Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/3m5IYSH0BtcBhfrnWYSmB4Cl7nY.roa
File: 3m5IYSH0BtcBhfrnWYSmB4Cl7nY.roa (raw, json)
Hash identifier: ei/Ggf3OHyVd22bZ6pFC/OML7Uwj6gKbLo+JYX9SKhk=
Subject key identifier: DE:6E:48:61:21:F4:06:D7:01:85:FA:E7:59:84:A6:07:80:A5:EE:76
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 400B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3m5IYSH0BtcBhfrnWYSmB4Cl7nY.roa
Signing time: Sat 13 Apr 2024 23:22:54 +0000
ROA not before: Sat 13 Apr 2024 23:22:54 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16395 (0x400b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 13 23:22:54 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DE6E486121F406D70185FAE75984A60780A5EE76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:ca:e6:99:e1:e1:98:11:08:97:e9:20:5a:18:
d1:7e:2d:00:90:dd:48:b6:21:16:f1:71:92:d0:40:
47:8f:08:9e:50:5f:4f:7c:69:e5:3e:05:df:4e:32:
9b:d0:24:71:e4:bb:2a:f3:82:8f:63:33:cf:6f:62:
75:a4:1c:b8:6d:8d:52:2b:ba:4c:df:d6:f4:da:3b:
ac:f9:21:3c:29:61:bd:69:f7:8f:93:7e:cd:2c:33:
c5:df:82:c5:f1:85:4f:92:94:2a:4d:0c:c6:76:00:
31:9c:6e:ce:d4:58:d6:d7:db:55:dc:ca:dc:c2:4c:
06:c5:d7:df:44:4c:b3:79:38:93:c0:9b:ca:87:3d:
33:7b:70:51:92:5a:7d:65:86:ef:90:4b:02:b1:de:
67:62:b4:a6:68:49:2e:8d:ea:bc:2e:94:20:43:95:
7e:f7:a7:aa:42:67:17:b8:50:81:94:f9:4a:ec:07:
7b:92:4e:f9:d8:c9:63:55:24:d5:dd:46:ce:e3:a4:
96:43:4b:9f:93:58:78:aa:bb:63:91:47:e7:ae:e2:
0b:c3:1c:2e:d1:bc:df:a6:2b:51:83:5d:89:cf:0b:
b7:27:83:67:7b:5b:0f:19:e1:fe:76:40:df:c1:cd:
17:8b:91:e1:ce:e1:32:eb:fa:13:94:7d:11:fe:be:
f8:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:6E:48:61:21:F4:06:D7:01:85:FA:E7:59:84:A6:07:80:A5:EE:76
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/3m5IYSH0BtcBhfrnWYSmB4Cl7nY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
76:17:37:6f:3c:31:2d:40:66:f7:6e:f2:b4:ea:96:3e:19:78:
8b:fd:8e:54:4d:8d:d6:38:02:42:5d:c0:06:ef:aa:8f:93:8a:
88:b1:4a:e0:ea:76:dd:25:f8:b2:95:f8:e3:82:b9:2f:02:46:
fb:22:ed:9b:d9:b9:08:e4:17:28:b2:a9:73:6e:16:51:88:80:
d3:43:2c:ab:27:5a:0c:80:e0:e2:3a:9b:2e:99:67:2c:a6:31:
c8:33:92:fc:4c:41:6a:84:34:38:98:94:23:58:b2:1d:79:cd:
78:72:da:13:61:df:37:7c:90:1d:73:9c:f1:d4:6a:e6:f7:d3:
80:d2:c0:0b:11:77:37:82:e2:0a:1f:0f:4c:4b:f6:f4:4e:df:
9d:9b:a0:72:b6:25:75:c8:a8:20:f5:9b:dc:d4:f3:de:5a:10:
dc:40:65:59:4b:e0:d3:31:b1:a2:e8:60:11:c0:67:15:67:9f:
1d:7f:7d:99:0c:50:25:01:46:a3:98:80:da:56:be:de:f5:db:
99:e1:d2:7a:9e:c8:53:27:02:9d:9d:ec:44:bd:a9:d4:cb:74:
6d:18:0c:85:59:88:40:b1:22:f7:ab:ff:09:66:4d:de:b2:31:
b4:df:2f:15:81:ff:e8:88:31:3b:e6:63:54:82:d7:f5:08:d6:
48:08:63:d6
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQAswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTMy
MzIyNTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERFNkU0ODYxMjFGNDA2
RDcwMTg1RkFFNzU5ODRBNjA3ODBBNUVFNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDsyuaZ4eGYEQiX6SBaGNF+LQCQ3Ui2IRbxcZLQQEePCJ5QX098
aeU+Bd9OMpvQJHHkuyrzgo9jM89vYnWkHLhtjVIrukzf1vTaO6z5ITwpYb1p94+T
fs0sM8XfgsXxhU+SlCpNDMZ2ADGcbs7UWNbX21XcytzCTAbF199ETLN5OJPAm8qH
PTN7cFGSWn1lhu+QSwKx3mditKZoSS6N6rwulCBDlX73p6pCZxe4UIGU+UrsB3uS
TvnYyWNVJNXdRs7jpJZDS5+TWHiqu2ORR+eu4gvDHC7RvN+mK1GDXYnPC7cng2d7
Ww8Z4f52QN/BzReLkeHO4TLr+hOUfRH+vviTAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU3m5IYSH0BtcBhfrnWYSmB4Cl7nYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzNtNUlZU0gwQnRjQmhm
cm5XWVNtQjRDbDduWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAHYXN288MS1AZvdu8rTqlj4ZeIv9jlRN
jdY4AkJdwAbvqo+TioixSuDqdt0l+LKV+OOCuS8CRvsi7ZvZuQjkFyiyqXNuFlGI
gNNDLKsnWgyA4OI6my6ZZyymMcgzkvxMQWqENDiYlCNYsh15zXhy2hNh3zd8kB1z
nPHUaub304DSwAsRdzeC4gofD0xL9vRO352boHK2JXXIqCD1m9zU895aENxAZVlL
4NMxsaLoYBHAZxVnnx1/fZkMUCUBRqOYgNpWvt7125nh0nqeyFMnAp2d7ES9qdTL
dG0YDIVZiECxIver/wlmTd6yMbTfLxWB/+iIMTvmY1SC1/UI1kgIY9Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:05 2024 by rpki-client on console-fra.rpki-client.org