Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/4jnVu7M3A5Kh4003evjtUS_mpVs.roa
File: 4jnVu7M3A5Kh4003evjtUS_mpVs.roa (raw, json)
Hash identifier: t6fuFriPqehjSZL9bRsJGb7W7t9akhR92k5smhBFDj0=
Subject key identifier: E2:39:D5:BB:B3:37:03:92:A1:E3:4D:37:7A:F8:ED:51:2F:E6:A5:5B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 35AB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4jnVu7M3A5Kh4003evjtUS_mpVs.roa
Signing time: Sun 31 Mar 2024 03:22:11 +0000
ROA not before: Sun 31 Mar 2024 03:22:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13739 (0x35ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 03:22:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E239D5BBB3370392A1E34D377AF8ED512FE6A55B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:89:fc:25:1b:b8:18:e4:7d:c5:e1:08:43:54:
3e:7a:77:cf:d9:4d:fb:7c:e6:89:ca:71:46:17:01:
49:3e:ee:56:62:f8:13:e8:49:70:49:f6:37:66:8a:
b8:4f:e7:9b:01:c1:50:6e:6c:d6:1a:6b:ef:f0:7c:
ca:e4:55:58:05:d9:ec:d1:82:18:38:fc:06:cf:c5:
5d:64:11:af:90:b0:d4:f1:83:64:27:7e:87:e1:3e:
55:ce:ec:2b:7e:55:ee:29:04:25:71:7d:30:08:1c:
40:21:4f:78:b6:bb:34:b9:a6:d8:20:9b:31:c1:dd:
26:0c:ba:cb:95:d5:22:19:d8:d6:d8:76:e0:47:20:
0d:00:00:d8:52:bc:6b:3d:94:7c:78:1e:b4:de:02:
59:5c:cf:a6:b0:eb:85:48:a7:2e:e2:1c:b3:fc:00:
69:10:1f:24:52:e3:06:b0:51:53:54:c3:b2:46:71:
91:41:35:20:e0:09:d6:34:de:6e:ce:ec:81:29:77:
cb:60:8f:ba:f7:3a:e5:26:09:8a:e5:63:cc:98:de:
f8:4c:1b:ff:1c:37:9c:63:2c:84:41:f4:58:3a:ff:
68:8f:3b:d1:4f:99:0c:8b:25:5c:f5:ff:31:da:f8:
f8:3d:ac:ea:e4:00:e7:6c:5c:70:33:60:41:cb:6b:
a9:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:39:D5:BB:B3:37:03:92:A1:E3:4D:37:7A:F8:ED:51:2F:E6:A5:5B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4jnVu7M3A5Kh4003evjtUS_mpVs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
af:9b:8c:57:f1:c5:53:f3:63:42:64:dd:08:80:c7:17:a4:55:
8d:55:b4:ea:33:5d:04:fd:ae:d7:46:f1:7f:b5:c9:75:fc:bb:
2d:20:a6:ed:0e:4d:63:0f:d4:70:c4:e5:f0:63:df:d2:72:d5:
d2:f7:20:cd:d0:9e:4f:67:d8:74:72:55:d5:f4:a5:47:63:6a:
30:7b:8a:d5:c8:54:88:7e:4f:a0:5c:b2:bf:62:3f:10:af:1a:
3d:0a:46:cc:d2:22:08:0c:0f:fe:36:39:a3:d4:d1:0e:bd:f9:
f8:15:db:46:55:47:51:70:ea:f0:3d:bc:45:20:24:a0:17:e8:
4e:82:1e:e1:11:ba:a4:70:1d:ad:ab:2d:dc:a3:e8:b6:99:10:
33:9c:38:c6:2d:e0:4a:44:fd:1f:2b:14:a0:7d:63:12:8a:c4:
c9:6e:f4:70:af:9a:96:81:c0:63:8b:d2:51:65:14:dc:3d:94:
c8:03:bc:8c:0d:ba:51:f8:77:45:63:bd:3e:7f:1e:3c:ab:9d:
d4:97:6f:95:95:78:e9:d5:4b:26:e2:e8:32:4e:da:32:c0:e1:
11:b4:02:98:ad:c2:77:72:af:5d:c1:de:92:78:cf:84:cd:93:
95:66:57:4a:8a:0c:96:21:dd:b2:f6:03:98:9d:bb:92:fb:d0:
63:cf:3b:28
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNaswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEw
MzIyMTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEUyMzlENUJCQjMzNzAz
OTJBMUUzNEQzNzdBRjhFRDUxMkZFNkE1NUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDifwlG7gY5H3F4QhDVD56d8/ZTft85onKcUYXAUk+7lZi+BPo
SXBJ9jdmirhP55sBwVBubNYaa+/wfMrkVVgF2ezRghg4/AbPxV1kEa+QsNTxg2Qn
fofhPlXO7Ct+Ve4pBCVxfTAIHEAhT3i2uzS5ptggmzHB3SYMusuV1SIZ2NbYduBH
IA0AANhSvGs9lHx4HrTeAllcz6aw64VIpy7iHLP8AGkQHyRS4wawUVNUw7JGcZFB
NSDgCdY03m7O7IEpd8tgj7r3OuUmCYrlY8yY3vhMG/8cN5xjLIRB9Fg6/2iPO9FP
mQyLJVz1/zHa+Pg9rOrkAOdsXHAzYEHLa6mfAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU4jnVu7M3A5Kh4003evjtUS/mpVswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzRqblZ1N00zQTVLaDQw
MDNldmp0VVNfbXBWcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAK+bjFfxxVPzY0Jk3QiAxxekVY1VtOoz
XQT9rtdG8X+1yXX8uy0gpu0OTWMP1HDE5fBj39Jy1dL3IM3Qnk9n2HRyVdX0pUdj
ajB7itXIVIh+T6Bcsr9iPxCvGj0KRszSIggMD/42OaPU0Q69+fgV20ZVR1Fw6vA9
vEUgJKAX6E6CHuERuqRwHa2rLdyj6LaZEDOcOMYt4EpE/R8rFKB9YxKKxMlu9HCv
mpaBwGOL0lFlFNw9lMgDvIwNulH4d0VjvT5/HjyrndSXb5WVeOnVSybi6DJO2jLA
4RG0Apitwndyr13B3pJ4z4TNk5VmV0qKDJYh3bL2A5idu5L70GPPOyg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:06 2024 by rpki-client on console-fra.rpki-client.org