Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/hcuw5ofIC15dDIBhlpJWBcrsbzU.roa
File: hcuw5ofIC15dDIBhlpJWBcrsbzU.roa (raw, json)
Hash identifier: b5DylP+gk6066aMgHHLnvSGrMhGUjwb3trB2b1Zs+KM=
Subject key identifier: 85:CB:B0:E6:87:C8:0B:5E:5D:0C:80:61:96:92:56:05:CA:EC:6F:35
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 35EF
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hcuw5ofIC15dDIBhlpJWBcrsbzU.roa
Signing time: Sun 31 Mar 2024 11:52:18 +0000
ROA not before: Sun 31 Mar 2024 11:52:18 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13807 (0x35ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 11:52:18 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=85CBB0E687C80B5E5D0C806196925605CAEC6F35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:90:a8:30:d9:29:fd:b0:f9:52:24:4a:07:97:
02:8e:51:78:ef:4c:c9:e8:14:de:39:80:cc:51:f9:
eb:e2:dd:7d:7b:d1:41:4e:7c:85:12:be:1f:0c:40:
83:25:06:88:19:fd:13:1f:3d:35:d1:7e:8a:a3:42:
c5:7f:7b:02:24:0a:79:7b:1e:ec:69:96:f5:0f:af:
5e:28:c9:50:3a:6c:c8:c4:e2:e2:c5:bc:e0:86:8e:
64:96:eb:03:95:dd:bc:61:5b:0b:90:8a:8c:45:f7:
a1:f4:25:c7:43:7a:b4:0e:6a:d0:88:63:78:dc:bd:
30:2f:82:d0:af:ef:bb:67:b8:da:a1:8e:49:fa:98:
c8:e2:88:70:b4:cc:e4:86:c8:5a:34:6f:70:4e:cc:
77:7f:1a:4e:58:ae:8e:8a:c3:4e:3a:ee:ed:6a:a2:
87:83:f0:fd:04:e1:c4:8e:8d:d8:0e:d6:3c:c7:b8:
47:2b:ad:bc:f4:35:80:49:7d:eb:70:89:d5:64:50:
b2:45:61:f5:52:20:69:34:ea:38:9a:60:da:e6:32:
bc:79:8d:31:d0:31:da:a0:bc:f5:1e:15:9b:f3:61:
98:7d:e7:84:f6:1b:e8:bd:71:43:fa:fd:14:cc:0d:
88:35:9e:78:ce:ef:9f:11:90:dc:ad:0a:13:1e:2d:
cc:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:CB:B0:E6:87:C8:0B:5E:5D:0C:80:61:96:92:56:05:CA:EC:6F:35
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hcuw5ofIC15dDIBhlpJWBcrsbzU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
a2:42:fd:37:fd:92:df:c3:57:69:c8:5a:17:28:e5:60:55:10:
eb:a5:b3:9a:34:3f:01:8e:93:ba:c9:3f:eb:12:44:7a:9c:43:
6e:51:e5:6a:66:c4:0c:06:09:d8:48:08:80:7e:cb:b7:d1:62:
c9:ca:c7:f8:cb:79:c8:65:82:29:6f:93:46:3c:9f:71:9f:78:
3b:82:bb:ac:08:00:1d:aa:55:0d:26:e7:22:d5:e1:b6:c6:fb:
94:d3:fc:8c:96:99:d6:e9:f2:09:07:6a:aa:aa:e2:6f:db:d8:
cd:17:c0:05:2a:f3:b7:5a:76:f0:80:ff:d9:d7:e5:49:a7:69:
72:20:4b:fe:6a:40:05:08:98:8b:61:d1:2b:84:71:7c:4d:5b:
f7:db:78:11:00:ae:f8:43:c5:33:e6:ff:28:8b:ab:69:8d:03:
4c:17:77:24:2a:89:8a:24:43:35:7c:2d:70:09:75:88:cc:97:
a4:e4:e9:2d:40:96:01:fb:b0:03:ea:5a:a6:c0:fa:23:6b:08:
62:ab:8a:52:52:b1:c5:0c:28:00:df:97:03:6a:44:39:71:b9:
59:8d:50:f0:1c:72:f8:2b:cc:35:af:d9:6e:ac:d8:18:e5:04:
25:9b:31:14:4d:ee:ab:45:f9:1c:d2:b4:02:9e:cf:a6:3f:fb:
c8:4f:c3:50
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNe8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEx
MTUyMThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg1Q0JCMEU2ODdDODBC
NUU1RDBDODA2MTk2OTI1NjA1Q0FFQzZGMzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+kKgw2Sn9sPlSJEoHlwKOUXjvTMnoFN45gMxR+evi3X170UFO
fIUSvh8MQIMlBogZ/RMfPTXRfoqjQsV/ewIkCnl7HuxplvUPr14oyVA6bMjE4uLF
vOCGjmSW6wOV3bxhWwuQioxF96H0JcdDerQOatCIY3jcvTAvgtCv77tnuNqhjkn6
mMjiiHC0zOSGyFo0b3BOzHd/Gk5Yro6Kw0467u1qooeD8P0E4cSOjdgO1jzHuEcr
rbz0NYBJfetwidVkULJFYfVSIGk06jiaYNrmMrx5jTHQMdqgvPUeFZvzYZh954T2
G+i9cUP6/RTMDYg1nnjO758RkNytChMeLcwtAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUhcuw5ofIC15dDIBhlpJWBcrsbzUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2hjdXc1b2ZJQzE1ZERJ
QmhscEpXQmNyc2J6VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAKJC/Tf9kt/DV2nIWhco5WBVEOuls5o0
PwGOk7rJP+sSRHqcQ25R5WpmxAwGCdhICIB+y7fRYsnKx/jLechlgilvk0Y8n3Gf
eDuCu6wIAB2qVQ0m5yLV4bbG+5TT/IyWmdbp8gkHaqqq4m/b2M0XwAUq87dadvCA
/9nX5UmnaXIgS/5qQAUImIth0SuEcXxNW/fbeBEArvhDxTPm/yiLq2mNA0wXdyQq
iYokQzV8LXAJdYjMl6Tk6S1AlgH7sAPqWqbA+iNrCGKrilJSscUMKADflwNqRDlx
uVmNUPAccvgrzDWv2W6s2BjlBCWbMRRN7qtF+RzStAKez6Y/+8hPw1A=
-----END CERTIFICATE-----
Generated at Sun Jun 22 05:06:38 2025 by rpki-client