Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/sTBGLaanWf-0xMwYc_LyLs4wpWY.roa
File: sTBGLaanWf-0xMwYc_LyLs4wpWY.roa (raw, json)
Hash identifier: fpRf7R3NFbzcHuB5EhhIO41CciScrn/L5fq18ZUgT3E=
Subject key identifier: B1:30:46:2D:A6:A7:59:FF:B4:C4:CC:18:73:F2:F2:2E:CE:30:A5:66
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3EAF
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sTBGLaanWf-0xMwYc_LyLs4wpWY.roa
Signing time: Fri 12 Apr 2024 03:52:49 +0000
ROA not before: Fri 12 Apr 2024 03:52:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16047 (0x3eaf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 12 03:52:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B130462DA6A759FFB4C4CC1873F2F22ECE30A566
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:04:91:57:f6:57:b7:b1:a0:b0:c8:44:cd:b6:
3a:3d:a3:01:97:5d:54:cd:14:89:09:fb:0c:b5:b2:
06:99:3b:81:27:17:fe:59:c2:9d:dc:3a:d8:ed:35:
ee:56:58:c9:9b:f1:2a:8f:a7:82:1b:ed:e2:0f:5f:
05:9c:c1:6f:9f:0e:a6:8f:02:fc:08:05:bf:ba:ed:
15:53:14:ab:6d:4d:a0:90:8a:75:e6:7f:de:e6:2d:
47:df:ce:00:02:13:22:f9:c3:13:8a:5a:dd:19:7f:
9d:46:bb:91:5a:01:40:0a:64:a2:8c:f7:6d:2a:f2:
ab:e4:f0:6c:87:ce:02:be:c9:3d:b1:4d:af:71:8e:
61:93:8d:09:14:1a:f2:f4:a7:a8:f8:21:58:e0:07:
96:a7:a7:5f:c5:ea:21:07:c6:a6:10:68:75:9b:62:
93:5d:fe:ee:c9:20:fa:d5:66:fe:67:5c:89:da:5b:
b2:56:ab:a1:6d:9d:8d:48:6d:71:49:6f:64:4f:57:
73:d5:1c:0d:84:67:5f:e5:3f:8e:1a:a3:ea:bd:90:
19:d2:ab:c3:ca:b9:64:75:65:2e:2e:25:b4:a2:b2:
17:b5:e2:3b:85:34:61:66:16:d6:49:b5:56:7a:08:
5d:57:a0:07:57:57:67:5d:e3:9e:16:8e:68:e3:21:
f3:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:30:46:2D:A6:A7:59:FF:B4:C4:CC:18:73:F2:F2:2E:CE:30:A5:66
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sTBGLaanWf-0xMwYc_LyLs4wpWY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
b0:94:0d:03:f3:11:ff:03:d7:0e:2c:e7:f7:91:31:c7:90:f9:
4d:c1:c7:17:8f:a1:d8:55:03:ea:bd:2f:db:6e:7b:38:5d:28:
26:b4:5d:37:55:e6:bc:bb:05:45:26:f5:e6:2b:3b:6a:ea:25:
73:4f:d9:18:ea:ac:39:ba:03:dd:37:57:02:9b:21:bc:45:ee:
28:c1:60:b1:c4:07:6c:f1:42:74:cd:8c:88:c1:9d:b7:ca:52:
90:3f:03:3e:90:f7:3c:78:41:10:f6:2b:c5:12:ab:3c:41:b0:
c8:48:c3:2d:f8:7f:65:06:eb:ee:c4:5d:00:c2:78:69:db:01:
d0:8e:b2:2e:66:f2:7e:78:f5:47:3f:14:56:d0:f9:3c:b3:ab:
ad:8d:f8:f6:2a:5d:e3:db:e3:b3:2f:50:d8:0e:36:d4:d0:27:
55:78:b5:0c:1b:89:8a:2a:c1:0f:57:e8:40:f7:00:2e:eb:17:
61:a2:a6:91:38:45:64:e1:55:36:ed:ed:10:09:56:fb:15:d2:
ec:0a:9d:51:18:14:c6:8e:18:4e:ec:28:1b:32:79:82:cb:15:
21:d8:ea:49:4b:3c:3c:d7:73:b3:87:2a:1b:65:c7:ee:f6:ed:
c9:6f:8a:89:be:d3:7a:22:09:88:86:71:ad:88:eb:22:d5:15:
70:7d:dd:04
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPq8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTIw
MzUyNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIxMzA0NjJEQTZBNzU5
RkZCNEM0Q0MxODczRjJGMjJFQ0UzMEE1NjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD1BJFX9le3saCwyETNtjo9owGXXVTNFIkJ+wy1sgaZO4EnF/5Z
wp3cOtjtNe5WWMmb8SqPp4Ib7eIPXwWcwW+fDqaPAvwIBb+67RVTFKttTaCQinXm
f97mLUffzgACEyL5wxOKWt0Zf51Gu5FaAUAKZKKM920q8qvk8GyHzgK+yT2xTa9x
jmGTjQkUGvL0p6j4IVjgB5anp1/F6iEHxqYQaHWbYpNd/u7JIPrVZv5nXInaW7JW
q6FtnY1IbXFJb2RPV3PVHA2EZ1/lP44ao+q9kBnSq8PKuWR1ZS4uJbSishe14juF
NGFmFtZJtVZ6CF1XoAdXV2dd454WjmjjIfPBAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUsTBGLaanWf+0xMwYc/LyLs4wpWYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3NUQkdMYWFuV2YtMHhN
d1ljX0x5THM0d3BXWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALCUDQPzEf8D1w4s5/eRMceQ+U3BxxeP
odhVA+q9L9tuezhdKCa0XTdV5ry7BUUm9eYrO2rqJXNP2RjqrDm6A903VwKbIbxF
7ijBYLHEB2zxQnTNjIjBnbfKUpA/Az6Q9zx4QRD2K8USqzxBsMhIwy34f2UG6+7E
XQDCeGnbAdCOsi5m8n549Uc/FFbQ+Tyzq62N+PYqXePb47MvUNgONtTQJ1V4tQwb
iYoqwQ9X6ED3AC7rF2GippE4RWThVTbt7RAJVvsV0uwKnVEYFMaOGE7sKBsyeYLL
FSHY6klLPDzXc7OHKhtlx+727clviom+03oiCYiGca2I6yLVFXB93QQ=
-----END CERTIFICATE-----
Generated at Sat May 17 20:14:51 2025 by rpki-client