Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/4dCBqtcamWjxsZCbwz5-R2npN_o.roa
File: 4dCBqtcamWjxsZCbwz5-R2npN_o.roa (raw, json)
Hash identifier: GjYUpnkjb0e51CG98dauS9Kpfkf4UxuNA9uOD2YMbMQ=
Subject key identifier: E1:D0:81:AA:D7:1A:99:68:F1:B1:90:9B:C3:3E:7E:47:69:E9:37:FA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3757
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4dCBqtcamWjxsZCbwz5-R2npN_o.roa
Signing time: Tue 02 Apr 2024 08:52:15 +0000
ROA not before: Tue 02 Apr 2024 08:52:15 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14167 (0x3757)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 2 08:52:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E1D081AAD71A9968F1B1909BC33E7E4769E937FA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:4f:fd:1b:f5:03:28:e5:cc:f4:ea:9d:0c:e2:
e4:f7:3d:94:42:23:c0:b8:6b:c4:e1:fe:46:48:81:
49:88:a8:0d:3c:d0:85:f0:0f:e5:de:70:62:1b:0b:
2e:75:9a:f3:21:57:0f:21:c7:fc:6a:ef:73:85:36:
ec:84:17:dc:5e:b3:4c:72:09:03:ca:5e:fa:d2:00:
56:c0:d7:66:52:4c:05:4f:1f:e8:1e:a6:42:0f:8f:
1a:fb:58:79:b6:cc:3e:12:58:af:d7:93:2e:35:77:
88:ed:4c:05:0a:7e:5a:70:97:da:a2:52:6f:3c:0d:
73:ce:df:c4:9a:7e:67:b3:8c:29:ba:1f:c9:28:f6:
7f:0a:cf:2c:5c:71:95:98:06:ca:eb:52:0f:bf:64:
c6:86:6f:ec:57:fe:53:23:55:52:49:31:76:8c:85:
1d:33:4f:e5:5d:80:9e:d9:2d:e7:68:52:f4:82:99:
d5:80:1e:15:d8:58:ef:c1:ef:2f:3d:c4:8b:81:09:
b3:7f:3c:5d:dc:24:8d:1a:ce:fe:98:47:6c:07:04:
a4:85:60:c7:cd:c6:38:79:ba:54:b9:47:ea:84:71:
b0:cc:30:f1:9e:79:d8:63:1f:a8:a4:01:38:dd:1d:
00:4c:ba:d1:bb:bb:db:58:b8:44:f7:d9:ea:69:de:
43:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:D0:81:AA:D7:1A:99:68:F1:B1:90:9B:C3:3E:7E:47:69:E9:37:FA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4dCBqtcamWjxsZCbwz5-R2npN_o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
97:6c:8c:bd:3e:db:5a:81:b7:0a:bd:28:f8:65:4f:d7:a8:87:
ea:f5:e3:26:58:fc:6c:92:cb:86:e5:bd:83:3e:f1:97:ff:d9:
ab:b8:8a:e5:af:bc:a7:12:04:d7:71:77:21:57:64:b8:4f:63:
ce:ae:d0:ad:b2:3e:1d:e5:b5:0e:8e:dd:ab:61:ca:91:91:be:
34:bc:0c:96:2f:af:a2:75:d2:be:bf:f8:2e:cf:fa:16:84:b0:
34:f0:d9:99:07:3f:17:52:86:8e:9a:a9:07:38:93:95:06:eb:
b3:02:c0:99:23:e2:af:b6:60:e1:ad:02:15:e2:1e:48:97:00:
74:fc:c6:9b:ca:59:36:f9:55:a0:f3:9c:19:69:91:37:4b:c5:
01:28:bd:22:ca:9a:15:8a:9f:5e:f8:e0:a1:84:af:d0:f1:b2:
f7:c0:19:b4:24:96:0e:b1:52:92:7c:84:7c:76:a5:d8:bf:e5:
a3:e2:40:e3:b1:a2:b8:98:d3:70:e1:c6:2e:17:94:a5:32:96:
8b:48:d8:d0:ca:3d:db:23:06:18:a8:65:63:2d:4e:37:d7:27:
b6:f7:a0:fa:95:a6:ef:8a:1b:48:24:ba:ef:a2:03:6b:29:ab:
a7:52:e2:ec:82:68:1d:de:70:a7:b4:d1:54:7f:a8:d9:46:3e:
50:27:c8:25
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICN1cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDIw
ODUyMTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEUxRDA4MUFBRDcxQTk5
NjhGMUIxOTA5QkMzM0U3RTQ3NjlFOTM3RkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDiT/0b9QMo5cz06p0M4uT3PZRCI8C4a8Th/kZIgUmIqA080IXw
D+XecGIbCy51mvMhVw8hx/xq73OFNuyEF9xes0xyCQPKXvrSAFbA12ZSTAVPH+ge
pkIPjxr7WHm2zD4SWK/Xky41d4jtTAUKflpwl9qiUm88DXPO38SafmezjCm6H8ko
9n8KzyxccZWYBsrrUg+/ZMaGb+xX/lMjVVJJMXaMhR0zT+VdgJ7ZLedoUvSCmdWA
HhXYWO/B7y89xIuBCbN/PF3cJI0azv6YR2wHBKSFYMfNxjh5ulS5R+qEcbDMMPGe
edhjH6ikATjdHQBMutG7u9tYuET32epp3kNfAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU4dCBqtcamWjxsZCbwz5+R2npN/owHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzRkQ0JxdGNhbVdqeHNa
Q2J3ejUtUjJucE5fby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAJdsjL0+21qBtwq9KPhlT9eoh+r14yZY
/GySy4blvYM+8Zf/2au4iuWvvKcSBNdxdyFXZLhPY86u0K2yPh3ltQ6O3athypGR
vjS8DJYvr6J10r6/+C7P+haEsDTw2ZkHPxdSho6aqQc4k5UG67MCwJkj4q+2YOGt
AhXiHkiXAHT8xpvKWTb5VaDznBlpkTdLxQEovSLKmhWKn1744KGEr9DxsvfAGbQk
lg6xUpJ8hHx2pdi/5aPiQOOxoriY03Dhxi4XlKUylotI2NDKPdsjBhioZWMtTjfX
J7b3oPqVpu+KG0gkuu+iA2spq6dS4uyCaB3ecKe00VR/qNlGPlAnyCU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:06 2024 by rpki-client on console-fra.rpki-client.org