Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/dnueYNUnKVhHgRdEeSUTqTfw8iU.roa
File: dnueYNUnKVhHgRdEeSUTqTfw8iU.roa (raw, json)
Hash identifier: oQt0/OxXw7L1+TBj76wIpfSPsspIdwRhZvJJRkYDRP0=
Subject key identifier: 76:7B:9E:60:D5:27:29:58:47:81:17:44:79:25:13:A9:37:F0:F2:25
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4FBB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/dnueYNUnKVhHgRdEeSUTqTfw8iU.roa
Signing time: Sat 04 May 2024 21:23:49 +0000
ROA not before: Sat 04 May 2024 21:23:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20411 (0x4fbb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 4 21:23:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=767B9E60D527295847811744792513A937F0F225
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3b:3f:69:a8:4a:f7:d1:66:cb:7f:57:fc:67:
62:67:6d:83:df:73:2c:03:12:39:ed:60:74:f9:ba:
e8:e0:2a:75:e6:20:3b:18:16:32:3d:87:9f:cc:26:
1b:7d:d3:b5:f6:0a:6d:2d:4c:93:15:00:8c:3f:16:
7d:4b:51:25:a3:7b:59:fd:29:61:f6:62:e5:a4:8d:
d7:0f:dc:09:75:8a:42:6b:12:06:8f:c3:25:79:89:
ae:94:4b:10:60:47:ee:a0:3c:a0:bf:87:24:60:ec:
65:32:9b:60:9a:2a:43:8d:bf:80:a0:67:39:c8:44:
f7:88:d2:f8:f3:46:45:bb:2f:1f:85:12:ef:1d:86:
23:8e:3b:67:a6:05:0d:18:66:e8:af:96:e8:0e:84:
0b:b9:28:41:56:4e:7f:93:a5:af:01:4a:99:d0:03:
8c:8c:cd:9c:33:f6:a8:1d:b0:31:16:4d:68:d6:7e:
64:c2:a6:68:48:1e:5f:67:7d:c5:2b:da:68:15:aa:
20:29:f9:83:f6:12:ca:50:df:6f:b6:ca:ce:43:bf:
c6:b1:8d:65:e2:c4:5b:98:d3:95:1f:83:6c:72:0c:
b9:de:96:92:58:d0:ba:ad:e2:fb:73:24:b6:db:26:
7b:07:57:4e:fc:60:77:05:19:fb:f0:76:44:8a:0f:
38:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:7B:9E:60:D5:27:29:58:47:81:17:44:79:25:13:A9:37:F0:F2:25
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/dnueYNUnKVhHgRdEeSUTqTfw8iU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
5a:2b:f7:d5:51:76:30:d3:47:dc:34:3f:33:92:f9:c2:72:de:
b9:69:fe:56:a7:05:46:98:89:ca:aa:e1:81:11:ce:a8:27:1e:
58:40:e0:76:11:de:d7:c2:54:ae:72:7e:89:6a:4d:0d:8b:78:
f9:c7:2e:00:3b:30:81:d8:d5:e4:04:73:08:15:9e:8d:65:98:
a4:30:1c:c8:87:b1:27:1b:63:ca:ba:37:cd:74:cf:91:71:fc:
55:47:49:77:a4:d2:cb:fc:16:36:d5:5a:07:72:4d:cd:6b:24:
9e:41:55:5a:41:7c:54:c7:00:5c:bf:c0:3d:06:8e:ad:93:7a:
d8:66:d0:db:8d:38:5d:f3:01:1a:36:e4:e8:0b:79:80:7b:ca:
70:40:c7:1a:9f:9b:6d:27:e9:56:4a:71:90:db:01:c7:97:e5:
8f:03:f1:19:50:94:34:54:27:e2:4e:72:34:ec:63:ad:3b:28:
f0:72:d2:1e:f2:65:43:bf:81:84:12:e6:b5:37:23:7c:c4:35:
01:05:59:b8:27:b6:73:66:9c:fc:9b:8c:b2:94:50:74:96:05:
a4:d4:2e:c4:3b:0a:8a:85:6d:f4:94:f4:e0:1e:e2:b5:f6:db:
3d:2f:5c:4b:f8:41:30:ef:32:90:2c:7d:a8:eb:a8:92:84:92:
25:6f:23:0f
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICT7swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDQy
MTIzNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc2N0I5RTYwRDUyNzI5
NTg0NzgxMTc0NDc5MjUxM0E5MzdGMEYyMjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyOz9pqEr30WbLf1f8Z2JnbYPfcywDEjntYHT5uujgKnXmIDsY
FjI9h5/MJht907X2Cm0tTJMVAIw/Fn1LUSWje1n9KWH2YuWkjdcP3Al1ikJrEgaP
wyV5ia6USxBgR+6gPKC/hyRg7GUym2CaKkONv4CgZznIRPeI0vjzRkW7Lx+FEu8d
hiOOO2emBQ0YZuivlugOhAu5KEFWTn+Tpa8BSpnQA4yMzZwz9qgdsDEWTWjWfmTC
pmhIHl9nfcUr2mgVqiAp+YP2EspQ32+2ys5Dv8axjWXixFuY05Ufg2xyDLnelpJY
0Lqt4vtzJLbbJnsHV078YHcFGfvwdkSKDzgxAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUdnueYNUnKVhHgRdEeSUTqTfw8iUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2RudWVZTlVuS1ZoSGdS
ZEVlU1VUcVRmdzhpVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFor99VRdjDTR9w0PzOS+cJy3rlp/lan
BUaYicqq4YERzqgnHlhA4HYR3tfCVK5yfolqTQ2LePnHLgA7MIHY1eQEcwgVno1l
mKQwHMiHsScbY8q6N810z5Fx/FVHSXek0sv8FjbVWgdyTc1rJJ5BVVpBfFTHAFy/
wD0Gjq2Tethm0NuNOF3zARo25OgLeYB7ynBAxxqfm20n6VZKcZDbAceX5Y8D8RlQ
lDRUJ+JOcjTsY607KPBy0h7yZUO/gYQS5rU3I3zENQEFWbgntnNmnPybjLKUUHSW
BaTULsQ7CoqFbfSU9OAe4rX22z0vXEv4QTDvMpAsfajrqJKEkiVvIw8=
-----END CERTIFICATE-----
Generated at Sun May 18 06:13:26 2025 by rpki-client