Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Uqo2usn-pjRCF7H2IKOvaUTy8AA.roa
File: Uqo2usn-pjRCF7H2IKOvaUTy8AA.roa (raw, json)
Hash identifier: WPMj29S56vEB90O3UcvhoYFeu4ToECGzkbjEw0hFQzk=
Subject key identifier: 52:AA:36:BA:C9:FE:A6:34:42:17:B1:F6:20:A3:AF:69:44:F2:F0:00
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 42D7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Uqo2usn-pjRCF7H2IKOvaUTy8AA.roa
Signing time: Wed 17 Apr 2024 16:53:00 +0000
ROA not before: Wed 17 Apr 2024 16:53:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17111 (0x42d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 16:53:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=52AA36BAC9FEA6344217B1F620A3AF6944F2F000
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d6:9b:c3:a0:53:fa:9e:54:0b:af:7b:1b:70:
3d:75:c4:d9:2f:b1:8d:e1:a4:bc:8f:49:42:d7:cf:
8c:31:3b:fe:32:63:86:c3:b4:a8:3f:75:07:a0:15:
9c:b9:81:a2:f8:13:89:1a:48:c7:b4:bf:75:ae:fa:
ef:ec:be:fe:7b:15:c0:8d:70:5c:0e:79:2b:cd:9d:
c6:cf:2a:a4:94:8b:e2:6e:d4:3c:b7:ab:8b:c1:25:
59:fc:f6:e3:13:28:66:66:99:20:3f:9b:ba:9b:36:
a4:d2:87:63:10:8b:07:76:ff:88:ce:92:ae:8f:01:
37:ed:63:b2:b3:da:8a:49:88:1c:f8:39:db:8c:77:
5b:c0:53:4d:f7:0e:bb:05:c7:7d:1a:ec:8f:f5:4a:
b8:b7:50:56:3a:36:e5:8b:25:7d:e2:f2:69:d4:de:
b1:6c:af:f8:2a:73:81:5e:df:e5:46:e1:8d:e1:df:
8e:8f:24:13:ef:40:2a:18:fe:a0:20:fd:55:3e:8c:
47:b0:63:bf:34:6c:52:37:e8:85:29:bb:b9:cd:35:
74:1b:41:d9:13:ff:cc:81:7a:40:bf:bd:37:bd:a6:
d8:5f:11:aa:4c:9a:9b:cd:f7:da:0e:bf:bf:13:f1:
ed:4c:a2:19:97:6e:7b:c2:30:6c:d9:2f:3d:b2:ac:
b9:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:AA:36:BA:C9:FE:A6:34:42:17:B1:F6:20:A3:AF:69:44:F2:F0:00
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Uqo2usn-pjRCF7H2IKOvaUTy8AA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
4e:7a:2a:0a:6c:2d:73:df:42:11:c0:6e:7d:29:0e:5a:1e:9d:
f8:45:df:8a:e0:ef:79:be:39:c5:ff:cf:49:90:f3:89:3c:42:
5f:7e:78:59:ec:7e:b6:09:a3:f0:b2:c1:ca:ed:a0:9f:22:fd:
20:ba:43:9b:57:6f:55:bc:83:8d:05:8e:fe:7b:01:01:b5:a1:
a9:19:c1:b0:47:f3:cb:bc:ce:bb:b8:4c:0b:eb:7e:25:1f:19:
26:d0:33:75:0c:40:58:81:e1:23:ab:cb:4f:7a:a8:b8:33:ef:
b6:33:d6:fd:4a:91:20:05:e3:cc:bc:19:7c:41:cb:b4:d7:5e:
38:21:c2:fc:73:e9:c3:af:45:e1:9c:a0:35:db:b5:a5:bb:f9:
30:c8:14:1f:44:61:9e:c6:22:af:ff:f3:cb:d1:bb:87:b5:d6:
70:63:88:53:e9:cb:35:de:22:f5:f0:3a:02:f8:16:b0:29:6a:
1c:97:86:73:2f:23:b8:18:56:1e:7e:10:0c:d4:fb:81:9c:e8:
77:59:7d:50:ef:e3:a0:b2:ea:04:ff:9c:1c:fb:18:05:0f:f8:
ad:95:fe:8f:27:69:a7:5d:24:40:58:80:70:13:f1:e9:33:73:
5f:c7:4a:fe:73:83:5a:46:6a:75:a9:19:da:41:eb:3e:be:b8:
e4:b8:a2:e1
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQtcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcx
NjUzMDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUyQUEzNkJBQzlGRUE2
MzQ0MjE3QjFGNjIwQTNBRjY5NDRGMkYwMDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCi1pvDoFP6nlQLr3sbcD11xNkvsY3hpLyPSULXz4wxO/4yY4bD
tKg/dQegFZy5gaL4E4kaSMe0v3Wu+u/svv57FcCNcFwOeSvNncbPKqSUi+Ju1Dy3
q4vBJVn89uMTKGZmmSA/m7qbNqTSh2MQiwd2/4jOkq6PATftY7Kz2opJiBz4OduM
d1vAU033DrsFx30a7I/1Sri3UFY6NuWLJX3i8mnU3rFsr/gqc4Fe3+VG4Y3h346P
JBPvQCoY/qAg/VU+jEewY780bFI36IUpu7nNNXQbQdkT/8yBekC/vTe9pthfEapM
mpvN99oOv78T8e1MohmXbnvCMGzZLz2yrLltAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUUqo2usn+pjRCF7H2IKOvaUTy8AAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1VxbzJ1c24tcGpSQ0Y3
SDJJS092YVVUeThBQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAE56KgpsLXPfQhHAbn0pDloenfhF34rg
73m+OcX/z0mQ84k8Ql9+eFnsfrYJo/CywcrtoJ8i/SC6Q5tXb1W8g40Fjv57AQG1
oakZwbBH88u8zru4TAvrfiUfGSbQM3UMQFiB4SOry096qLgz77Yz1v1KkSAF48y8
GXxBy7TXXjghwvxz6cOvReGcoDXbtaW7+TDIFB9EYZ7GIq//88vRu4e11nBjiFPp
yzXeIvXwOgL4FrApahyXhnMvI7gYVh5+EAzU+4Gc6HdZfVDv46Cy6gT/nBz7GAUP
+K2V/o8naaddJEBYgHAT8ekzc1/HSv5zg1pGanWpGdpB6z6+uOS4ouE=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:44:57 2025 by rpki-client