Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/xcRe9u2uF7Cj6c6y9v3-3j_R1zQ.roa
File: xcRe9u2uF7Cj6c6y9v3-3j_R1zQ.roa (raw, json)
Hash identifier: Hgco0GMrgeo1AoTxmQkAbjG1Hrv+Wmxg+HGWfAlIM4A=
Subject key identifier: C5:C4:5E:F6:ED:AE:17:B0:A3:E9:CE:B2:F6:FD:FE:DE:3F:D1:D7:34
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 53D3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xcRe9u2uF7Cj6c6y9v3-3j_R1zQ.roa
Signing time: Fri 10 May 2024 08:24:00 +0000
ROA not before: Fri 10 May 2024 08:24:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21459 (0x53d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 10 08:24:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C5C45EF6EDAE17B0A3E9CEB2F6FDFEDE3FD1D734
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:36:20:b2:6b:27:ab:98:71:45:f5:04:ce:26:
f0:87:8c:14:ff:d2:14:7d:a1:2c:9a:9f:bd:9a:f8:
11:8c:63:f6:da:7f:18:e5:65:f7:e5:ca:f4:5a:23:
16:79:25:16:a1:bd:96:0a:cf:a2:64:90:30:26:71:
64:c7:25:0f:4a:e0:6c:f0:86:b4:02:87:7e:10:a8:
f8:18:bf:d2:87:96:d0:ed:f2:15:23:9c:c3:77:67:
f4:ac:c4:1a:85:16:39:f5:62:ee:b5:a3:2f:99:53:
a2:01:7f:19:91:6d:17:a2:bf:3c:88:89:cc:b9:e6:
96:c0:fd:c1:5b:fc:b6:e1:16:32:f9:96:b4:fb:be:
84:10:4d:43:09:3a:98:81:ed:39:d1:67:aa:b3:af:
8b:31:71:51:dd:76:aa:f4:62:02:4a:1e:30:68:b6:
a5:dc:ef:fc:a9:5e:40:09:93:76:36:6e:88:7e:27:
a7:7c:8a:3f:3d:c5:c1:a2:40:7f:03:b8:58:f5:a7:
78:6c:d9:01:95:72:ef:c4:b9:ba:e3:f7:6d:60:fe:
31:12:fc:fc:46:94:29:2f:0e:cb:d3:3f:eb:bd:13:
64:28:35:99:a0:ed:63:f9:53:50:87:d6:27:dd:84:
9d:49:24:ae:79:8a:6e:62:a8:da:0c:9f:98:b8:78:
49:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:C4:5E:F6:ED:AE:17:B0:A3:E9:CE:B2:F6:FD:FE:DE:3F:D1:D7:34
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xcRe9u2uF7Cj6c6y9v3-3j_R1zQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
59:64:6f:7c:6f:40:81:f5:17:41:f9:f3:f4:c4:b1:40:6e:9d:
71:3c:16:76:22:2f:7f:a7:eb:36:e1:a4:b6:11:c1:63:d5:2b:
4d:9f:c0:40:ae:2c:e8:90:eb:d7:21:95:cb:e1:5c:71:e9:e5:
a2:48:f5:62:11:79:6d:6b:34:31:91:6f:24:1c:34:75:ed:82:
b3:bd:a2:42:01:cf:96:8b:4d:81:24:7a:2e:31:8d:d4:34:43:
98:7f:a4:3c:30:b9:4b:88:7e:db:af:fe:6c:5e:b5:86:f7:de:
a8:eb:94:e3:1b:01:b4:f1:02:ff:66:58:8f:ba:f6:ed:a2:bc:
4d:1a:b1:74:0d:4b:2f:d5:ad:59:93:75:90:f8:d4:ea:19:f4:
de:16:14:77:e8:26:95:7a:45:d4:53:55:7c:c3:63:cc:a8:47:
b0:46:30:78:21:b8:a9:f9:ea:43:be:c7:cc:48:e1:16:5b:9c:
8a:d8:5f:93:19:ee:f8:0e:14:f4:8c:e2:75:39:fd:11:25:8c:
56:46:18:0c:1d:4c:16:64:c6:81:a3:a9:bd:5d:40:f1:f0:03:
8c:cf:f1:1e:7b:e7:4e:d3:cb:dc:fc:0c:ad:f9:73:c1:7e:ed:
8f:54:6c:20:a9:f1:10:42:37:de:42:90:59:df:8f:f3:a9:97:
af:cb:30:72
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICU9MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTAw
ODI0MDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM1QzQ1RUY2RURBRTE3
QjBBM0U5Q0VCMkY2RkRGRURFM0ZEMUQ3MzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCcNiCyayermHFF9QTOJvCHjBT/0hR9oSyan72a+BGMY/bafxjl
ZfflyvRaIxZ5JRahvZYKz6JkkDAmcWTHJQ9K4GzwhrQCh34QqPgYv9KHltDt8hUj
nMN3Z/SsxBqFFjn1Yu61oy+ZU6IBfxmRbReivzyIicy55pbA/cFb/LbhFjL5lrT7
voQQTUMJOpiB7TnRZ6qzr4sxcVHddqr0YgJKHjBotqXc7/ypXkAJk3Y2boh+J6d8
ij89xcGiQH8DuFj1p3hs2QGVcu/Eubrj921g/jES/PxGlCkvDsvTP+u9E2QoNZmg
7WP5U1CH1ifdhJ1JJK55im5iqNoMn5i4eEltAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUxcRe9u2uF7Cj6c6y9v3+3j/R1zQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3hjUmU5dTJ1RjdDajZj
Nnk5djMtM2pfUjF6US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFlkb3xvQIH1F0H58/TEsUBunXE8FnYi
L3+n6zbhpLYRwWPVK02fwECuLOiQ69chlcvhXHHp5aJI9WIReW1rNDGRbyQcNHXt
grO9okIBz5aLTYEkei4xjdQ0Q5h/pDwwuUuIftuv/mxetYb33qjrlOMbAbTxAv9m
WI+69u2ivE0asXQNSy/VrVmTdZD41OoZ9N4WFHfoJpV6RdRTVXzDY8yoR7BGMHgh
uKn56kO+x8xI4RZbnIrYX5MZ7vgOFPSM4nU5/REljFZGGAwdTBZkxoGjqb1dQPHw
A4zP8R57507Ty9z8DK35c8F+7Y9UbCCp8RBCN95CkFnfj/Opl6/LMHI=
-----END CERTIFICATE-----
Generated at Sat May 17 20:17:23 2025 by rpki-client