Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/4KXYJdkfvOcFrzr7URXSU3Pa_rI.roa
File: 4KXYJdkfvOcFrzr7URXSU3Pa_rI.roa (raw, json)
Hash identifier: szRMFT60x5nIiG7kGDBD3EB3uY71J3ZtA9sdKfKVHIo=
Subject key identifier: E0:A5:D8:25:D9:1F:BC:E7:05:AF:3A:FB:51:15:D2:53:73:DA:FE:B2
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5547
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4KXYJdkfvOcFrzr7URXSU3Pa_rI.roa
Signing time: Sun 12 May 2024 06:54:12 +0000
ROA not before: Sun 12 May 2024 06:54:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21831 (0x5547)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 12 06:54:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E0A5D825D91FBCE705AF3AFB5115D25373DAFEB2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a1:db:8d:c8:5d:ff:d1:99:f0:07:36:3b:da:
8f:34:3d:09:ef:5b:3f:08:8b:cb:b0:b9:10:64:0c:
15:21:a4:2c:fc:9f:a5:e9:f5:1f:83:6f:64:14:cc:
6a:a1:5d:77:78:25:d1:46:f1:e8:e2:2f:b4:ca:5c:
09:20:d5:d7:35:32:ac:d2:df:de:a8:80:da:c2:d9:
41:00:7b:52:88:af:fa:1c:83:7e:5d:78:26:52:38:
48:9a:37:e0:35:a8:b4:0a:90:17:1f:9c:62:cb:01:
cd:b7:f8:1e:0f:da:38:23:9d:89:55:21:c3:a0:07:
a5:82:8f:5d:15:55:1b:4c:1d:21:78:99:b1:8b:b2:
f5:b3:a1:64:9c:29:b5:53:aa:d0:60:ef:a9:3b:08:
80:f5:f9:1b:75:31:f8:d6:fa:e6:b5:1a:e9:82:a4:
50:dd:19:25:7f:27:fb:52:75:29:ff:07:3e:db:66:
0d:9e:29:57:e3:79:49:b4:fa:dd:c7:03:67:d8:9e:
a0:1d:ee:59:02:c2:f8:92:60:1b:86:84:47:f9:3c:
4f:c1:d5:7d:f8:1b:14:73:4f:b7:4c:25:59:cd:61:
04:db:1f:1b:58:59:d5:70:54:47:1c:3a:9e:aa:96:
c1:ef:6f:db:7e:94:cd:08:4f:0d:04:05:bc:18:b7:
0a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:A5:D8:25:D9:1F:BC:E7:05:AF:3A:FB:51:15:D2:53:73:DA:FE:B2
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4KXYJdkfvOcFrzr7URXSU3Pa_rI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
53:62:35:9c:5c:62:8e:f3:f5:ee:07:a1:d4:82:78:3f:8e:3c:
d6:ce:3b:a8:56:5a:b4:27:aa:fa:de:b9:11:af:be:73:99:f6:
54:5e:98:ad:8c:36:b9:16:fc:43:ba:f7:40:68:d5:e8:3c:be:
70:d2:2d:0c:e1:50:97:3c:de:d5:c7:42:2f:21:79:58:83:c2:
5a:99:77:55:c1:31:b3:af:0d:c7:a8:b5:52:1a:64:30:ec:e9:
63:20:54:f2:f4:f3:8c:0a:dd:ce:73:17:a0:48:1e:24:8f:53:
2c:76:5e:fe:5e:8d:5a:9f:c9:05:43:45:17:04:20:fc:61:84:
6a:c7:a2:d9:d4:3a:21:69:7d:b7:28:3c:95:e8:33:ab:83:fe:
0c:bb:06:a7:10:d7:1e:e3:df:1d:41:4d:6c:29:2e:5e:a6:22:
ff:84:fa:e5:f5:b8:d4:1b:0a:31:5f:d7:3a:cb:2c:c7:d9:e0:
b3:ff:31:7e:0c:29:4c:26:1e:07:ea:fe:d7:14:49:22:9e:4a:
92:9e:b2:c7:ee:b2:f5:0b:0c:aa:0b:61:04:ed:82:98:21:1a:
d6:96:d6:33:88:aa:64:5b:e4:f7:36:3e:e3:31:1f:0d:e0:31:
2c:bd:2f:91:ec:7d:cc:8e:45:38:19:49:71:20:39:a7:da:bd:
03:27:ec:b8
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICVUcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTIw
NjU0MTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEUwQTVEODI1RDkxRkJD
RTcwNUFGM0FGQjUxMTVEMjUzNzNEQUZFQjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0oduNyF3/0ZnwBzY72o80PQnvWz8Ii8uwuRBkDBUhpCz8n6Xp
9R+Db2QUzGqhXXd4JdFG8ejiL7TKXAkg1dc1MqzS396ogNrC2UEAe1KIr/ocg35d
eCZSOEiaN+A1qLQKkBcfnGLLAc23+B4P2jgjnYlVIcOgB6WCj10VVRtMHSF4mbGL
svWzoWScKbVTqtBg76k7CID1+Rt1MfjW+ua1GumCpFDdGSV/J/tSdSn/Bz7bZg2e
KVfjeUm0+t3HA2fYnqAd7lkCwviSYBuGhEf5PE/B1X34GxRzT7dMJVnNYQTbHxtY
WdVwVEccOp6qlsHvb9t+lM0ITw0EBbwYtwrJAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU4KXYJdkfvOcFrzr7URXSU3Pa/rIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzRLWFlKZGtmdk9jRnJ6
cjdVUlhTVTNQYV9ySS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFNiNZxcYo7z9e4HodSCeD+OPNbOO6hW
WrQnqvreuRGvvnOZ9lRemK2MNrkW/EO690Bo1eg8vnDSLQzhUJc83tXHQi8heViD
wlqZd1XBMbOvDceotVIaZDDs6WMgVPL084wK3c5zF6BIHiSPUyx2Xv5ejVqfyQVD
RRcEIPxhhGrHotnUOiFpfbcoPJXoM6uD/gy7BqcQ1x7j3x1BTWwpLl6mIv+E+uX1
uNQbCjFf1zrLLMfZ4LP/MX4MKUwmHgfq/tcUSSKeSpKessfusvULDKoLYQTtgpgh
GtaW1jOIqmRb5Pc2PuMxHw3gMSy9L5HsfcyORTgZSXEgOafavQMn7Lg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:05 2024 by rpki-client on console-fra.rpki-client.org