Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/qQ1F70J6lpivYDrxJW6LTYifyiM.roa
File: qQ1F70J6lpivYDrxJW6LTYifyiM.roa (raw, json)
Hash identifier: TxSu+G8SXQ4y+APg8EfXUe/B1nw5Mjr+kxrRGAks3jg=
Subject key identifier: A9:0D:45:EF:42:7A:96:98:AF:60:3A:F1:25:6E:8B:4D:88:9F:CA:23
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 41D3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/qQ1F70J6lpivYDrxJW6LTYifyiM.roa
Signing time: Tue 16 Apr 2024 08:22:57 +0000
ROA not before: Tue 16 Apr 2024 08:22:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16851 (0x41d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 16 08:22:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A90D45EF427A9698AF603AF1256E8B4D889FCA23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:fd:c3:cd:9f:13:aa:95:ee:8b:c6:9d:59:6b:
69:25:42:37:e1:b5:42:e1:ff:6b:5a:f6:e2:5f:9a:
90:51:6d:cf:b3:07:79:fb:f2:c0:a3:78:de:bf:a2:
e3:67:94:50:3c:b8:44:a6:4f:76:89:3f:cd:6f:a6:
1c:67:2c:1d:2f:41:ca:d7:7e:44:b9:71:cb:cd:2a:
b4:c4:64:8b:79:1c:5e:18:00:0c:2e:f5:f3:9c:68:
b1:cf:50:60:14:19:0e:2c:a3:23:46:f2:2c:6c:42:
63:6e:39:c2:6f:01:93:ca:4a:70:58:15:10:d2:b5:
5a:a7:fc:20:4c:b9:46:02:c2:e2:26:fd:53:3a:32:
64:8b:ac:64:a1:f6:95:d8:89:ef:73:a2:7e:12:a8:
e4:e2:8a:d2:f1:67:21:32:3a:8d:8c:ca:47:10:30:
18:7f:b9:c9:1f:15:88:60:ce:eb:96:7c:f7:79:a2:
24:0e:be:10:87:03:21:a3:89:7b:1f:e7:2c:b9:89:
4b:48:28:7a:a7:b7:f8:72:c6:f1:3d:40:9c:f4:e6:
65:7f:0a:4b:76:b0:d4:3b:2d:c7:4c:a6:59:2c:9d:
3f:17:45:2b:83:28:27:6b:8c:dc:5e:2d:40:15:15:
63:ce:a6:ec:42:b3:e4:bd:5b:9e:c1:b5:7c:9b:75:
9a:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:0D:45:EF:42:7A:96:98:AF:60:3A:F1:25:6E:8B:4D:88:9F:CA:23
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/qQ1F70J6lpivYDrxJW6LTYifyiM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
58:6e:28:3e:60:49:21:be:23:48:7d:33:26:06:5d:62:6b:64:
f0:dd:22:98:d5:9a:7a:a1:3b:77:55:a0:44:b7:53:0b:3e:33:
07:50:f9:eb:0f:e0:04:78:77:48:32:5f:65:29:70:7a:a6:88:
c4:59:a8:71:6e:a5:af:16:70:58:95:f5:53:fe:69:f6:5f:d5:
d8:a8:05:42:e2:58:5d:e1:a9:cd:e3:b9:a1:91:11:70:b7:b3:
6e:dd:97:c9:33:ad:fc:e9:f6:3a:8c:d0:85:0f:62:d4:66:70:
79:98:54:67:0a:b7:15:4f:3b:9c:51:02:c0:34:4b:88:5a:d5:
8b:77:ee:5f:07:51:91:2a:ba:29:7b:95:15:ee:e0:c4:df:ec:
72:31:8e:2d:1f:3b:09:df:2e:1c:f1:9f:fd:19:5c:57:a5:fb:
49:59:e3:14:9d:59:76:a2:8e:d5:1f:a4:c9:8d:19:31:82:d1:
60:61:29:f8:35:6d:c4:65:33:11:42:0c:fa:45:b5:03:45:2a:
ef:ab:d9:fc:71:bf:d0:17:aa:3c:51:41:e5:8c:af:66:3f:9a:
14:67:ae:6a:89:f6:f1:ab:ab:a3:9e:1f:f1:71:8e:48:cf:2e:
e5:a3:5b:81:d0:fb:2e:67:15:5e:9a:83:40:0f:93:61:90:86:
8b:d5:95:a1
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQdMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTYw
ODIyNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE5MEQ0NUVGNDI3QTk2
OThBRjYwM0FGMTI1NkU4QjREODg5RkNBMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDG/cPNnxOqle6Lxp1Za2klQjfhtULh/2ta9uJfmpBRbc+zB3n7
8sCjeN6/ouNnlFA8uESmT3aJP81vphxnLB0vQcrXfkS5ccvNKrTEZIt5HF4YAAwu
9fOcaLHPUGAUGQ4soyNG8ixsQmNuOcJvAZPKSnBYFRDStVqn/CBMuUYCwuIm/VM6
MmSLrGSh9pXYie9zon4SqOTiitLxZyEyOo2MykcQMBh/uckfFYhgzuuWfPd5oiQO
vhCHAyGjiXsf5yy5iUtIKHqnt/hyxvE9QJz05mV/Ckt2sNQ7LcdMplksnT8XRSuD
KCdrjNxeLUAVFWPOpuxCs+S9W57BtXybdZoFAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUqQ1F70J6lpivYDrxJW6LTYifyiMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3FRMUY3MEo2bHBpdllE
cnhKVzZMVFlpZnlpTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFhuKD5gSSG+I0h9MyYGXWJrZPDdIpjV
mnqhO3dVoES3Uws+MwdQ+esP4AR4d0gyX2UpcHqmiMRZqHFupa8WcFiV9VP+afZf
1dioBULiWF3hqc3juaGREXC3s27dl8kzrfzp9jqM0IUPYtRmcHmYVGcKtxVPO5xR
AsA0S4ha1Yt37l8HUZEquil7lRXu4MTf7HIxji0fOwnfLhzxn/0ZXFel+0lZ4xSd
WXaijtUfpMmNGTGC0WBhKfg1bcRlMxFCDPpFtQNFKu+r2fxxv9AXqjxRQeWMr2Y/
mhRnrmqJ9vGrq6OeH/FxjkjPLuWjW4HQ+y5nFV6ag0APk2GQhovVlaE=
-----END CERTIFICATE-----
Generated at Sun Jun 15 10:21:40 2025 by rpki-client