Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/gEO3QeKtj1g59OTEan9WN3thQPU.roa
File: gEO3QeKtj1g59OTEan9WN3thQPU.roa (raw, json)
Hash identifier: 4CALnJhd7T8fOtWfz7ZE+MSECqYSTew8jrv+JAGblmo=
Subject key identifier: 80:43:B7:41:E2:AD:8F:58:39:F4:E4:C4:6A:7F:56:37:7B:61:40:F5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 512B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/gEO3QeKtj1g59OTEan9WN3thQPU.roa
Signing time: Mon 06 May 2024 19:24:02 +0000
ROA not before: Mon 06 May 2024 19:24:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20779 (0x512b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 6 19:24:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8043B741E2AD8F5839F4E4C46A7F56377B6140F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:d6:a5:69:28:c6:5d:85:01:2b:9c:c1:d3:f4:
68:f9:de:ee:4f:74:73:45:5b:f1:7c:51:ee:d3:8b:
32:49:4f:93:bf:3f:b7:6a:41:38:35:3b:38:5e:49:
c6:78:58:13:62:f0:16:1f:6e:49:ba:91:03:d1:cc:
35:64:1a:dc:f6:40:7d:09:eb:3d:8f:19:24:6a:3f:
c5:cd:d6:3f:89:16:af:22:cb:fd:72:f9:1b:0a:6b:
1b:e7:3e:6f:a3:cd:1b:db:72:a4:e3:57:02:cc:a4:
97:ca:81:e4:ee:88:69:a7:3c:15:77:13:74:90:03:
43:c6:4a:fc:3e:46:6e:c5:da:da:c1:fd:0b:eb:1a:
6a:38:e2:22:f5:91:2b:68:44:ad:5b:a6:90:35:07:
6d:d8:42:79:f7:be:bc:28:b6:ef:5f:1c:65:4c:22:
2d:54:55:ff:cf:1e:28:34:c0:a0:3c:e0:3d:67:df:
01:87:08:c6:20:24:54:b1:40:c3:06:29:1d:98:6e:
09:a7:69:01:d7:32:ee:a9:eb:3e:46:3d:0d:fe:50:
54:3f:73:bd:0c:8f:05:50:5b:32:4b:80:76:ac:0d:
c4:46:e2:fa:16:a7:cc:d0:b9:46:93:36:1d:7a:fc:
76:02:ef:7c:a6:c7:c9:69:99:f3:6f:7e:2e:66:bc:
31:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:43:B7:41:E2:AD:8F:58:39:F4:E4:C4:6A:7F:56:37:7B:61:40:F5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/gEO3QeKtj1g59OTEan9WN3thQPU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
17:6d:88:9d:96:47:db:0a:f2:ea:f1:ac:cb:c0:e0:38:15:b2:
f4:8e:18:5c:10:56:2b:75:20:14:55:b3:61:5b:67:21:50:b6:
97:e5:bc:ca:1f:23:cd:bf:f3:a7:6f:ae:1a:68:91:6f:0a:85:
f0:62:e4:9c:1d:c6:41:9b:38:7a:fd:2f:11:23:80:72:76:11:
a4:ee:95:9a:54:40:01:12:1c:38:6f:a0:d1:b5:d0:81:1c:0f:
ba:41:75:e6:b3:2d:88:8f:34:d0:bd:d3:56:e2:3c:0b:50:98:
a3:60:c0:e6:fc:98:99:02:e7:01:07:dd:4d:40:af:87:f5:15:
34:05:67:d6:b6:eb:11:3a:c3:d0:88:0b:c3:ae:7b:ff:dc:cb:
da:da:a5:57:4b:0f:1d:51:72:d3:2a:81:d1:a1:1f:96:76:94:
48:fd:af:41:0e:28:b5:de:19:70:58:82:09:0b:b3:7a:e6:24:
7a:98:b2:6f:96:f4:cf:8b:c4:ad:f0:d4:3c:00:58:0d:2c:f7:
9c:40:ed:33:d9:3b:28:85:c0:59:e6:72:a6:dd:64:7c:a0:5a:
8e:23:25:8c:7c:bf:71:c0:2c:c8:ca:6a:26:97:de:a4:a0:60:
b3:5e:d8:c3:af:c7:d5:0f:47:12:aa:77:80:61:a2:a0:31:e3:
a4:36:6c:f6
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICUSswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDYx
OTI0MDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDgwNDNCNzQxRTJBRDhG
NTgzOUY0RTRDNDZBN0Y1NjM3N0I2MTQwRjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDh1qVpKMZdhQErnMHT9Gj53u5PdHNFW/F8Ue7TizJJT5O/P7dq
QTg1OzheScZ4WBNi8BYfbkm6kQPRzDVkGtz2QH0J6z2PGSRqP8XN1j+JFq8iy/1y
+RsKaxvnPm+jzRvbcqTjVwLMpJfKgeTuiGmnPBV3E3SQA0PGSvw+Rm7F2trB/Qvr
Gmo44iL1kStoRK1bppA1B23YQnn3vrwotu9fHGVMIi1UVf/PHig0wKA84D1n3wGH
CMYgJFSxQMMGKR2YbgmnaQHXMu6p6z5GPQ3+UFQ/c70MjwVQWzJLgHasDcRG4voW
p8zQuUaTNh16/HYC73ymx8lpmfNvfi5mvDEFAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUgEO3QeKtj1g59OTEan9WN3thQPUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2dFTzNRZUt0ajFnNTlP
VEVhbjlXTjN0aFFQVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBABdtiJ2WR9sK8urxrMvA4DgVsvSOGFwQ
Vit1IBRVs2FbZyFQtpflvMofI82/86dvrhpokW8KhfBi5JwdxkGbOHr9LxEjgHJ2
EaTulZpUQAESHDhvoNG10IEcD7pBdeazLYiPNNC901biPAtQmKNgwOb8mJkC5wEH
3U1Ar4f1FTQFZ9a26xE6w9CIC8Oue//cy9rapVdLDx1RctMqgdGhH5Z2lEj9r0EO
KLXeGXBYggkLs3rmJHqYsm+W9M+LxK3w1DwAWA0s95xA7TPZOyiFwFnmcqbdZHyg
Wo4jJYx8v3HALMjKaiaX3qSgYLNe2MOvx9UPRxKqd4BhoqAx46Q2bPY=
-----END CERTIFICATE-----
Generated at Sat May 17 20:48:24 2025 by rpki-client