuxkUxj5I7teQg4px1iH+exOp4+Y09ETyU5BX48aaIa
egUwmhJ+99jFL2hAAzkPv3/AOY+UuL3Kj+SjI7bYPg4HKg4Whu5qWjq9YPnBwIqz
SfbBfCljDHOLuBnd6i8GX8Lufsx/D7G03p7MhS30Zf4ozb1+SbIS71dAqUZ3ewy6
szUNqqPM1J3323CXIB+t2ydHxlgEUXGEJaAa7OWJyuuo8LLRiVSoenbdeOOPoI6R
PFl5kHUEPX8htpWEhBT5TxD+zvmsVAUdfNIZu3xtaxcyh1Ww8iThhUg=
-----END CERTIFICATE-----
Generated at Sat Jun 21 19:22:51 2025 by rpki-client