Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/3SQSoGuo5JTQ-3aP5mLVeWYx3r0.roa
File: 3SQSoGuo5JTQ-3aP5mLVeWYx3r0.roa (raw, json)
Hash identifier: +0FXW64EyYvwbjQUFzWfr03GbMdq+0gtWMnunMgip20=
Subject key identifier: DD:24:12:A0:6B:A8:E4:94:D0:FB:76:8F:E6:62:D5:79:66:31:DE:BD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4C8B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3SQSoGuo5JTQ-3aP5mLVeWYx3r0.roa
Signing time: Tue 30 Apr 2024 15:23:34 +0000
ROA not before: Tue 30 Apr 2024 15:23:34 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19595 (0x4c8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 30 15:23:34 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DD2412A06BA8E494D0FB768FE662D5796631DEBD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:f6:9b:b2:29:78:f9:8b:03:bb:db:d1:f2:bc:
73:9a:13:74:35:09:9e:d8:92:cc:75:c6:0e:b2:ab:
5b:6d:66:fb:f5:93:31:ee:af:c0:61:9e:24:9b:4f:
36:d8:73:91:c5:9e:83:fd:d1:16:7c:8b:71:41:18:
5a:c1:b2:ad:94:bd:03:8c:86:f5:fa:f6:fc:22:a4:
37:18:b7:6a:0b:0e:e3:9e:63:26:a3:61:b9:af:e6:
48:5b:63:f0:4e:f1:c3:63:4b:6e:45:96:0b:7b:a1:
7a:25:87:2f:62:35:2b:27:ce:6c:c3:3a:fc:98:a5:
dc:2d:6c:d5:64:12:89:49:23:0f:e7:dd:8f:e5:f5:
d4:bf:74:62:7a:e3:e1:a5:ad:62:26:a7:b5:ec:41:
94:6a:d5:02:a6:69:7d:56:25:4f:1b:58:9b:63:66:
de:6d:23:b8:e6:64:32:06:ad:e4:09:31:4d:5b:ae:
7d:bb:e2:9b:9e:00:43:6c:ad:70:5e:57:1c:aa:83:
53:e4:44:66:bb:e3:b7:c6:03:cf:5b:eb:77:e2:cb:
62:dc:5d:f7:33:7c:a3:8a:66:e3:9b:4f:4e:11:0d:
01:d5:a2:db:2c:39:18:02:89:6e:4a:6c:04:de:94:
30:45:14:06:cb:20:38:bc:e0:d5:d1:5e:a9:b9:6c:
83:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:24:12:A0:6B:A8:E4:94:D0:FB:76:8F:E6:62:D5:79:66:31:DE:BD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3SQSoGuo5JTQ-3aP5mLVeWYx3r0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
02:cd:b2:df:81:ce:78:25:65:82:78:ad:89:45:9f:8e:78:b9:
81:59:fc:d7:2b:a2:d9:8c:3a:a5:82:a6:1f:10:7c:aa:dd:80:
79:38:79:02:93:09:77:cd:0c:dc:5d:5c:4d:38:27:f9:c5:3c:
ec:35:b8:7b:a2:9f:7e:19:95:ac:0d:41:36:26:39:8a:0e:66:
8e:42:8f:6c:51:07:44:67:75:46:2b:17:b8:13:84:1f:7d:f1:
d9:42:5f:f7:00:5e:e1:a7:ca:eb:21:92:ad:2b:3b:98:94:63:
69:77:ee:15:84:d4:05:0d:66:12:8b:39:c1:11:70:74:2c:c9:
2e:fe:17:1b:19:50:b5:90:5a:07:a3:e4:7c:a4:c7:f7:53:18:
b4:c1:0b:9b:5b:85:a3:70:a5:de:7f:04:00:13:c5:42:a0:d7:
ac:f0:0f:fa:d2:0f:39:34:2e:b8:60:cb:2e:24:51:2d:27:4b:
c6:f0:10:47:d2:b6:fd:51:6a:8a:61:89:62:8a:6f:b3:18:df:
5f:11:98:ad:34:f4:fb:c6:40:fb:74:d7:5f:cf:9b:16:5b:6b:
1a:a7:3c:f0:dd:e8:95:69:20:b3:83:ff:1a:de:4c:b6:55:78:
92:81:5f:b2:41:11:b1:8e:92:c6:ed:1b:68:1d:a0:19:3b:03:
80:41:87:e7
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTIswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MzAx
NTIzMzRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEREMjQxMkEwNkJBOEU0
OTREMEZCNzY4RkU2NjJENTc5NjYzMURFQkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDv9puyKXj5iwO729HyvHOaE3Q1CZ7Yksx1xg6yq1ttZvv1kzHu
r8BhniSbTzbYc5HFnoP90RZ8i3FBGFrBsq2UvQOMhvX69vwipDcYt2oLDuOeYyaj
Ybmv5khbY/BO8cNjS25Flgt7oXolhy9iNSsnzmzDOvyYpdwtbNVkEolJIw/n3Y/l
9dS/dGJ64+GlrWImp7XsQZRq1QKmaX1WJU8bWJtjZt5tI7jmZDIGreQJMU1brn27
4pueAENsrXBeVxyqg1PkRGa747fGA89b63fiy2LcXfczfKOKZuObT04RDQHVotss
ORgCiW5KbATelDBFFAbLIDi84NXRXqm5bIPLAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU3SQSoGuo5JTQ+3aP5mLVeWYx3r0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzNTUVNvR3VvNUpUUS0z
YVA1bUxWZVdZeDNyMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAALNst+BznglZYJ4rYlFn454uYFZ/Ncr
otmMOqWCph8QfKrdgHk4eQKTCXfNDNxdXE04J/nFPOw1uHuin34ZlawNQTYmOYoO
Zo5Cj2xRB0RndUYrF7gThB998dlCX/cAXuGnyushkq0rO5iUY2l37hWE1AUNZhKL
OcERcHQsyS7+FxsZULWQWgej5Hykx/dTGLTBC5tbhaNwpd5/BAATxUKg16zwD/rS
Dzk0Lrhgyy4kUS0nS8bwEEfStv1RaophiWKKb7MY318RmK009PvGQPt011/PmxZb
axqnPPDd6JVpILOD/xreTLZVeJKBX7JBEbGOksbtG2gdoBk7A4BBh+c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:05 2024 by rpki-client on console-fra.rpki-client.org