Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/-Y_W6PE-CSibO8_4vWv7IzePSAQ.roa
File: -Y_W6PE-CSibO8_4vWv7IzePSAQ.roa (raw, json)
Hash identifier: cAnVUOwwX2NaCiyI9XzFvAXKNup9DXM+wEG1jGltny4=
Subject key identifier: F9:8F:D6:E8:F1:3E:09:28:9B:3B:CF:F8:BD:6B:FB:23:37:8F:48:04
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 537B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/-Y_W6PE-CSibO8_4vWv7IzePSAQ.roa
Signing time: Thu 09 May 2024 21:24:00 +0000
ROA not before: Thu 09 May 2024 21:24:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21371 (0x537b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 9 21:24:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F98FD6E8F13E09289B3BCFF8BD6BFB23378F4804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:81:8a:bb:02:c2:d9:f3:f8:b6:af:fc:8a:23:
3a:6a:cf:80:70:ba:02:ab:47:64:3b:80:56:83:1d:
9b:ff:07:e2:1b:a6:1e:4b:c5:33:fa:a5:1d:a8:ba:
52:5d:0d:5f:de:7d:25:22:4e:f5:fb:b0:19:00:9d:
6a:92:1d:eb:c2:5c:b7:4e:cc:ac:9c:a5:6e:c8:e6:
b8:07:eb:45:71:2d:82:39:0d:5c:ad:54:2f:a5:5d:
53:04:e7:0e:14:da:d2:6d:4d:fd:be:c1:09:dd:03:
c7:37:c3:a8:a1:ab:78:f6:8b:46:9a:f4:5d:f1:fb:
3f:d8:69:f8:6c:66:52:ef:69:7c:e7:37:99:1c:8f:
66:cf:a8:36:80:e1:eb:f9:2b:07:2a:e1:cb:0e:5d:
10:00:c5:34:b5:34:45:44:35:f2:d9:39:2a:91:26:
27:ad:69:b0:b3:7d:92:22:c1:9d:bc:18:b1:9e:8d:
06:d4:75:78:5b:f9:28:a3:c0:99:b1:52:60:cb:97:
dd:23:e5:14:36:d2:80:48:29:96:8a:db:38:39:fa:
c4:9f:b7:1a:ab:5b:3c:ce:44:7c:ea:ed:f0:f6:0d:
8c:1b:1e:36:83:dc:b7:45:a0:1d:2d:7a:99:c6:00:
b8:b9:bb:31:cc:46:bb:0d:33:6b:7b:b0:b8:2d:8a:
a6:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:8F:D6:E8:F1:3E:09:28:9B:3B:CF:F8:BD:6B:FB:23:37:8F:48:04
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/-Y_W6PE-CSibO8_4vWv7IzePSAQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
74:3d:e2:63:e3:be:31:db:ae:99:32:08:eb:6d:42:36:1f:b7:
d2:4e:17:19:18:dc:1d:14:64:0f:fa:1f:48:b1:0f:69:8b:60:
1b:7d:5a:1e:21:21:b9:d3:73:8e:46:31:fc:d5:0c:be:84:3b:
00:63:a8:02:56:8a:76:62:0c:9e:ec:1a:7b:55:03:e2:4c:61:
e0:c6:98:88:53:e9:39:68:41:b3:a8:c8:02:46:bf:43:a4:f5:
91:97:cb:be:c0:6f:f6:d0:0e:d8:7a:f1:e0:00:0b:b5:b4:34:
b8:0f:21:6c:a0:45:54:f1:e3:1e:cc:f0:30:a4:dc:2b:05:cf:
9a:c8:bb:82:61:15:54:2b:1f:fa:f0:50:b6:04:a5:5c:b9:21:
58:19:17:dc:22:35:3c:2c:4d:52:cc:9b:49:55:65:f6:ae:8b:
14:b2:9e:22:8b:33:7a:7b:39:8c:34:32:a2:37:c3:93:a3:fc:
8a:db:da:ef:9d:89:1e:3c:4c:80:25:15:59:0e:53:e4:2f:84:
63:a2:9b:4b:3d:e1:89:2c:6f:03:95:27:96:f8:1e:f9:41:a4:
bb:78:1d:9e:6e:e4:03:10:14:b7:47:e8:34:4e:14:a1:16:9d:
c2:6e:bb:78:95:a9:e3:37:f6:11:ad:59:59:cb:9d:73:75:7b:
dd:46:8e:c2
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICU3swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDky
MTI0MDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY5OEZENkU4RjEzRTA5
Mjg5QjNCQ0ZGOEJENkJGQjIzMzc4RjQ4MDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxgYq7AsLZ8/i2r/yKIzpqz4BwugKrR2Q7gFaDHZv/B+Ibph5L
xTP6pR2oulJdDV/efSUiTvX7sBkAnWqSHevCXLdOzKycpW7I5rgH60VxLYI5DVyt
VC+lXVME5w4U2tJtTf2+wQndA8c3w6ihq3j2i0aa9F3x+z/YafhsZlLvaXznN5kc
j2bPqDaA4ev5Kwcq4csOXRAAxTS1NEVENfLZOSqRJietabCzfZIiwZ28GLGejQbU
dXhb+SijwJmxUmDLl90j5RQ20oBIKZaK2zg5+sSftxqrWzzORHzq7fD2DYwbHjaD
3LdFoB0tepnGALi5uzHMRrsNM2t7sLgtiqafAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU+Y/W6PE+CSibO8/4vWv7IzePSAQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3Ly1ZX1c2UEUtQ1NpYk84
XzR2V3Y3SXplUFNBUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAHQ94mPjvjHbrpkyCOttQjYft9JOFxkY
3B0UZA/6H0ixD2mLYBt9Wh4hIbnTc45GMfzVDL6EOwBjqAJWinZiDJ7sGntVA+JM
YeDGmIhT6TloQbOoyAJGv0Ok9ZGXy77Ab/bQDth68eAAC7W0NLgPIWygRVTx4x7M
8DCk3CsFz5rIu4JhFVQrH/rwULYEpVy5IVgZF9wiNTwsTVLMm0lVZfauixSyniKL
M3p7OYw0MqI3w5Oj/Irb2u+diR48TIAlFVkOU+QvhGOim0s94YksbwOVJ5b4HvlB
pLt4HZ5u5AMQFLdH6DROFKEWncJuu3iVqeM39hGtWVnLnXN1e91GjsI=
-----END CERTIFICATE-----
Generated at Sun May 18 15:30:29 2025 by rpki-client