Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ZaX6zBN6b43IK-ZDI3Bz0F9TNDU.roa
File: ZaX6zBN6b43IK-ZDI3Bz0F9TNDU.roa (raw, json)
Hash identifier: Lzs/yxk7bVCLHxyksjvV3H13A4I/bqLAn4Mbm6bf4ak=
Subject key identifier: 65:A5:FA:CC:13:7A:6F:8D:C8:2B:E6:43:23:70:73:D0:5F:53:34:35
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4E6F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ZaX6zBN6b43IK-ZDI3Bz0F9TNDU.roa
Signing time: Fri 03 May 2024 03:53:44 +0000
ROA not before: Fri 03 May 2024 03:53:44 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20079 (0x4e6f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 3 03:53:44 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=65A5FACC137A6F8DC82BE643237073D05F533435
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:21:9a:00:be:0f:7f:cd:4c:ce:00:b7:f7:11:
d7:b1:36:7b:47:96:1e:f6:2f:45:03:42:8b:9f:cc:
ea:a9:54:15:d3:80:69:84:5a:58:30:02:14:58:9a:
1e:dc:2b:c1:82:69:31:a0:4a:20:fa:e5:de:06:f5:
ee:6d:66:13:d3:c5:43:5c:79:6d:78:94:65:cd:7e:
fe:4b:1e:97:0d:e0:13:55:f6:26:bc:cc:0e:08:ae:
54:7c:9d:84:0d:f1:3a:b4:06:76:5e:fe:1d:57:5b:
13:2b:b1:1c:c6:5a:88:49:d6:99:5a:67:fc:64:46:
05:97:e2:29:cd:fb:49:78:cc:7e:aa:f9:f3:3c:51:
8b:2b:51:69:e2:7d:60:42:ea:67:a5:e6:24:90:d7:
7d:ea:a5:6e:95:a0:57:68:50:e2:7c:1b:1b:f7:b6:
d7:de:fd:c6:be:ba:9e:3c:ca:59:1d:d8:9a:c1:77:
e4:fc:de:c4:06:2b:b3:f2:ae:da:f9:83:33:8b:ed:
2d:c6:1a:6c:d3:62:a9:b7:65:60:2b:51:00:ff:c8:
22:8d:02:50:82:b6:72:80:45:e1:b8:57:f6:49:10:
a0:29:12:84:de:48:cd:a6:60:1e:1d:52:ac:18:52:
ae:7f:d8:4f:fd:7a:fc:e4:4b:e8:db:09:8d:07:23:
fc:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:A5:FA:CC:13:7A:6F:8D:C8:2B:E6:43:23:70:73:D0:5F:53:34:35
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ZaX6zBN6b43IK-ZDI3Bz0F9TNDU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
52:30:02:f2:b2:94:c1:e3:ff:88:2b:39:8a:ef:c3:bc:34:ba:
cd:ec:98:59:75:51:61:e4:5c:3b:bc:0d:3b:02:0c:b9:39:dc:
09:cf:95:28:1b:d9:57:f5:0b:f6:96:74:0c:ca:49:a8:2b:18:
a5:7b:fa:27:7a:77:2b:1c:1f:29:af:47:f9:77:88:81:a0:dc:
2e:d0:68:42:e5:64:66:9f:c1:67:ea:a8:f5:af:79:d5:c1:4f:
2d:11:ed:80:c5:a7:47:53:90:e8:0a:8a:d1:51:21:7d:bb:a2:
b3:2c:c2:b0:55:5c:5d:e0:7a:ac:67:64:37:38:6b:a0:e4:e4:
c1:67:bf:16:42:22:ae:28:ea:6e:8f:a3:56:5e:77:ed:63:e6:
28:7d:ff:23:b9:a9:cd:59:aa:41:46:79:37:db:d0:ad:2b:4e:
e8:9c:f2:c0:d1:d1:28:6c:b8:6b:7c:65:c7:05:90:9c:fe:c9:
e4:96:2c:c9:ff:b8:00:0b:43:8e:f4:c0:13:eb:5d:36:c9:60:
da:11:c0:4e:59:87:2f:4c:64:85:7b:45:6c:45:ae:14:a6:74:
30:03:1d:d9:1c:97:e4:73:3f:8e:6f:4b:b7:bc:b5:ec:e1:f7:
17:74:c7:af:82:2e:e2:f5:ba:47:cd:ec:7b:72:64:0d:1f:f4:
3f:3d:5f:98
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTm8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDMw
MzUzNDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY1QTVGQUNDMTM3QTZG
OERDODJCRTY0MzIzNzA3M0QwNUY1MzM0MzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvIZoAvg9/zUzOALf3EdexNntHlh72L0UDQoufzOqpVBXTgGmE
WlgwAhRYmh7cK8GCaTGgSiD65d4G9e5tZhPTxUNceW14lGXNfv5LHpcN4BNV9ia8
zA4IrlR8nYQN8Tq0BnZe/h1XWxMrsRzGWohJ1plaZ/xkRgWX4inN+0l4zH6q+fM8
UYsrUWnifWBC6mel5iSQ133qpW6VoFdoUOJ8Gxv3ttfe/ca+up48ylkd2JrBd+T8
3sQGK7Pyrtr5gzOL7S3GGmzTYqm3ZWArUQD/yCKNAlCCtnKAReG4V/ZJEKApEoTe
SM2mYB4dUqwYUq5/2E/9evzkS+jbCY0HI/zDAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUZaX6zBN6b43IK+ZDI3Bz0F9TNDUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1phWDZ6Qk42YjQzSUst
WkRJM0J6MEY5VE5EVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFIwAvKylMHj/4grOYrvw7w0us3smFl1
UWHkXDu8DTsCDLk53AnPlSgb2Vf1C/aWdAzKSagrGKV7+id6dyscHymvR/l3iIGg
3C7QaELlZGafwWfqqPWvedXBTy0R7YDFp0dTkOgKitFRIX27orMswrBVXF3geqxn
ZDc4a6Dk5MFnvxZCIq4o6m6Po1Zed+1j5ih9/yO5qc1ZqkFGeTfb0K0rTuic8sDR
0ShsuGt8ZccFkJz+yeSWLMn/uAALQ470wBPrXTbJYNoRwE5Zhy9MZIV7RWxFrhSm
dDADHdkcl+RzP45vS7e8tezh9xd0x6+CLuL1ukfN7HtyZA0f9D89X5g=
-----END CERTIFICATE-----
Generated at Sat May 17 20:13:08 2025 by rpki-client