Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/8GAp69yE4dqVvfTuf9OIhsFv08E.roa
File: 8GAp69yE4dqVvfTuf9OIhsFv08E.roa (raw, json)
Hash identifier: /cXzKtaxP9QmWDyyqDqrQZXmjy3IJAuR95yfM0lBmuk=
Subject key identifier: F0:60:29:EB:DC:84:E1:DA:95:BD:F4:EE:7F:D3:88:86:C1:6F:D3:C1
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 398B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8GAp69yE4dqVvfTuf9OIhsFv08E.roa
Signing time: Fri 05 Apr 2024 07:22:24 +0000
ROA not before: Fri 05 Apr 2024 07:22:24 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14731 (0x398b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 5 07:22:24 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F06029EBDC84E1DA95BDF4EE7FD38886C16FD3C1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:61:81:49:61:57:47:b4:9d:47:85:37:d2:dd:
35:d2:2e:83:f4:8f:63:e4:4a:2f:bf:40:e0:81:6d:
ac:6c:ac:bf:5f:93:f7:11:d3:00:56:24:70:e3:2b:
8e:72:ee:0f:db:3a:7c:ee:f6:ce:1a:ab:06:e6:b9:
d1:66:09:ac:d8:0b:a2:df:4a:cc:5a:53:dc:80:e8:
b4:50:f1:37:46:e4:66:fd:56:c3:5b:b0:f1:64:1d:
bc:27:9b:2f:09:e0:e9:b8:58:15:84:72:1b:3b:aa:
fe:dd:27:a2:bf:cd:2e:03:7b:6b:ef:8f:7f:0f:c5:
36:16:92:1f:2d:83:42:d0:e0:d6:4c:3e:2d:40:d3:
b6:ca:52:c7:2f:90:c7:1f:27:7d:92:d8:61:4a:ec:
9a:3b:a4:ae:8a:0c:00:7b:42:b0:79:9d:a0:ea:5c:
6e:ce:1a:f9:ae:ed:87:02:3e:04:01:e7:c3:21:ca:
15:07:2b:bc:ce:7a:86:77:1b:0b:42:8d:af:ed:1f:
68:bb:c3:29:2f:df:46:81:98:12:2c:cd:2a:a5:07:
9b:c5:fe:c3:39:a8:02:7e:07:64:ff:b6:14:ec:f4:
6e:fa:79:03:b0:30:6a:2a:49:f6:b9:15:d0:06:61:
7f:08:14:94:8c:c9:17:5c:16:ce:51:aa:4b:c3:b2:
10:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:60:29:EB:DC:84:E1:DA:95:BD:F4:EE:7F:D3:88:86:C1:6F:D3:C1
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8GAp69yE4dqVvfTuf9OIhsFv08E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
1a:0b:09:eb:04:7e:ec:53:3b:65:92:29:b1:ed:8f:f6:73:22:
ce:05:fa:e1:d7:d1:93:a3:0f:42:d2:4a:a3:e8:8c:a8:4d:7a:
ad:b7:99:ba:94:dc:34:27:78:78:7e:6d:e4:bc:aa:f4:b0:e8:
13:d5:2d:13:5a:4e:a6:4b:7f:d2:51:e1:51:2a:66:dc:36:cf:
bd:63:be:5d:17:36:ca:38:93:e2:43:08:0a:05:67:d8:27:9e:
8c:ee:93:55:5b:cb:f1:3e:5b:d4:5b:3c:6b:4a:11:f0:fa:75:
31:a4:d9:c3:96:3b:5c:f8:05:a8:8c:be:32:dc:ef:b4:9d:15:
8b:da:90:4e:0c:d7:83:46:1e:70:f3:96:4c:f2:a1:9d:a5:85:
d1:20:f1:0e:da:14:55:55:20:74:07:8d:be:cc:19:4e:82:e8:
84:a5:76:2e:4b:63:73:e2:ec:a4:1c:69:fc:68:5d:0a:f0:73:
83:4c:cc:0c:8e:d3:ab:68:4e:88:b0:95:35:50:2d:80:e9:19:
f6:08:ec:bb:af:f8:3d:c4:79:38:6a:da:12:ca:b0:3d:c4:83:
c1:f5:d7:73:75:6b:fd:79:95:b9:f8:4d:f8:c8:41:61:ca:62:
bb:95:db:4c:e5:06:ab:2c:3c:2c:8c:3f:68:4e:3c:fc:5b:01:
00:18:b3:04
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICOYswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDUw
NzIyMjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEYwNjAyOUVCREM4NEUx
REE5NUJERjRFRTdGRDM4ODg2QzE2RkQzQzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwYYFJYVdHtJ1HhTfS3TXSLoP0j2PkSi+/QOCBbaxsrL9fk/cR
0wBWJHDjK45y7g/bOnzu9s4aqwbmudFmCazYC6LfSsxaU9yA6LRQ8TdG5Gb9VsNb
sPFkHbwnmy8J4Om4WBWEchs7qv7dJ6K/zS4De2vvj38PxTYWkh8tg0LQ4NZMPi1A
07bKUscvkMcfJ32S2GFK7Jo7pK6KDAB7QrB5naDqXG7OGvmu7YcCPgQB58MhyhUH
K7zOeoZ3GwtCja/tH2i7wykv30aBmBIszSqlB5vF/sM5qAJ+B2T/thTs9G76eQOw
MGoqSfa5FdAGYX8IFJSMyRdcFs5RqkvDshAXAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU8GAp69yE4dqVvfTuf9OIhsFv08EwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzhHQXA2OXlFNGRxVnZm
VHVmOU9JaHNGdjA4RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBABoLCesEfuxTO2WSKbHtj/ZzIs4F+uHX
0ZOjD0LSSqPojKhNeq23mbqU3DQneHh+beS8qvSw6BPVLRNaTqZLf9JR4VEqZtw2
z71jvl0XNso4k+JDCAoFZ9gnnozuk1Vby/E+W9RbPGtKEfD6dTGk2cOWO1z4BaiM
vjLc77SdFYvakE4M14NGHnDzlkzyoZ2lhdEg8Q7aFFVVIHQHjb7MGU6C6ISldi5L
Y3Pi7KQcafxoXQrwc4NMzAyO06toToiwlTVQLYDpGfYI7Luv+D3EeThq2hLKsD3E
g8H113N1a/15lbn4TfjIQWHKYruV20zlBqssPCyMP2hOPPxbAQAYswQ=
-----END CERTIFICATE-----
Generated at Sun May 18 06:13:17 2025 by rpki-client