Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/4Tn0KZIVE0bVZm1_86KZe5WjwTs.roa
File: 4Tn0KZIVE0bVZm1_86KZe5WjwTs.roa (raw, json)
Hash identifier: YClQqrbK6CNxgO9l1y6Ce75/gpHlQ/mbL+wc9Ojebh0=
Subject key identifier: E1:39:F4:29:92:15:13:46:D5:66:6D:7F:F3:A2:99:7B:95:A3:C1:3B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4FD7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4Tn0KZIVE0bVZm1_86KZe5WjwTs.roa
Signing time: Sun 05 May 2024 00:54:01 +0000
ROA not before: Sun 05 May 2024 00:54:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20439 (0x4fd7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 5 00:54:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E139F42992151346D5666D7FF3A2997B95A3C13B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:54:cb:0d:c2:52:02:2a:f0:80:46:1c:a2:c1:
7d:cd:20:3b:c5:db:55:ad:d2:aa:13:bd:29:2a:67:
08:51:a7:1c:e5:b1:9f:e7:f2:e5:60:32:5d:b7:da:
cf:7d:9d:4d:36:38:14:56:bf:39:43:5e:f1:f7:79:
ec:20:41:ce:f4:33:91:d9:ba:0d:22:4f:fb:24:b4:
87:46:f9:8f:6d:2a:a0:d7:8a:dc:1d:20:47:ac:c6:
e5:ed:54:1e:b7:b8:18:d2:a2:6b:6e:f8:72:1a:58:
00:08:96:1f:31:a3:26:91:30:99:63:77:59:46:eb:
ae:d7:be:76:0f:f9:69:cf:c7:c1:ac:75:28:18:bc:
f4:cd:0a:08:e6:c9:00:9b:0a:bc:b7:81:01:cc:48:
69:6b:c0:d1:ab:cd:28:39:ec:a1:af:b7:59:58:45:
ee:68:7f:21:05:3d:a8:8f:e0:b0:a9:42:e1:f4:18:
9c:d2:2a:11:7c:77:fc:23:e6:89:ac:ca:49:37:51:
d4:e9:64:c4:95:54:0a:4d:ad:0a:55:c6:67:a7:3b:
c6:f8:52:2a:e6:3f:6d:a5:b7:29:2e:5b:c1:c4:20:
b1:0a:b4:61:b1:25:59:ce:c1:32:00:c7:46:f9:6c:
52:aa:b7:c0:28:88:29:a8:18:40:96:2f:42:6c:07:
04:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:39:F4:29:92:15:13:46:D5:66:6D:7F:F3:A2:99:7B:95:A3:C1:3B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4Tn0KZIVE0bVZm1_86KZe5WjwTs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
a1:82:ca:64:4f:bf:e5:a0:39:a1:25:13:00:e5:52:47:0d:6b:
83:b2:0b:eb:5b:27:c6:59:1d:36:ae:14:b4:6c:55:38:1d:fe:
ac:f7:ad:49:12:8b:b3:54:ae:c6:8a:83:c9:0c:67:79:9f:0f:
02:08:67:cd:1b:dd:7f:7e:e0:e8:66:8f:ab:b6:b1:69:bd:54:
86:ea:a0:9a:a9:cf:4e:24:11:3a:3b:cc:ea:6f:89:ed:29:10:
6b:da:5e:4d:ae:ad:2c:5d:7a:e7:a8:7a:53:49:28:9e:2c:35:
eb:a1:9e:fd:f9:dd:c2:00:8d:9c:a3:b4:bb:8d:3b:0c:d9:81:
e7:89:ec:90:36:36:f1:4d:73:36:28:34:23:74:39:16:e6:2c:
e0:69:b6:36:9f:af:c5:6e:28:f0:dc:f4:53:b9:42:64:c6:0e:
b6:a8:8e:12:ff:7a:4a:9b:b2:2a:21:c5:f4:ed:1e:8c:56:a0:
c7:33:cb:a5:90:c1:9e:b9:eb:f3:ef:3e:f3:98:fc:a3:06:25:
0f:d0:35:f2:32:67:68:30:e4:70:88:f7:4e:27:f9:fd:8b:c8:
c1:34:3b:eb:0e:7b:c7:cf:c2:72:8c:79:09:a4:f8:1c:e8:d5:
40:bd:e2:29:68:f1:8a:21:38:dd:0c:60:c2:11:3d:37:5f:6b:
96:53:8b:80
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICT9cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDUw
MDU0MDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEUxMzlGNDI5OTIxNTEz
NDZENTY2NkQ3RkYzQTI5OTdCOTVBM0MxM0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEVMsNwlICKvCARhyiwX3NIDvF21Wt0qoTvSkqZwhRpxzlsZ/n
8uVgMl232s99nU02OBRWvzlDXvH3eewgQc70M5HZug0iT/sktIdG+Y9tKqDXitwd
IEesxuXtVB63uBjSomtu+HIaWAAIlh8xoyaRMJljd1lG667XvnYP+WnPx8GsdSgY
vPTNCgjmyQCbCry3gQHMSGlrwNGrzSg57KGvt1lYRe5ofyEFPaiP4LCpQuH0GJzS
KhF8d/wj5omsykk3UdTpZMSVVApNrQpVxmenO8b4UirmP22ltykuW8HEILEKtGGx
JVnOwTIAx0b5bFKqt8AoiCmoGECWL0JsBwRLAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU4Tn0KZIVE0bVZm1/86KZe5WjwTswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzRUbjBLWklWRTBiVlpt
MV84NktaZTVXandUcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAKGCymRPv+WgOaElEwDlUkcNa4OyC+tb
J8ZZHTauFLRsVTgd/qz3rUkSi7NUrsaKg8kMZ3mfDwIIZ80b3X9+4Ohmj6u2sWm9
VIbqoJqpz04kETo7zOpvie0pEGvaXk2urSxdeueoelNJKJ4sNeuhnv353cIAjZyj
tLuNOwzZgeeJ7JA2NvFNczYoNCN0ORbmLOBptjafr8VuKPDc9FO5QmTGDraojhL/
ekqbsiohxfTtHoxWoMczy6WQwZ656/PvPvOY/KMGJQ/QNfIyZ2gw5HCI904n+f2L
yME0O+sOe8fPwnKMeQmk+Bzo1UC94ilo8YohON0MYMIRPTdfa5ZTi4A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:06 2024 by rpki-client on console-fra.rpki-client.org