Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/8HGmS0IXY4k38Q78IiOY_w5QFX8.roa
File: 8HGmS0IXY4k38Q78IiOY_w5QFX8.roa (raw, json)
Hash identifier: R4rBtKwGTe27UrE1wQWHYpRpLR2GU6sJn9eh/zd7E34=
Subject key identifier: F0:71:A6:4B:42:17:63:89:37:F1:0E:FC:22:23:98:FF:0E:50:15:7F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3B57
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8HGmS0IXY4k38Q78IiOY_w5QFX8.roa
Signing time: Sun 07 Apr 2024 16:52:31 +0000
ROA not before: Sun 07 Apr 2024 16:52:31 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15191 (0x3b57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 7 16:52:31 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F071A64B4217638937F10EFC222398FF0E50157F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:30:3f:22:05:e4:29:f1:c7:f6:d7:a1:da:fd:
30:35:49:9c:3b:e7:9d:e9:f1:8f:bc:4d:d6:c9:52:
e4:56:be:34:58:c2:fe:44:32:70:0d:ad:af:61:0c:
c2:8e:50:b9:e3:7b:54:0b:8a:00:7f:ed:78:1a:12:
cd:12:bc:5e:98:d6:c9:2d:ec:9e:6a:fc:6a:88:32:
80:55:19:82:e2:7a:a8:44:0b:db:8c:ed:ea:7e:29:
5c:e1:32:07:cb:b8:5d:ed:0f:eb:77:9b:52:f8:63:
cc:10:f7:b7:bf:6a:0f:76:12:9b:7b:ef:3c:58:37:
bc:32:d1:72:03:99:44:60:e7:16:0f:4b:aa:b1:f2:
6b:6a:31:91:51:5c:e6:95:3c:c3:e1:00:98:2c:81:
ba:10:28:91:ed:2b:1f:f7:74:36:2e:04:1e:fb:e4:
a6:20:1d:96:78:23:ba:bb:52:a1:4c:da:22:57:f8:
c6:24:b6:8a:8f:a6:d8:0c:20:7a:89:59:84:ce:94:
d1:fa:e8:d4:37:e7:c9:00:9d:b8:a4:2d:40:af:8b:
fa:75:3a:17:4c:c8:7c:bc:15:2a:8e:43:a4:41:a2:
f6:c7:13:31:a0:28:4f:1f:be:97:38:4c:ef:3f:9c:
fa:2c:40:d8:86:72:af:cb:f0:33:83:ee:6e:85:21:
da:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:71:A6:4B:42:17:63:89:37:F1:0E:FC:22:23:98:FF:0E:50:15:7F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8HGmS0IXY4k38Q78IiOY_w5QFX8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
64:bc:cd:6b:40:b7:97:78:f5:e3:54:c4:d3:94:be:7e:29:11:
7b:b3:1a:90:d2:97:92:ef:85:48:e7:6c:28:5d:0d:7d:49:6b:
0e:89:13:07:eb:3c:0f:bf:9f:e1:3b:d3:ee:71:2b:36:1e:03:
6b:f4:b7:d1:ab:4d:08:71:55:b2:1e:87:4a:06:97:ed:48:8f:
7c:af:be:15:6c:d6:1e:d6:10:de:62:4e:4d:d3:97:88:00:77:
95:0a:63:51:93:48:de:ae:d6:cd:38:2b:fa:21:1c:51:da:38:
70:b0:9c:82:25:c7:1c:f5:1a:3c:f5:c6:14:be:c2:7c:f7:26:
d9:93:e4:f6:5f:c1:36:14:52:14:7d:23:7e:8a:3e:c7:8e:66:
44:70:86:a2:a9:28:5f:fc:2e:91:a9:f1:bc:b4:22:c8:2d:8f:
12:68:79:fb:6f:08:60:fb:c8:52:cb:7c:28:39:50:22:9a:4d:
fb:cb:47:88:84:d5:0d:c9:cb:cc:8b:30:a7:58:ac:ae:b5:71:
a0:8a:91:bc:d8:cf:65:49:12:de:94:71:9d:28:5a:20:2d:13:
53:b1:f0:39:62:2f:9a:c5:b1:27:7a:2e:b0:31:2a:73:6d:bd:
e4:7c:12:7c:0b:45:ca:a8:40:1f:96:84:3b:31:3c:bb:8c:3f:
ff:09:a8:78
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICO1cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDcx
NjUyMzFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEYwNzFBNjRCNDIxNzYz
ODkzN0YxMEVGQzIyMjM5OEZGMEU1MDE1N0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpMD8iBeQp8cf216Ha/TA1SZw7553p8Y+8TdbJUuRWvjRYwv5E
MnANra9hDMKOULnje1QLigB/7XgaEs0SvF6Y1skt7J5q/GqIMoBVGYLieqhEC9uM
7ep+KVzhMgfLuF3tD+t3m1L4Y8wQ97e/ag92Ept77zxYN7wy0XIDmURg5xYPS6qx
8mtqMZFRXOaVPMPhAJgsgboQKJHtKx/3dDYuBB775KYgHZZ4I7q7UqFM2iJX+MYk
toqPptgMIHqJWYTOlNH66NQ358kAnbikLUCvi/p1OhdMyHy8FSqOQ6RBovbHEzGg
KE8fvpc4TO8/nPosQNiGcq/L8DOD7m6FIdpRAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU8HGmS0IXY4k38Q78IiOY/w5QFX8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzhIR21TMElYWTRrMzhR
NzhJaU9ZX3c1UUZYOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAGS8zWtAt5d49eNUxNOUvn4pEXuzGpDS
l5LvhUjnbChdDX1Jaw6JEwfrPA+/n+E70+5xKzYeA2v0t9GrTQhxVbIeh0oGl+1I
j3yvvhVs1h7WEN5iTk3Tl4gAd5UKY1GTSN6u1s04K/ohHFHaOHCwnIIlxxz1Gjz1
xhS+wnz3JtmT5PZfwTYUUhR9I36KPseOZkRwhqKpKF/8LpGp8by0IsgtjxJoeftv
CGD7yFLLfCg5UCKaTfvLR4iE1Q3Jy8yLMKdYrK61caCKkbzYz2VJEt6UcZ0oWiAt
E1Ox8DliL5rFsSd6LrAxKnNtveR8EnwLRcqoQB+WhDsxPLuMP/8JqHg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:19 2024 by rpki-client on console-ams.rpki-client.org