Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/3CdLH7ADcSY890PsweswmPu8Lfk.roa
File: 3CdLH7ADcSY890PsweswmPu8Lfk.roa (raw, json)
Hash identifier: cg8QRij7RP2OWCP/2lWvknrun2nKwQxMzUZkQsKnZvU=
Subject key identifier: DC:27:4B:1F:B0:03:71:26:3C:F7:43:EC:C1:EB:30:98:FB:BC:2D:F9
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 361B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3CdLH7ADcSY890PsweswmPu8Lfk.roa
Signing time: Sun 31 Mar 2024 17:22:12 +0000
ROA not before: Sun 31 Mar 2024 17:22:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13851 (0x361b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 17:22:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DC274B1FB00371263CF743ECC1EB3098FBBC2DF9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:be:d6:5b:0e:70:98:af:a9:9b:34:0c:73:a2:
89:c9:94:92:94:47:54:23:4a:cc:c8:5b:ed:4c:09:
85:6f:12:52:ba:9a:6d:96:bb:d6:1a:9f:b8:4b:38:
6b:da:18:c4:54:99:00:25:9d:89:bf:8b:8d:23:87:
b5:6c:fc:03:77:b9:9f:e6:15:27:38:8a:27:33:be:
97:b0:8c:b4:f7:58:e3:cf:65:ae:d9:8b:5b:4a:bb:
ec:e4:f6:54:05:05:86:b4:2a:5a:1d:58:49:01:e1:
98:d6:18:fa:5b:b8:c0:e6:37:02:0a:c1:f9:9d:bc:
21:0e:aa:3a:e4:ec:18:8b:e5:fc:f3:db:1e:2c:2d:
28:94:f1:ac:92:a3:02:29:61:2c:94:70:e8:3c:75:
5e:94:3a:91:f6:6a:b9:21:8a:c7:2f:0e:b4:eb:10:
50:a1:c1:0a:2f:46:41:0f:02:06:a3:c3:81:8a:2e:
38:64:06:dc:c9:ef:62:ad:44:04:6a:c8:9c:3d:23:
23:ec:4f:ff:37:43:d3:d3:4e:6e:ea:51:32:1e:6d:
c4:73:94:e5:5c:82:a5:84:04:8e:69:bd:69:33:4b:
bf:13:6a:f5:8e:ce:7f:e5:84:ff:6d:b6:07:5c:a5:
8d:60:af:1d:24:5b:6f:c0:b7:24:ee:26:6f:ec:94:
95:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:27:4B:1F:B0:03:71:26:3C:F7:43:EC:C1:EB:30:98:FB:BC:2D:F9
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3CdLH7ADcSY890PsweswmPu8Lfk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
3a:c5:98:97:1a:f5:25:4f:ff:75:f8:af:03:1a:7d:3f:89:85:
f4:70:fa:3d:53:e5:4d:68:3b:c5:58:c7:ed:ca:77:c0:9c:18:
27:fa:a7:f4:49:bf:89:88:6f:85:48:6f:0e:90:09:a5:91:17:
2b:99:8c:b6:7d:f3:35:a8:6e:c4:c1:cd:6a:78:de:d9:69:65:
6e:75:d6:cb:ae:44:c0:de:76:1b:50:12:83:65:23:36:bd:0e:
62:eb:07:8f:10:28:fb:e2:b7:0b:90:ef:03:53:23:55:db:a8:
d2:60:7d:ca:be:33:61:5c:2b:a2:d4:5f:35:dd:4f:82:17:69:
f4:9e:9f:52:86:a1:e9:8f:fc:7f:5d:0f:c2:08:d6:4a:fd:89:
7a:47:e9:71:2a:8d:88:36:8d:fb:d9:f0:76:57:9d:f8:b3:27:
63:b9:d3:a8:d0:3d:56:d0:25:db:5f:b1:cc:db:c2:d0:35:f2:
b8:d4:02:d1:02:0f:4b:80:66:65:1c:b0:27:84:d8:c2:01:47:
29:80:e8:c6:fe:44:db:ae:97:3c:4a:b5:1e:0e:2e:05:72:d5:
00:4a:f5:ed:bb:6a:6b:d0:d0:1a:40:38:6b:a1:ee:03:8c:16:
a8:44:7f:e1:d2:37:97:66:ae:e6:e2:d5:45:e5:60:18:9b:4f:
5d:c5:c5:40
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNhswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEx
NzIyMTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERDMjc0QjFGQjAwMzcx
MjYzQ0Y3NDNFQ0MxRUIzMDk4RkJCQzJERjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8vtZbDnCYr6mbNAxzoonJlJKUR1QjSszIW+1MCYVvElK6mm2W
u9Yan7hLOGvaGMRUmQAlnYm/i40jh7Vs/AN3uZ/mFSc4iiczvpewjLT3WOPPZa7Z
i1tKu+zk9lQFBYa0KlodWEkB4ZjWGPpbuMDmNwIKwfmdvCEOqjrk7BiL5fzz2x4s
LSiU8aySowIpYSyUcOg8dV6UOpH2arkhiscvDrTrEFChwQovRkEPAgajw4GKLjhk
BtzJ72KtRARqyJw9IyPsT/83Q9PTTm7qUTIebcRzlOVcgqWEBI5pvWkzS78TavWO
zn/lhP9ttgdcpY1grx0kW2/AtyTuJm/slJUzAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU3CdLH7ADcSY890PsweswmPu8LfkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzNDZExIN0FEY1NZODkw
UHN3ZXN3bVB1OExmay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBADrFmJca9SVP/3X4rwMafT+JhfRw+j1T
5U1oO8VYx+3Kd8CcGCf6p/RJv4mIb4VIbw6QCaWRFyuZjLZ98zWobsTBzWp43tlp
ZW511suuRMDedhtQEoNlIza9DmLrB48QKPvitwuQ7wNTI1XbqNJgfcq+M2FcK6LU
XzXdT4IXafSen1KGoemP/H9dD8II1kr9iXpH6XEqjYg2jfvZ8HZXnfizJ2O506jQ
PVbQJdtfsczbwtA18rjUAtECD0uAZmUcsCeE2MIBRymA6Mb+RNuulzxKtR4OLgVy
1QBK9e27amvQ0BpAOGuh7gOMFqhEf+HSN5dmrubi1UXlYBibT13FxUA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:04 2024 by rpki-client on console-fra.rpki-client.org