Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/lF52ZchRyvaQh0KMIbP5oWjkoHc.roa
File: lF52ZchRyvaQh0KMIbP5oWjkoHc.roa (raw, json)
Hash identifier: CIShiSmKZXkuyveBLIHrbIpIxpFD0fES2OfV+eU5FuU=
Subject key identifier: 94:5E:76:65:C8:51:CA:F6:90:87:42:8C:21:B3:F9:A1:68:E4:A0:77
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 488F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lF52ZchRyvaQh0KMIbP5oWjkoHc.roa
Signing time: Thu 25 Apr 2024 07:53:19 +0000
ROA not before: Thu 25 Apr 2024 07:53:19 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18575 (0x488f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 25 07:53:19 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=945E7665C851CAF69087428C21B3F9A168E4A077
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:9c:7a:e3:22:7a:b1:ae:6c:7e:90:c4:bc:b0:
a8:ca:ff:7c:e3:3a:c0:69:f2:b4:ab:67:e6:5e:c9:
d1:35:cd:bd:c0:90:f4:98:01:a5:66:b1:2f:0a:e4:
b1:f2:b9:c4:b9:54:71:d5:b5:f9:f2:22:db:bd:74:
ff:87:24:b2:be:7b:c4:57:85:65:a1:22:fa:58:d1:
ad:b7:13:34:d5:7c:f5:e7:93:f8:0d:b8:e0:2d:35:
a1:0d:7a:04:1c:f9:a4:76:2c:00:19:f6:bb:58:80:
65:16:20:de:7f:bc:5b:13:b8:e1:10:ad:0c:8a:f8:
be:01:02:7f:ee:3a:d2:2c:1e:b6:20:f9:0b:3f:56:
ce:d2:8c:cd:83:cc:aa:89:de:6c:b8:cd:69:7d:a0:
6b:14:ac:a3:7c:aa:29:b9:e9:5e:3c:e4:d0:49:18:
c4:32:9c:bb:91:e4:b2:18:d6:15:80:37:8e:e8:4c:
28:75:ec:17:7c:d2:e2:3f:01:62:18:cf:d7:cb:01:
0a:e0:e1:5c:50:06:31:cc:2e:cb:44:c1:e5:cb:d5:
e0:65:32:b0:d8:3d:89:4b:e9:55:d0:33:0e:01:dd:
59:3d:a0:5d:75:17:51:0f:9e:99:14:90:49:10:26:
54:60:46:5a:5a:05:67:14:e8:4d:14:22:9a:f3:27:
b3:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:5E:76:65:C8:51:CA:F6:90:87:42:8C:21:B3:F9:A1:68:E4:A0:77
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lF52ZchRyvaQh0KMIbP5oWjkoHc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
31:4b:31:74:0b:85:99:3c:a1:98:f7:a6:99:77:c2:5b:3f:a7:
89:23:62:2f:4e:ea:13:5b:16:1c:b4:1d:54:22:e7:1a:96:74:
d1:56:7b:29:37:00:b8:c9:25:f5:2a:50:fb:24:d6:d5:ee:93:
bf:31:1b:86:a8:9f:6e:e4:33:87:d3:81:ea:ae:e7:94:45:8d:
47:18:23:8a:04:ef:94:bc:d5:99:af:01:04:53:af:e1:44:ba:
7f:3f:b1:e5:ca:ce:28:56:10:37:aa:89:bc:eb:2b:95:d2:11:
89:33:aa:e4:e4:a9:1d:7f:1c:73:a1:25:04:25:97:f4:08:04:
92:e0:6e:df:1b:26:a7:d1:ab:9a:2b:0b:52:c0:a8:4d:83:7a:
c7:63:15:b8:2d:dc:6c:7b:f8:a9:77:14:f8:12:e1:06:0a:7a:
a4:c7:e6:33:43:02:d8:72:c6:ff:8f:6b:66:2d:48:a6:2c:1e:
49:9e:92:15:63:3d:32:28:19:6c:49:23:83:f8:0d:79:cc:13:
30:9e:17:1f:b0:d7:80:86:7d:72:e9:25:a5:23:6e:b2:5a:1d:
29:4f:28:0c:01:ca:dc:6d:b6:a0:f9:f5:77:fb:09:af:10:73:
36:fa:de:3e:da:bc:c2:c6:a7:f6:53:10:03:43:b0:6d:3d:6e:
97:e5:38:4e
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICSI8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjUw
NzUzMTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk0NUU3NjY1Qzg1MUNB
RjY5MDg3NDI4QzIxQjNGOUExNjhFNEEwNzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDsnHrjInqxrmx+kMS8sKjK/3zjOsBp8rSrZ+ZeydE1zb3AkPSY
AaVmsS8K5LHyucS5VHHVtfnyItu9dP+HJLK+e8RXhWWhIvpY0a23EzTVfPXnk/gN
uOAtNaENegQc+aR2LAAZ9rtYgGUWIN5/vFsTuOEQrQyK+L4BAn/uOtIsHrYg+Qs/
Vs7SjM2DzKqJ3my4zWl9oGsUrKN8qim56V485NBJGMQynLuR5LIY1hWAN47oTCh1
7Bd80uI/AWIYz9fLAQrg4VxQBjHMLstEweXL1eBlMrDYPYlL6VXQMw4B3Vk9oF11
F1EPnpkUkEkQJlRgRlpaBWcU6E0UIprzJ7NJAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUlF52ZchRyvaQh0KMIbP5oWjkoHcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2xGNTJaY2hSeXZhUWgw
S01JYlA1b1dqa29IYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBADFLMXQLhZk8oZj3ppl3wls/p4kjYi9O
6hNbFhy0HVQi5xqWdNFWeyk3ALjJJfUqUPsk1tXuk78xG4aon27kM4fTgequ55RF
jUcYI4oE75S81ZmvAQRTr+FEun8/seXKzihWEDeqibzrK5XSEYkzquTkqR1/HHOh
JQQll/QIBJLgbt8bJqfRq5orC1LAqE2DesdjFbgt3Gx7+Kl3FPgS4QYKeqTH5jND
Athyxv+Pa2YtSKYsHkmekhVjPTIoGWxJI4P4DXnMEzCeFx+w14CGfXLpJaUjbrJa
HSlPKAwBytxttqD59Xf7Ca8Qczb63j7avMLGp/ZTEANDsG09bpflOE4=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:53:16 2025 by rpki-client