Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/13dan7GZa3bK5HwwZjtxXQDgvGw.roa
File: 13dan7GZa3bK5HwwZjtxXQDgvGw.roa (raw, json)
Hash identifier: +rk2rLcMLDd0mr0bOvz5ZyrYjgqrVDqJTcCaxHcBmG0=
Subject key identifier: D7:77:5A:9F:B1:99:6B:76:CA:E4:7C:30:66:3B:71:5D:00:E0:BC:6C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 41EF
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/13dan7GZa3bK5HwwZjtxXQDgvGw.roa
Signing time: Tue 16 Apr 2024 11:53:25 +0000
ROA not before: Tue 16 Apr 2024 11:53:25 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16879 (0x41ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 16 11:53:25 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D7775A9FB1996B76CAE47C30663B715D00E0BC6C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:20:2b:2d:ea:73:44:b0:c7:cc:15:aa:4a:a4:
c1:ac:64:94:24:da:0d:34:a6:16:09:6c:11:10:81:
b7:f8:52:5d:4c:02:e7:3f:6b:b4:03:28:41:f5:c8:
63:4b:a5:2e:0b:b5:48:93:4e:4f:e9:61:e4:08:a6:
46:ff:bd:fe:37:71:da:8e:9e:bc:bf:36:50:18:6a:
fb:2b:d4:f7:03:31:b2:cb:3b:dd:dc:f2:0d:df:4d:
0a:0c:9f:f2:e1:48:b3:50:4e:00:61:c6:b4:0e:5b:
9b:3e:5d:7f:ba:30:9d:f5:54:cf:9e:90:bc:50:14:
31:d5:d0:2b:98:99:78:a2:1c:f1:4d:17:62:11:11:
17:e8:89:33:c1:eb:8e:2a:2e:63:90:5c:2f:a4:8a:
dd:45:78:0a:76:12:81:5c:54:54:6d:65:a0:63:bb:
c9:28:53:7c:58:bb:36:13:07:24:dc:43:12:49:d6:
1c:87:af:99:d5:be:ee:f0:a8:1e:32:b2:2a:7b:c9:
80:66:78:26:27:80:4d:4a:e0:cb:87:11:2e:f2:4b:
9c:04:8c:4b:b8:6b:bf:c0:1f:18:93:d7:07:21:bd:
26:2f:c1:b6:70:54:3e:9a:b6:18:c4:46:04:41:8f:
c5:b4:19:d4:c5:a4:de:00:c0:63:19:fd:b7:95:5f:
49:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:77:5A:9F:B1:99:6B:76:CA:E4:7C:30:66:3B:71:5D:00:E0:BC:6C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/13dan7GZa3bK5HwwZjtxXQDgvGw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
ba:90:d2:0f:5e:1b:7e:c6:fe:7b:80:aa:01:ad:97:2b:5a:c1:
9b:74:ab:cb:e6:1b:28:9c:98:39:89:50:5a:7d:e9:9b:c3:89:
23:4c:ef:80:51:ea:9e:be:39:ef:1f:39:f1:bd:ea:bd:4d:eb:
68:54:a9:97:ea:99:08:7a:cb:57:0e:12:cd:9d:bf:39:e9:5c:
dd:15:78:24:f2:6e:be:09:e8:d9:8c:6c:31:ed:a4:32:65:96:
1f:f1:c1:0f:cc:fe:4c:37:f7:0a:cc:d3:78:b4:4c:71:80:10:
60:0d:42:88:44:d6:33:ee:61:5e:a1:96:c3:50:42:c0:9b:e1:
89:de:be:e5:a8:7c:83:7d:40:ca:97:d5:3c:70:ee:96:e7:7c:
95:91:eb:52:32:60:c2:94:54:1d:c7:b6:b0:8f:c2:b7:cb:1e:
f9:30:65:8b:1d:63:14:6b:ee:f3:4a:0d:d1:c3:83:7e:47:22:
4a:d3:8f:f3:f2:c1:90:1d:59:79:03:7f:2a:7d:84:ba:b7:5d:
da:34:5c:a1:49:8b:d5:3a:48:63:9a:22:9f:2f:bc:b1:f9:a9:
e5:69:eb:a4:c6:21:fc:0c:50:14:c5:89:38:7e:d3:38:9c:01:
6e:50:84:92:c5:ee:80:a5:24:33:75:31:81:27:17:ae:f8:26:
3d:1a:e0:28
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQe8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTYx
MTUzMjVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ3Nzc1QTlGQjE5OTZC
NzZDQUU0N0MzMDY2M0I3MTVEMDBFMEJDNkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCICst6nNEsMfMFapKpMGsZJQk2g00phYJbBEQgbf4Ul1MAuc/
a7QDKEH1yGNLpS4LtUiTTk/pYeQIpkb/vf43cdqOnry/NlAYavsr1PcDMbLLO93c
8g3fTQoMn/LhSLNQTgBhxrQOW5s+XX+6MJ31VM+ekLxQFDHV0CuYmXiiHPFNF2IR
ERfoiTPB644qLmOQXC+kit1FeAp2EoFcVFRtZaBju8koU3xYuzYTByTcQxJJ1hyH
r5nVvu7wqB4ysip7yYBmeCYngE1K4MuHES7yS5wEjEu4a7/AHxiT1wchvSYvwbZw
VD6athjERgRBj8W0GdTFpN4AwGMZ/beVX0mzAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU13dan7GZa3bK5HwwZjtxXQDgvGwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzEzZGFuN0daYTNiSzVI
d3daanR4WFFEZ3ZHdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALqQ0g9eG37G/nuAqgGtlytawZt0q8vm
GyicmDmJUFp96ZvDiSNM74BR6p6+Oe8fOfG96r1N62hUqZfqmQh6y1cOEs2dvznp
XN0VeCTybr4J6NmMbDHtpDJllh/xwQ/M/kw39wrM03i0THGAEGANQohE1jPuYV6h
lsNQQsCb4YnevuWofIN9QMqX1Txw7pbnfJWR61IyYMKUVB3HtrCPwrfLHvkwZYsd
YxRr7vNKDdHDg35HIkrTj/PywZAdWXkDfyp9hLq3Xdo0XKFJi9U6SGOaIp8vvLH5
qeVp66TGIfwMUBTFiTh+0zicAW5QhJLF7oClJDN1MYEnF674Jj0a4Cg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:02 2024 by rpki-client on console-fra.rpki-client.org