Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/143uwzOqW-izvZ0Cr48eht3eB10.roa
File: 143uwzOqW-izvZ0Cr48eht3eB10.roa (raw, json)
Hash identifier: Nb0IRrDrgVSYMPENtJfT5xfbbYv1mFFcAe0uBpmNdcs=
Subject key identifier: D7:8D:EE:C3:33:AA:5B:E8:B3:BD:9D:02:AF:8F:1E:86:DD:DE:07:5D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4CC3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/143uwzOqW-izvZ0Cr48eht3eB10.roa
Signing time: Tue 30 Apr 2024 22:23:36 +0000
ROA not before: Tue 30 Apr 2024 22:23:36 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19651 (0x4cc3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 30 22:23:36 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D78DEEC333AA5BE8B3BD9D02AF8F1E86DDDE075D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:41:d3:e1:4e:92:d6:39:af:92:0e:df:d6:50:
a7:f7:19:2c:c9:35:72:e3:c6:1b:21:b4:aa:72:01:
b8:83:d0:7d:e5:66:f9:95:f7:86:ae:ce:e4:18:fe:
e3:63:1b:99:e8:e3:99:dd:84:7a:74:4e:cb:22:11:
d9:38:1b:2b:13:08:07:ab:c0:d8:9e:fd:75:c6:7c:
07:8e:99:cd:f6:a4:83:ca:5a:b5:9c:c0:33:1e:f9:
82:d7:2e:c8:7f:7a:22:ae:70:c9:59:3b:0a:c6:e5:
f1:dc:63:a8:a6:e5:c0:1d:37:72:c3:d9:30:1f:19:
b1:6f:ee:15:5e:fa:f1:49:14:b6:2a:14:ce:2b:9f:
40:d2:c2:00:a6:f0:43:3b:9e:3a:b7:7e:17:0f:88:
22:9e:49:39:ab:8d:f6:38:33:e7:71:27:e6:48:6b:
bc:a9:a3:50:75:5c:1f:0b:f4:18:5a:22:e0:79:a1:
5f:de:c2:59:a6:aa:59:65:e2:f9:fc:2f:6b:d1:09:
7b:7b:f1:5a:e0:ef:26:b6:f5:d2:d6:f7:ca:ff:4d:
19:e0:81:bb:3c:e4:cf:28:25:10:89:16:0a:57:7d:
6c:84:60:7e:c8:3f:b5:d4:f6:fc:35:36:d2:8b:6a:
fe:99:ad:b8:64:51:06:c3:0c:26:de:8f:f8:15:1e:
6a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:8D:EE:C3:33:AA:5B:E8:B3:BD:9D:02:AF:8F:1E:86:DD:DE:07:5D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/143uwzOqW-izvZ0Cr48eht3eB10.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
33:86:4f:ad:30:37:e0:3e:f8:fe:f7:44:12:59:26:78:c1:c7:
0c:a7:0e:9a:f6:71:ab:67:20:e6:bd:75:a0:c7:fb:4e:e0:ef:
03:38:a2:86:96:fd:aa:16:3c:47:be:e0:dc:9c:90:ee:ca:20:
d1:2a:78:c7:93:55:66:cd:ed:1e:9a:dd:d5:28:80:db:43:1b:
7e:89:6e:4c:ba:41:0c:6a:f0:4e:ec:bc:c8:8b:5f:ac:0c:f6:
a4:3a:cb:a5:54:ae:22:ca:60:ba:7f:58:f2:88:62:0c:6d:5c:
2e:f4:0c:e1:5c:85:63:a9:46:2b:ed:b5:37:10:aa:cd:31:f5:
0b:76:1d:5d:13:cc:9d:94:dd:65:24:25:b3:f5:cb:52:ff:23:
cd:64:e2:1c:83:67:df:33:a5:5d:13:8a:83:14:30:1a:db:c4:
4b:8c:8d:6d:39:72:6e:be:f0:61:cf:ab:4c:f2:28:a0:55:fa:
ad:78:a7:e7:6f:9e:92:96:02:67:39:68:1e:6f:31:a1:93:c1:
c9:2a:c1:1c:d5:da:28:94:11:c0:75:f1:fe:ef:54:38:11:a6:
78:b4:3b:c1:36:2f:75:60:fb:ac:2c:ef:da:96:39:1a:10:95:
d5:45:7c:28:83:45:de:c1:f4:66:34:4c:cf:5e:67:e0:4e:12:
ec:48:b3:72
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTMMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MzAy
MjIzMzZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ3OERFRUMzMzNBQTVC
RThCM0JEOUQwMkFGOEYxRTg2RERERTA3NUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvQdPhTpLWOa+SDt/WUKf3GSzJNXLjxhshtKpyAbiD0H3lZvmV
94auzuQY/uNjG5no45ndhHp0TssiEdk4GysTCAerwNie/XXGfAeOmc32pIPKWrWc
wDMe+YLXLsh/eiKucMlZOwrG5fHcY6im5cAdN3LD2TAfGbFv7hVe+vFJFLYqFM4r
n0DSwgCm8EM7njq3fhcPiCKeSTmrjfY4M+dxJ+ZIa7ypo1B1XB8L9BhaIuB5oV/e
wlmmqlll4vn8L2vRCXt78Vrg7ya29dLW98r/TRnggbs85M8oJRCJFgpXfWyEYH7I
P7XU9vw1NtKLav6ZrbhkUQbDDCbej/gVHmpDAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU143uwzOqW+izvZ0Cr48eht3eB10wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzE0M3V3ek9xVy1penZa
MENyNDhlaHQzZUIxMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBADOGT60wN+A++P73RBJZJnjBxwynDpr2
catnIOa9daDH+07g7wM4ooaW/aoWPEe+4NyckO7KINEqeMeTVWbN7R6a3dUogNtD
G36Jbky6QQxq8E7svMiLX6wM9qQ6y6VUriLKYLp/WPKIYgxtXC70DOFchWOpRivt
tTcQqs0x9Qt2HV0TzJ2U3WUkJbP1y1L/I81k4hyDZ98zpV0TioMUMBrbxEuMjW05
cm6+8GHPq0zyKKBV+q14p+dvnpKWAmc5aB5vMaGTwckqwRzV2iiUEcB18f7vVDgR
pni0O8E2L3Vg+6ws79qWORoQldVFfCiDRd7B9GY0TM9eZ+BOEuxIs3I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:09 2024 by rpki-client on console-ams.rpki-client.org