Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/4tHqIPgRFk4RV28erbgCMLFSzA8.roa
File: 4tHqIPgRFk4RV28erbgCMLFSzA8.roa (raw, json)
Hash identifier: hoBbk+/MW9cZuEXNpUj5uPn+c4jfIexD4SeBn8wYz5I=
Subject key identifier: E2:D1:EA:20:F8:11:16:4E:11:57:6F:1E:AD:B8:02:30:B1:52:CC:0F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 487F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4tHqIPgRFk4RV28erbgCMLFSzA8.roa
Signing time: Thu 25 Apr 2024 05:53:18 +0000
ROA not before: Thu 25 Apr 2024 05:53:18 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18559 (0x487f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 25 05:53:18 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E2D1EA20F811164E11576F1EADB80230B152CC0F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:bd:77:8e:78:21:85:34:ff:f1:6a:2b:84:1d:
21:59:1e:b3:4e:58:1d:58:b8:6d:a8:d5:f9:98:d4:
5a:8f:cb:a6:2b:3a:a4:00:c6:af:44:79:b0:a4:d3:
9b:d0:ea:04:f1:1f:27:7b:61:4d:5e:c0:2a:85:e0:
8b:b9:45:cd:41:7b:e3:fb:12:6c:f8:97:9d:cf:ee:
01:32:08:1a:3e:50:61:9d:29:ef:a1:d0:9c:a7:c8:
a9:ea:d3:63:38:b0:54:f8:12:d7:3a:c4:6f:35:6f:
2f:5c:1f:a2:0b:0d:ec:5c:3b:0c:4a:56:34:1c:de:
a6:1a:6c:8c:2b:38:c3:20:fb:c9:80:17:30:17:07:
09:4a:4b:d0:27:0d:2c:fc:b3:b6:11:1b:e7:2d:84:
43:37:27:12:0b:b1:a5:45:c9:09:e3:40:c0:74:a1:
51:92:3c:28:5d:0e:f4:ff:24:19:94:f2:ce:ad:25:
ef:da:a9:a8:d8:78:a2:5a:ad:ce:c3:fd:13:ac:bb:
2e:99:72:8f:37:97:de:2b:fd:d3:03:15:68:aa:ca:
13:b9:aa:90:b5:91:3c:0e:f9:ca:5c:4a:73:ef:2d:
b7:44:aa:3d:ed:c2:3d:73:31:c0:d0:88:75:21:e4:
90:bb:35:22:25:e6:d0:ed:40:b7:3b:97:ed:fc:7c:
11:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:D1:EA:20:F8:11:16:4E:11:57:6F:1E:AD:B8:02:30:B1:52:CC:0F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/4tHqIPgRFk4RV28erbgCMLFSzA8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
83:4f:6a:51:29:cc:78:1e:bb:51:03:b3:eb:7d:06:86:09:b1:
46:b6:9f:9c:38:10:0e:de:30:cb:b0:56:6f:fa:b3:38:92:df:
51:e0:08:d7:05:63:b0:ca:d5:f1:b8:71:2e:46:04:8d:f8:20:
51:c0:7d:9a:3b:72:28:93:4a:61:d1:9a:db:5b:d6:ad:2d:2c:
1f:92:19:21:47:88:ad:62:6c:97:1c:32:33:d4:40:a8:7a:dd:
ad:f0:a2:d7:3f:f8:e5:37:97:18:f3:7f:91:62:9e:43:5b:03:
fc:33:05:e6:01:ec:02:c1:4b:72:c6:87:6a:d5:6f:17:6b:2e:
22:7f:d8:c4:ed:51:ae:5f:32:34:12:1e:22:4f:b8:56:35:3d:
f4:29:00:1b:13:5a:95:fe:ff:29:de:4f:70:e6:6d:fc:c7:bb:
eb:c3:e5:e7:e4:0e:de:c0:d3:75:58:c8:47:b5:26:48:47:d8:
7c:5d:e5:56:2a:af:5c:51:ef:60:71:63:ce:6a:0c:29:c4:de:
1c:7f:76:c5:68:d6:a8:5f:f3:4f:d1:09:74:2a:4b:ef:39:3a:
5a:9f:72:10:d1:50:cb:24:37:bf:c8:a1:b4:d1:21:16:e2:ce:
d9:81:21:15:4a:5f:c9:a2:db:ed:a9:c0:89:eb:d8:d6:bf:bb:
64:13:52:1c
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICSH8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjUw
NTUzMThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEUyRDFFQTIwRjgxMTE2
NEUxMTU3NkYxRUFEQjgwMjMwQjE1MkNDMEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDtvXeOeCGFNP/xaiuEHSFZHrNOWB1YuG2o1fmY1FqPy6YrOqQA
xq9EebCk05vQ6gTxHyd7YU1ewCqF4Iu5Rc1Be+P7Emz4l53P7gEyCBo+UGGdKe+h
0JynyKnq02M4sFT4Etc6xG81by9cH6ILDexcOwxKVjQc3qYabIwrOMMg+8mAFzAX
BwlKS9AnDSz8s7YRG+cthEM3JxILsaVFyQnjQMB0oVGSPChdDvT/JBmU8s6tJe/a
qajYeKJarc7D/ROsuy6Zco83l94r/dMDFWiqyhO5qpC1kTwO+cpcSnPvLbdEqj3t
wj1zMcDQiHUh5JC7NSIl5tDtQLc7l+38fBE9AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU4tHqIPgRFk4RV28erbgCMLFSzA8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzR0SHFJUGdSRms0UlYy
OGVyYmdDTUxGU3pBOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAINPalEpzHgeu1EDs+t9BoYJsUa2n5w4
EA7eMMuwVm/6sziS31HgCNcFY7DK1fG4cS5GBI34IFHAfZo7ciiTSmHRmttb1q0t
LB+SGSFHiK1ibJccMjPUQKh63a3wotc/+OU3lxjzf5FinkNbA/wzBeYB7ALBS3LG
h2rVbxdrLiJ/2MTtUa5fMjQSHiJPuFY1PfQpABsTWpX+/yneT3DmbfzHu+vD5efk
Dt7A03VYyEe1JkhH2Hxd5VYqr1xR72BxY85qDCnE3hx/dsVo1qhf80/RCXQqS+85
OlqfchDRUMskN7/IobTRIRbiztmBIRVKX8mi2+2pwInr2Na/u2QTUhw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:06 2024 by rpki-client on console-fra.rpki-client.org