Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/kXLmAfNiLbtPXE27KvwfuGtKwFk.roa
File: kXLmAfNiLbtPXE27KvwfuGtKwFk.roa (raw, json)
Hash identifier: oFZNRF+mQgPrWsuI3Nqz2/5xjO3tu7Dn+HEENCaSMjc=
Subject key identifier: 91:72:E6:01:F3:62:2D:BB:4F:5C:4D:BB:2A:FC:1F:B8:6B:4A:C0:59
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4013
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kXLmAfNiLbtPXE27KvwfuGtKwFk.roa
Signing time: Sun 14 Apr 2024 00:22:56 +0000
ROA not before: Sun 14 Apr 2024 00:22:56 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16403 (0x4013)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 00:22:56 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9172E601F3622DBB4F5C4DBB2AFC1FB86B4AC059
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:8d:8b:2e:db:dd:0e:30:4f:e4:f1:ff:5f:20:
9e:18:14:72:e2:63:7c:68:05:31:c2:a2:1d:2f:f5:
fa:67:2c:e6:64:f2:31:82:de:b2:ce:aa:78:f5:92:
05:1d:5d:f6:55:5c:f3:41:f3:aa:d0:3c:37:35:c3:
a1:6c:8a:45:2e:bb:4c:b1:cf:ff:05:a2:94:1f:20:
7c:e7:1f:0f:c7:15:77:9d:f5:39:95:84:42:b1:de:
64:98:d2:b1:98:3b:d4:f8:b8:9d:ca:95:e5:03:3b:
80:b6:2b:8c:3d:ba:80:71:15:33:fb:34:9e:b2:08:
73:f6:c0:ce:53:47:67:87:44:49:9d:5c:ef:b7:44:
3f:15:c1:80:fe:72:c8:f1:4f:40:62:4d:60:79:01:
44:18:1c:cc:c8:73:a4:ad:b3:9e:f2:e6:76:d3:82:
d3:fd:7a:ab:69:72:c1:82:d8:78:f7:93:51:21:45:
ee:27:5d:de:0c:13:35:c5:f7:ce:97:ba:41:7d:5d:
95:03:40:8d:6a:af:9f:ac:f6:9c:22:45:f8:01:4d:
5a:f6:3c:bc:c6:81:e7:cb:85:40:d7:d3:35:de:b2:
97:1b:db:61:b0:2f:af:46:58:44:9e:8c:3b:44:06:
bc:6f:7c:60:7e:00:db:a8:06:d4:59:1c:23:1b:3d:
b3:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:72:E6:01:F3:62:2D:BB:4F:5C:4D:BB:2A:FC:1F:B8:6B:4A:C0:59
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kXLmAfNiLbtPXE27KvwfuGtKwFk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
3d:82:87:92:84:3f:a2:46:81:34:07:51:56:26:27:9a:94:c4:
9f:71:dc:1f:50:10:d5:41:2d:2d:c8:7f:0b:01:a8:cf:1a:6a:
82:e2:d6:a1:78:d5:4a:30:3d:fc:8a:c9:98:99:4a:d7:16:98:
7f:ff:d8:1b:f7:42:6c:22:b0:2c:b8:0a:bc:78:d8:a0:41:db:
7c:22:fb:08:92:b2:44:ad:9a:d9:b9:e6:37:4a:00:b2:cc:16:
00:f7:ae:09:52:6a:aa:f2:40:07:ba:25:e8:05:f6:e4:0b:cc:
3d:d2:cd:e9:e3:f0:d4:c3:09:a1:12:2b:c1:5c:00:99:10:79:
95:32:6c:ea:98:fa:03:a0:d4:f5:3c:8e:d2:89:f1:68:f8:03:
46:7f:d8:8d:8d:ea:4a:1a:e1:dd:2a:d9:81:89:7e:79:95:e8:
84:2c:dc:07:5b:40:e7:35:38:08:fb:ce:c5:d7:bc:a5:53:b9:
45:94:4e:b7:0d:d7:7c:f5:07:39:cc:2e:1d:34:9f:c4:7f:fe:
7a:4d:82:b0:7d:49:c9:1e:94:00:3f:67:5b:89:7c:5a:25:b4:
09:68:c8:3a:f0:29:a1:51:a4:9d:1f:a6:d4:66:5a:b6:dc:ed:
54:95:38:63:2c:61:ee:4a:59:24:fc:9b:09:e3:0e:48:87:7a:
c6:a3:44:1f
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQBMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQw
MDIyNTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkxNzJFNjAxRjM2MjJE
QkI0RjVDNERCQjJBRkMxRkI4NkI0QUMwNTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgjYsu290OME/k8f9fIJ4YFHLiY3xoBTHCoh0v9fpnLOZk8jGC
3rLOqnj1kgUdXfZVXPNB86rQPDc1w6FsikUuu0yxz/8FopQfIHznHw/HFXed9TmV
hEKx3mSY0rGYO9T4uJ3KleUDO4C2K4w9uoBxFTP7NJ6yCHP2wM5TR2eHREmdXO+3
RD8VwYD+csjxT0BiTWB5AUQYHMzIc6Sts57y5nbTgtP9eqtpcsGC2Hj3k1EhRe4n
Xd4MEzXF986XukF9XZUDQI1qr5+s9pwiRfgBTVr2PLzGgefLhUDX0zXespcb22Gw
L69GWESejDtEBrxvfGB+ANuoBtRZHCMbPbMLAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUkXLmAfNiLbtPXE27KvwfuGtKwFkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2tYTG1BZk5pTGJ0UFhF
MjdLdndmdUd0S3dGay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAD2Ch5KEP6JGgTQHUVYmJ5qUxJ9x3B9Q
ENVBLS3IfwsBqM8aaoLi1qF41UowPfyKyZiZStcWmH//2Bv3QmwisCy4Crx42KBB
23wi+wiSskStmtm55jdKALLMFgD3rglSaqryQAe6JegF9uQLzD3Szenj8NTDCaES
K8FcAJkQeZUybOqY+gOg1PU8jtKJ8Wj4A0Z/2I2N6koa4d0q2YGJfnmV6IQs3Adb
QOc1OAj7zsXXvKVTuUWUTrcN13z1BznMLh00n8R//npNgrB9SckelAA/Z1uJfFol
tAloyDrwKaFRpJ0fptRmWrbc7VSVOGMsYe5KWST8mwnjDkiHesajRB8=
-----END CERTIFICATE-----
Generated at Sun May 18 15:57:53 2025 by rpki-client