Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/2avS5l9qvdXJXYJPtKZWw861Gz0.roa
File: 2avS5l9qvdXJXYJPtKZWw861Gz0.roa (raw, json)
Hash identifier: u42pCKijaTfloFUgJpz/E/8yCiZ+JnAwAt3HGDydVd0=
Subject key identifier: D9:AB:D2:E6:5F:6A:BD:D5:C9:5D:82:4F:B4:A6:56:C3:CE:B5:1B:3D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 55E7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2avS5l9qvdXJXYJPtKZWw861Gz0.roa
Signing time: Mon 13 May 2024 02:54:21 +0000
ROA not before: Mon 13 May 2024 02:54:21 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21991 (0x55e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 02:54:21 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D9ABD2E65F6ABDD5C95D824FB4A656C3CEB51B3D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:10:ff:37:c1:ef:43:32:51:25:d3:b4:57:d6:
dd:65:81:6d:19:04:db:fe:34:f7:65:b9:1f:63:15:
99:99:72:ab:ce:90:9a:07:60:47:7e:fd:db:84:bd:
ee:29:b8:ac:d6:d1:26:83:a3:c2:20:76:29:cc:93:
c9:3c:43:83:d3:28:1a:b9:30:55:b4:6d:c0:57:f0:
c5:a4:05:99:72:b4:25:e4:d1:b5:f7:14:5b:5c:48:
65:f6:6e:78:9b:20:76:a9:1e:f4:2e:08:d2:90:02:
71:52:21:a9:b5:bd:6e:bf:fb:d4:98:7a:23:13:02:
6c:4b:e1:5f:0d:26:5c:08:e4:85:c4:57:14:0a:31:
19:0e:d3:1e:a6:0a:2e:0f:57:68:1d:df:3e:69:27:
ce:4d:24:a3:a9:13:83:e6:27:06:16:46:4c:c9:56:
b5:84:f7:0b:f2:e5:2e:1e:af:ae:0f:ba:1f:ec:0e:
e9:ee:3b:d0:91:a5:86:70:e7:cc:4c:ec:c1:25:74:
47:0e:c5:bf:7b:d3:46:d6:8c:bf:21:e6:df:61:f1:
ca:f3:14:bc:9b:25:2a:16:3b:20:74:5a:76:58:58:
af:8f:fa:c9:84:73:95:c4:bd:4b:c0:28:8e:f5:86:
fb:6d:c0:63:7f:76:c9:40:98:54:e2:4c:c4:8f:d9:
42:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:AB:D2:E6:5F:6A:BD:D5:C9:5D:82:4F:B4:A6:56:C3:CE:B5:1B:3D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/2avS5l9qvdXJXYJPtKZWw861Gz0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
4e:d3:24:ca:96:d2:d8:9a:3c:5d:42:60:8c:01:b8:18:4b:58:
0e:c1:f8:0e:55:2e:d4:a7:81:32:49:38:92:5b:ae:8d:e6:3f:
41:59:21:1c:09:80:be:2c:20:59:27:a6:68:92:b1:d9:88:5e:
e8:09:85:06:76:4e:a9:6b:86:6d:c4:19:fb:42:ae:25:4b:2d:
ba:5e:76:15:da:ae:fe:c6:78:d8:73:2b:01:d9:51:71:ba:9b:
87:b7:df:4e:13:e4:28:fb:ef:82:6f:2c:97:57:56:95:29:43:
45:9a:44:bc:c1:79:94:8c:55:ea:90:fe:82:89:26:17:91:54:
6c:f2:d1:07:69:b2:8b:85:d0:64:8a:84:22:e3:f8:9b:eb:01:
c9:cf:57:e1:b3:0f:19:48:72:a8:86:ed:e1:04:ac:12:bc:81:
21:85:48:1d:4e:0e:7a:7b:84:ee:6d:ff:30:65:33:9d:14:b0:
06:46:eb:7e:61:be:72:e0:93:cf:4c:06:b7:55:f7:ef:3d:bd:
2a:33:fc:f8:33:86:57:e8:93:b7:8b:57:e9:ca:0f:e9:31:67:
89:6d:02:4d:d5:61:98:a8:93:d5:2a:bd:1c:57:1c:41:ec:9a:
45:30:57:f0:e1:9a:40:af:29:06:10:80:f4:ce:a5:4a:fa:70:
99:0d:5c:aa
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICVecwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTMw
MjU0MjFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ5QUJEMkU2NUY2QUJE
RDVDOTVEODI0RkI0QTY1NkMzQ0VCNTFCM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYEP83we9DMlEl07RX1t1lgW0ZBNv+NPdluR9jFZmZcqvOkJoH
YEd+/duEve4puKzW0SaDo8IgdinMk8k8Q4PTKBq5MFW0bcBX8MWkBZlytCXk0bX3
FFtcSGX2bnibIHapHvQuCNKQAnFSIam1vW6/+9SYeiMTAmxL4V8NJlwI5IXEVxQK
MRkO0x6mCi4PV2gd3z5pJ85NJKOpE4PmJwYWRkzJVrWE9wvy5S4er64Puh/sDunu
O9CRpYZw58xM7MEldEcOxb9700bWjL8h5t9h8crzFLybJSoWOyB0WnZYWK+P+smE
c5XEvUvAKI71hvttwGN/dslAmFTiTMSP2UKdAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU2avS5l9qvdXJXYJPtKZWw861Gz0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzJhdlM1bDlxdmRYSlhZ
SlB0S1pXdzg2MUd6MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAE7TJMqW0tiaPF1CYIwBuBhLWA7B+A5V
LtSngTJJOJJbro3mP0FZIRwJgL4sIFknpmiSsdmIXugJhQZ2Tqlrhm3EGftCriVL
LbpedhXarv7GeNhzKwHZUXG6m4e3304T5Cj774JvLJdXVpUpQ0WaRLzBeZSMVeqQ
/oKJJheRVGzy0QdpsouF0GSKhCLj+JvrAcnPV+GzDxlIcqiG7eEErBK8gSGFSB1O
Dnp7hO5t/zBlM50UsAZG635hvnLgk89MBrdV9+89vSoz/Pgzhlfok7eLV+nKD+kx
Z4ltAk3VYZiok9UqvRxXHEHsmkUwV/DhmkCvKQYQgPTOpUr6cJkNXKo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:11 2024 by rpki-client on console-ams.rpki-client.org