Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/0bHAb0Z43hGbSxGRZnAfIIK-HuQ.roa
File: 0bHAb0Z43hGbSxGRZnAfIIK-HuQ.roa (raw, json)
Hash identifier: +xSu3aJKfHYSWWBXaU3wQST6pJPJ6AIFeW/gQtFstaU=
Subject key identifier: D1:B1:C0:6F:46:78:DE:11:9B:4B:11:91:66:70:1F:20:82:BE:1E:E4
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 490F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0bHAb0Z43hGbSxGRZnAfIIK-HuQ.roa
Signing time: Thu 25 Apr 2024 23:53:19 +0000
ROA not before: Thu 25 Apr 2024 23:53:19 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18703 (0x490f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 25 23:53:19 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D1B1C06F4678DE119B4B119166701F2082BE1EE4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:de:ed:b1:1b:82:69:44:88:31:f0:b4:9e:89:
10:4f:f6:90:e2:6e:37:4d:c3:83:5c:80:76:95:29:
71:0c:1b:d8:16:a5:86:50:e7:fb:eb:55:c7:8d:75:
ec:88:45:1f:b0:2e:fc:68:03:fb:d3:22:6a:96:51:
a8:3a:10:52:40:52:4b:0c:43:00:c2:f6:4d:c5:5f:
97:58:85:f7:92:c3:50:66:65:ab:2c:5b:dd:14:c2:
72:2d:0c:58:92:d8:0c:48:9b:b1:79:7a:d4:43:3d:
70:e2:3b:4f:48:93:1c:31:97:a1:66:5a:e6:9c:79:
a3:7a:dc:45:0a:48:eb:11:bb:4f:0a:71:6c:2e:c1:
f9:61:36:18:15:a5:03:14:a1:c0:66:7a:49:d3:5c:
b8:f2:36:4b:0a:63:8b:42:55:3d:b3:bb:3b:07:39:
3c:7a:1e:fe:d9:13:48:04:50:97:b9:32:b0:d2:ba:
14:1d:43:47:af:5b:eb:76:a4:c6:e1:76:54:8e:d9:
0b:cd:6b:45:80:75:cf:84:72:5f:13:72:fb:be:2e:
23:86:80:57:12:15:12:40:db:ca:c5:fd:5f:03:69:
80:f7:83:2f:b6:61:a7:81:32:e2:fb:9d:10:e8:b7:
9f:01:3c:e5:9f:25:a4:57:d0:34:e1:0f:61:08:b2:
79:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:B1:C0:6F:46:78:DE:11:9B:4B:11:91:66:70:1F:20:82:BE:1E:E4
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/0bHAb0Z43hGbSxGRZnAfIIK-HuQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
78:4a:43:ee:6e:91:9f:b8:e8:5f:b2:95:7b:8b:f6:0f:c3:96:
09:d2:83:0c:4e:b0:90:eb:e5:10:f8:a2:31:27:cf:42:7b:70:
2b:74:76:1d:9b:64:34:89:2b:1e:5b:78:ed:9c:db:7c:05:e1:
a3:47:87:15:c7:df:25:4e:84:c1:f4:14:18:71:e4:72:23:dc:
c0:09:6d:bd:3e:7b:94:13:a0:e2:e5:9c:9e:be:3d:82:3d:9a:
ea:79:4f:17:7a:7d:1a:a1:4b:50:30:59:a5:d7:79:14:8e:f7:
82:76:22:b8:37:d6:2a:bd:1a:8d:8b:d3:8c:a1:ca:77:03:4e:
95:bc:86:cb:7c:de:8c:21:59:07:27:83:00:cd:4c:c6:53:0a:
24:5f:b9:fc:ab:23:ce:ed:78:29:a8:e5:fd:30:c9:93:b0:10:
c6:ab:e6:39:0b:cf:b7:76:b0:e0:da:87:c6:07:13:ba:ad:f8:
25:bd:9d:e6:c1:82:78:ed:98:1b:35:0f:08:40:f5:e5:6a:3b:
dd:eb:1a:8c:cf:6c:4a:30:21:c3:d8:df:55:aa:26:56:f1:43:
fd:2d:85:eb:d5:fd:1e:ee:37:5f:2f:04:db:36:1b:9d:de:6c:
23:b3:2b:74:60:77:ad:ac:fd:3e:f3:0e:ab:a0:77:17:a4:5c:
f7:08:98:1c
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICSQ8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjUy
MzUzMTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQxQjFDMDZGNDY3OERF
MTE5QjRCMTE5MTY2NzAxRjIwODJCRTFFRTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDL3u2xG4JpRIgx8LSeiRBP9pDibjdNw4NcgHaVKXEMG9gWpYZQ
5/vrVceNdeyIRR+wLvxoA/vTImqWUag6EFJAUksMQwDC9k3FX5dYhfeSw1BmZass
W90UwnItDFiS2AxIm7F5etRDPXDiO09Ikxwxl6FmWuaceaN63EUKSOsRu08KcWwu
wflhNhgVpQMUocBmeknTXLjyNksKY4tCVT2zuzsHOTx6Hv7ZE0gEUJe5MrDSuhQd
Q0evW+t2pMbhdlSO2QvNa0WAdc+Ecl8Tcvu+LiOGgFcSFRJA28rF/V8DaYD3gy+2
YaeBMuL7nRDot58BPOWfJaRX0DThD2EIsnnJAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU0bHAb0Z43hGbSxGRZnAfIIK+HuQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzBiSEFiMFo0M2hHYlN4
R1JabkFmSUlLLUh1US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAHhKQ+5ukZ+46F+ylXuL9g/DlgnSgwxO
sJDr5RD4ojEnz0J7cCt0dh2bZDSJKx5beO2c23wF4aNHhxXH3yVOhMH0FBhx5HIj
3MAJbb0+e5QToOLlnJ6+PYI9mup5Txd6fRqhS1AwWaXXeRSO94J2Irg31iq9Go2L
04yhyncDTpW8hst83owhWQcngwDNTMZTCiRfufyrI87teCmo5f0wyZOwEMar5jkL
z7d2sODah8YHE7qt+CW9nebBgnjtmBs1DwhA9eVqO93rGozPbEowIcPY31WqJlbx
Q/0thevV/R7uN18vBNs2G53ebCOzK3Rgd62s/T7zDqugdxekXPcImBw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:08 2024 by rpki-client on console-ams.rpki-client.org