Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/gVHwp3BmU5Mu8_GcX2sFA6Bqa8Y.roa
File: gVHwp3BmU5Mu8_GcX2sFA6Bqa8Y.roa (raw, json)
Hash identifier: LsZ/tVFIjXDB6mySgbYEk45j5qHWKeARqQeNDWePjYA=
Subject key identifier: 81:51:F0:A7:70:66:53:93:2E:F3:F1:9C:5F:6B:05:03:A0:6A:6B:C6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 354F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/gVHwp3BmU5Mu8_GcX2sFA6Bqa8Y.roa
Signing time: Sat 30 Mar 2024 15:52:09 +0000
ROA not before: Sat 30 Mar 2024 15:52:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13647 (0x354f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 15:52:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8151F0A7706653932EF3F19C5F6B0503A06A6BC6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:8a:37:4c:3b:e5:8b:53:e0:cb:50:4d:94:36:
32:b4:96:26:10:5d:f7:6c:64:7e:26:79:0d:5b:92:
38:17:fd:64:7c:d6:9b:3b:a6:e5:4f:be:25:be:59:
75:5d:ac:d8:1d:d9:93:b3:d1:ad:f3:37:cf:7b:7f:
64:fe:6b:4f:c3:4e:81:ec:1e:1b:0d:34:2a:cd:eb:
33:23:2a:fe:b7:ec:b8:57:db:36:28:4a:bd:f2:1d:
d6:0c:a2:51:78:ea:f5:df:8a:0b:71:6f:eb:21:be:
71:e7:e8:0a:1c:97:90:48:ea:42:6f:0a:5e:00:2d:
e5:ad:17:e0:b1:6d:09:80:63:0a:5f:60:82:01:ae:
cf:82:19:0e:51:20:a8:4a:05:67:66:90:6c:60:d0:
e6:33:9f:92:6b:ef:78:b1:4e:55:44:70:45:b0:56:
36:c3:44:85:ad:14:e1:d0:86:c5:c1:e8:87:f8:b8:
02:49:71:54:dd:67:48:2c:a1:eb:f5:e1:c0:ae:9c:
90:b9:6a:04:c6:5e:3c:8b:06:46:6e:9f:8f:36:af:
18:58:ce:44:31:3c:0c:2c:00:ea:69:33:78:c5:b6:
86:51:2e:5b:51:7e:44:40:e7:e5:49:97:8a:b4:80:
f1:56:03:f9:da:99:4d:34:90:0e:92:ea:b8:75:51:
05:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:51:F0:A7:70:66:53:93:2E:F3:F1:9C:5F:6B:05:03:A0:6A:6B:C6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/gVHwp3BmU5Mu8_GcX2sFA6Bqa8Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
81:ab:5d:a0:6e:98:2d:cc:4e:ef:27:a8:54:23:89:0c:87:de:
ac:65:f0:d6:3b:3c:c6:79:15:89:74:20:3b:f9:1d:33:18:af:
a9:f3:ed:dd:d8:2d:ec:de:0e:ca:f2:29:e0:1e:cd:c1:9f:a5:
fa:bd:91:0e:36:1b:75:58:45:25:f7:67:73:6c:82:03:d6:61:
21:64:ac:82:fe:92:58:a0:16:51:f4:ce:c9:68:a3:9a:2b:0c:
dd:89:6d:6b:c5:88:fc:b6:84:5b:d1:22:08:fa:20:65:b4:7d:
ed:b4:57:5f:d7:df:2f:54:40:95:90:10:ad:61:e9:e9:93:51:
35:e4:f2:bd:50:42:4e:4b:13:53:58:7e:71:45:a5:7e:09:6d:
c7:a9:91:08:06:c3:24:ce:24:37:15:ee:da:d7:7e:ca:0f:55:
3f:4e:d4:d4:9d:c4:a7:5b:4b:1f:a4:fc:4f:a2:cb:55:b7:c8:
de:ac:0d:6a:c7:b2:a3:56:4d:fc:72:a7:05:8a:66:66:ce:3d:
bb:61:a4:f7:50:8c:b8:48:ff:1a:a5:d3:e9:79:f2:a1:3a:1b:
1e:17:66:8a:9c:99:1e:00:9c:4b:a5:76:d6:1d:3c:d1:d1:44:
cc:11:6d:43:3a:57:58:c7:43:a8:19:30:f1:0c:3d:a5:5c:1c:
6f:4b:a6:0d
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNU8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAx
NTUyMDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDgxNTFGMEE3NzA2NjUz
OTMyRUYzRjE5QzVGNkIwNTAzQTA2QTZCQzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0ijdMO+WLU+DLUE2UNjK0liYQXfdsZH4meQ1bkjgX/WR81ps7
puVPviW+WXVdrNgd2ZOz0a3zN897f2T+a0/DToHsHhsNNCrN6zMjKv637LhX2zYo
Sr3yHdYMolF46vXfigtxb+shvnHn6Aocl5BI6kJvCl4ALeWtF+CxbQmAYwpfYIIB
rs+CGQ5RIKhKBWdmkGxg0OYzn5Jr73ixTlVEcEWwVjbDRIWtFOHQhsXB6If4uAJJ
cVTdZ0gsoev14cCunJC5agTGXjyLBkZun482rxhYzkQxPAwsAOppM3jFtoZRLltR
fkRA5+VJl4q0gPFWA/namU00kA6S6rh1UQXdAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUgVHwp3BmU5Mu8/GcX2sFA6Bqa8YwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2dWSHdwM0JtVTVNdThf
R2NYMnNGQTZCcWE4WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAIGrXaBumC3MTu8nqFQjiQyH3qxl8NY7
PMZ5FYl0IDv5HTMYr6nz7d3YLezeDsryKeAezcGfpfq9kQ42G3VYRSX3Z3NsggPW
YSFkrIL+kligFlH0zsloo5orDN2JbWvFiPy2hFvRIgj6IGW0fe20V1/X3y9UQJWQ
EK1h6emTUTXk8r1QQk5LE1NYfnFFpX4JbcepkQgGwyTOJDcV7trXfsoPVT9O1NSd
xKdbSx+k/E+iy1W3yN6sDWrHsqNWTfxypwWKZmbOPbthpPdQjLhI/xql0+l58qE6
Gx4XZoqcmR4AnEuldtYdPNHRRMwRbUM6V1jHQ6gZMPEMPaVcHG9Lpg0=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:37:55 2025 by rpki-client