Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/8u7C6G9u2uOqsumjUBcf3yPqU9k.roa
File: 8u7C6G9u2uOqsumjUBcf3yPqU9k.roa (raw, json)
Hash identifier: 9KL/JAJSDlwavuEE3ppA8+p5bqFyrfRZlOZsPW2aAw4=
Subject key identifier: F2:EE:C2:E8:6F:6E:DA:E3:AA:B2:E9:A3:50:17:1F:DF:23:EA:53:D9
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4E3F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8u7C6G9u2uOqsumjUBcf3yPqU9k.roa
Signing time: Thu 02 May 2024 21:53:44 +0000
ROA not before: Thu 02 May 2024 21:53:44 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20031 (0x4e3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 2 21:53:44 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F2EEC2E86F6EDAE3AAB2E9A350171FDF23EA53D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:35:f7:54:b0:b0:46:f1:40:82:f1:b5:d1:fa:
36:b1:79:3b:85:e1:9e:81:5a:6a:21:9f:d5:a0:da:
33:37:61:79:30:e5:ad:2a:d8:d6:ba:81:34:74:ed:
56:99:cc:db:7f:a2:6b:49:a1:fa:51:38:c0:3c:34:
af:a5:7c:02:a0:a5:ef:6a:4e:de:7e:d4:1a:a0:c7:
75:ae:7c:87:cd:f9:78:3d:12:98:a3:eb:3c:19:b6:
cc:0a:fa:ea:bc:bc:18:9c:ac:87:6a:fe:42:0b:44:
cb:33:10:0d:da:6e:c2:14:3a:0f:33:4a:fb:e3:bf:
1b:1e:5b:fc:ec:0e:62:f0:ad:dd:cb:3b:97:af:fe:
6a:cd:70:eb:92:5d:9c:08:da:4d:02:42:e1:31:5b:
7e:99:f0:42:da:e4:2e:3b:e3:76:9f:05:e2:a3:00:
40:65:b1:7b:4b:3b:44:b1:10:ac:f1:a3:dd:4e:0a:
e7:11:da:15:7a:57:de:e7:34:75:6d:8c:ca:e3:2e:
49:18:0a:86:1d:4e:ab:58:bf:b1:ba:10:6d:ef:49:
77:41:6b:51:f8:05:5a:23:39:a2:88:01:e1:6e:0f:
b9:d1:08:27:3e:c7:0e:33:d2:10:55:7e:23:8c:55:
a4:7b:7b:8e:4d:f8:08:da:65:99:11:f8:08:0c:80:
97:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:EE:C2:E8:6F:6E:DA:E3:AA:B2:E9:A3:50:17:1F:DF:23:EA:53:D9
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8u7C6G9u2uOqsumjUBcf3yPqU9k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
0c:32:ac:3e:40:08:61:c1:3f:a5:ba:ea:6b:dc:f5:99:5f:c2:
94:59:0a:fd:24:29:08:7f:58:55:b9:ed:be:f0:1a:cb:29:9f:
1f:6e:81:4f:2e:65:d5:0d:57:c2:5c:08:78:02:05:b0:1e:68:
02:bd:e5:53:24:cb:c8:cd:20:b8:4f:9a:02:92:3d:6d:1b:1a:
56:6c:25:96:e8:eb:54:84:47:71:73:25:02:cb:f4:ab:12:d2:
65:71:14:25:df:95:16:ae:8f:59:ee:f8:5e:16:c1:7f:d9:51:
60:fe:20:30:0e:30:7f:36:55:c1:d2:6a:52:fa:ab:a9:0d:a1:
08:17:28:a0:f1:5f:b9:a2:e6:c5:ac:18:81:d0:62:7d:45:1b:
8d:48:94:a6:ba:af:b2:f7:a0:1c:c4:78:96:8a:74:71:57:31:
80:59:1b:0c:e2:6b:bf:07:f2:85:16:41:7d:96:68:14:e1:97:
73:d9:a8:5b:e4:3e:e7:d1:70:90:05:f0:d3:6c:1f:ef:65:4e:
5c:0d:10:e6:34:e2:1a:19:d3:6e:fe:4e:e2:51:e8:21:9e:fb:
92:f7:2f:83:19:8b:2d:0a:f4:57:93:a8:cc:d3:ae:1a:44:67:
70:ba:88:76:33:71:0d:c6:5e:26:8d:03:ee:40:e5:f0:f6:86:
f1:17:40:dd
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTj8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDIy
MTUzNDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEYyRUVDMkU4NkY2RURB
RTNBQUIyRTlBMzUwMTcxRkRGMjNFQTUzRDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzNfdUsLBG8UCC8bXR+jaxeTuF4Z6BWmohn9Wg2jM3YXkw5a0q
2Na6gTR07VaZzNt/omtJofpROMA8NK+lfAKgpe9qTt5+1Bqgx3WufIfN+Xg9Epij
6zwZtswK+uq8vBicrIdq/kILRMszEA3absIUOg8zSvvjvxseW/zsDmLwrd3LO5ev
/mrNcOuSXZwI2k0CQuExW36Z8ELa5C4743afBeKjAEBlsXtLO0SxEKzxo91OCucR
2hV6V97nNHVtjMrjLkkYCoYdTqtYv7G6EG3vSXdBa1H4BVojOaKIAeFuD7nRCCc+
xw4z0hBVfiOMVaR7e45N+AjaZZkR+AgMgJf7AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU8u7C6G9u2uOqsumjUBcf3yPqU9kwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3Lzh1N0M2Rzl1MnVPcXN1
bWpVQmNmM3lQcVU5ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAAwyrD5ACGHBP6W66mvc9ZlfwpRZCv0k
KQh/WFW57b7wGsspnx9ugU8uZdUNV8JcCHgCBbAeaAK95VMky8jNILhPmgKSPW0b
GlZsJZbo61SER3FzJQLL9KsS0mVxFCXflRauj1nu+F4WwX/ZUWD+IDAOMH82VcHS
alL6q6kNoQgXKKDxX7mi5sWsGIHQYn1FG41IlKa6r7L3oBzEeJaKdHFXMYBZGwzi
a78H8oUWQX2WaBThl3PZqFvkPufRcJAF8NNsH+9lTlwNEOY04hoZ027+TuJR6CGe
+5L3L4MZiy0K9FeTqMzTrhpEZ3C6iHYzcQ3GXiaNA+5A5fD2hvEXQN0=
-----END CERTIFICATE-----
Generated at Sat May 17 20:22:20 2025 by rpki-client