Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/0ZKU4HsQ9lgMYuy_q5f1pLrxB-0.roa
File: 0ZKU4HsQ9lgMYuy_q5f1pLrxB-0.roa (raw, json)
Hash identifier: lA5BZevg+iq5fmPMo1y+iC1hvTgyI5NQSAKyllpO6QM=
Subject key identifier: D1:92:94:E0:7B:10:F6:58:0C:62:EC:BF:AB:97:F5:A4:BA:F1:07:ED
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 36AB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0ZKU4HsQ9lgMYuy_q5f1pLrxB-0.roa
Signing time: Mon 01 Apr 2024 11:22:13 +0000
ROA not before: Mon 01 Apr 2024 11:22:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13995 (0x36ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 1 11:22:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D19294E07B10F6580C62ECBFAB97F5A4BAF107ED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:42:64:50:c4:5b:c8:28:1c:e0:a1:8e:d0:bb:
1c:4a:41:19:44:6c:d7:a3:db:53:0e:4b:4e:9b:c8:
65:04:b2:5f:2a:c0:7d:59:6a:54:8d:a9:40:94:66:
4c:d9:32:46:d6:d3:ca:06:2b:a8:d3:ad:58:fa:ee:
33:83:cc:d6:74:b3:5c:50:70:91:fd:23:51:c2:73:
b0:f1:81:a2:2d:fb:3c:c9:7d:32:be:44:55:46:fc:
f4:a8:f7:85:e3:f5:61:9f:a8:9c:20:6a:f9:b0:75:
43:ea:1f:70:bc:9e:25:be:d9:f8:0c:82:24:ca:72:
86:23:56:8c:e8:30:a8:ac:00:bb:0f:26:38:91:43:
ff:8d:49:84:58:19:97:43:96:ea:c3:e9:7d:8b:b7:
0d:bd:21:d4:f4:e7:5a:46:ef:43:5e:65:b3:98:41:
d5:ba:85:52:a5:16:4c:d3:c7:d3:50:cf:5c:c8:9f:
24:31:2d:a3:3b:4e:21:66:45:b4:f3:b5:26:14:2f:
78:15:50:81:a2:02:53:8d:71:e3:e7:f8:24:c7:a1:
a3:15:62:d3:ba:68:90:ad:fb:69:b0:d9:08:b3:42:
44:14:fb:a2:9b:08:82:2e:4a:e6:1e:4f:d5:b9:2d:
98:c9:0f:03:2c:8f:82:6c:54:fb:f4:5c:62:b7:21:
cb:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:92:94:E0:7B:10:F6:58:0C:62:EC:BF:AB:97:F5:A4:BA:F1:07:ED
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0ZKU4HsQ9lgMYuy_q5f1pLrxB-0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
97:69:e8:cb:ca:02:77:15:bb:30:22:90:e0:33:c1:e5:35:14:
55:44:26:3d:16:22:14:e4:49:74:0c:70:b1:1f:8e:19:a9:8c:
f7:ac:d9:bc:8d:bd:64:71:e9:1b:50:c1:88:66:d9:df:b1:c3:
a7:b9:ea:80:fd:f4:ed:7e:a7:7c:7a:e4:95:d7:ff:8a:2b:72:
7b:fd:8c:cc:5b:0d:e1:6c:20:e9:d2:23:2d:71:7c:6a:56:bf:
3d:bb:e2:d5:b0:1d:d1:82:7e:65:ed:a8:f7:43:13:25:8f:49:
56:11:45:b8:c4:23:39:85:fd:e4:e4:57:d7:e0:0e:73:3b:78:
70:ad:12:87:3a:13:92:cd:d9:2b:06:46:2d:2e:6f:b7:c5:42:
8d:50:56:36:5f:cb:3d:63:dc:44:82:dc:ee:ad:58:4b:e8:41:
4b:af:b7:b4:87:b0:b5:30:f1:01:ab:e8:1a:89:c8:27:e3:69:
3e:44:08:8e:9a:9e:9d:be:77:f3:3d:b9:cd:27:04:7b:94:5f:
aa:46:79:1d:4a:41:4a:11:99:32:29:a4:31:0d:bc:99:01:c3:
cb:a9:7e:80:6c:1e:44:c7:f7:b1:c2:ce:36:58:eb:90:93:cf:
aa:fe:1c:b3:47:21:66:73:67:da:3a:e7:b9:74:67:d2:91:9b:
50:64:44:f0
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNqswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDEx
MTIyMTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQxOTI5NEUwN0IxMEY2
NTgwQzYyRUNCRkFCOTdGNUE0QkFGMTA3RUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+QmRQxFvIKBzgoY7QuxxKQRlEbNej21MOS06byGUEsl8qwH1Z
alSNqUCUZkzZMkbW08oGK6jTrVj67jODzNZ0s1xQcJH9I1HCc7DxgaIt+zzJfTK+
RFVG/PSo94Xj9WGfqJwgavmwdUPqH3C8niW+2fgMgiTKcoYjVozoMKisALsPJjiR
Q/+NSYRYGZdDlurD6X2Ltw29IdT051pG70NeZbOYQdW6hVKlFkzTx9NQz1zInyQx
LaM7TiFmRbTztSYUL3gVUIGiAlONcePn+CTHoaMVYtO6aJCt+2mw2QizQkQU+6Kb
CIIuSuYeT9W5LZjJDwMsj4JsVPv0XGK3IcunAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU0ZKU4HsQ9lgMYuy/q5f1pLrxB+0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzBaS1U0SHNROWxnTVl1
eV9xNWYxcExyeEItMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAJdp6MvKAncVuzAikOAzweU1FFVEJj0W
IhTkSXQMcLEfjhmpjPes2byNvWRx6RtQwYhm2d+xw6e56oD99O1+p3x65JXX/4or
cnv9jMxbDeFsIOnSIy1xfGpWvz274tWwHdGCfmXtqPdDEyWPSVYRRbjEIzmF/eTk
V9fgDnM7eHCtEoc6E5LN2SsGRi0ub7fFQo1QVjZfyz1j3ESC3O6tWEvoQUuvt7SH
sLUw8QGr6BqJyCfjaT5ECI6anp2+d/M9uc0nBHuUX6pGeR1KQUoRmTIppDENvJkB
w8upfoBsHkTH97HCzjZY65CTz6r+HLNHIWZzZ9o657l0Z9KRm1BkRPA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:08 2024 by rpki-client on console-ams.rpki-client.org