Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/8dUC3qVcQKi7aos7tq9atR-VRwQ.roa
File: 8dUC3qVcQKi7aos7tq9atR-VRwQ.roa (raw, json)
Hash identifier: mytXVZXZ0SnmxrQ/xsRE1bAZQC9/eN20XE1L3V8IWrQ=
Subject key identifier: F1:D5:02:DE:A5:5C:40:A8:BB:6A:8B:3B:B6:AF:5A:B5:1F:95:47:04
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 440B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8dUC3qVcQKi7aos7tq9atR-VRwQ.roa
Signing time: Fri 19 Apr 2024 07:23:01 +0000
ROA not before: Fri 19 Apr 2024 07:23:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17419 (0x440b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 19 07:23:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F1D502DEA55C40A8BB6A8B3BB6AF5AB51F954704
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:af:ae:1c:f1:6b:d7:78:9e:a2:5e:46:08:c7:
c0:42:3e:fd:4d:22:2d:8a:61:bc:7d:3f:5c:21:97:
be:85:04:8c:54:40:84:24:fb:e7:ed:a3:63:4e:3d:
9e:98:c2:03:c1:e3:19:c7:94:b1:82:77:63:16:c5:
ee:3a:5e:2a:cc:d8:cc:94:64:2d:24:ad:8e:91:5d:
15:a2:27:19:04:b9:d1:f1:eb:05:73:a7:8f:07:79:
11:a5:6f:dd:42:5e:fc:b6:f4:ad:8b:af:e7:e5:1c:
10:1e:7b:a1:3f:b8:87:5f:4b:03:23:c2:e6:24:60:
9c:c2:5f:87:5b:7a:df:b2:4e:4f:38:89:7d:d5:8c:
92:09:ca:90:21:52:68:85:59:d9:71:90:c8:8b:eb:
a8:15:01:19:f3:c6:9a:2a:e1:76:4b:a7:f9:dc:ec:
ac:11:72:70:c7:31:a2:a7:e0:63:4b:03:c7:0a:0f:
c9:2e:6e:07:ab:34:35:6f:d0:50:7e:fc:d3:e5:1e:
23:3e:54:6e:ac:3c:8c:08:d5:11:46:48:97:3f:59:
46:cc:5d:dc:b2:f2:65:36:18:73:50:6a:f7:33:a6:
f3:95:1e:d0:0a:78:7e:f0:7c:85:e8:e5:8c:9b:9b:
4b:dd:9f:1e:5c:fc:ef:a1:20:0c:d7:90:51:90:72:
e9:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:D5:02:DE:A5:5C:40:A8:BB:6A:8B:3B:B6:AF:5A:B5:1F:95:47:04
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8dUC3qVcQKi7aos7tq9atR-VRwQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
1b:5a:1c:04:db:52:8e:64:86:43:8e:c5:cf:2f:3d:41:7f:ec:
e0:cc:58:5b:e8:b9:33:4a:68:91:77:f0:fc:1c:8e:a8:30:69:
52:13:92:3a:eb:ea:fb:96:ee:31:c8:17:53:2b:51:ec:29:5b:
3c:0f:77:73:83:e2:28:90:04:c2:cb:be:ee:f0:d6:28:e2:62:
47:23:1c:d7:df:ce:f4:55:05:cb:c5:f5:fe:d9:0c:08:be:0a:
a3:f9:32:96:d0:ab:00:55:76:37:1f:d1:fe:e9:0c:33:e1:9e:
3b:bf:b0:e9:ef:ae:d8:27:61:88:d4:c2:a3:32:40:bb:f8:c1:
f1:89:30:bf:e5:05:01:5b:2e:29:66:51:63:c0:50:8d:2e:54:
80:bb:c2:98:b1:21:05:6e:8b:36:53:0f:d8:36:2f:bb:3f:da:
e1:58:1a:63:4a:55:91:4d:1f:a9:b9:e0:00:3e:d1:e8:44:a4:
dd:26:75:ff:ef:c8:cd:3b:8e:55:a7:a2:29:d1:db:55:20:10:
a5:8f:41:bb:5e:fb:4f:5d:7a:56:e8:b0:d4:21:46:69:71:c9:
71:16:1e:34:f6:7c:f6:4d:9f:4a:07:60:cd:00:b0:ae:97:65:
c0:90:d0:fa:33:d0:51:88:35:8f:e6:62:7c:05:ca:4a:10:7f:
84:0e:c2:4e
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICRAswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTkw
NzIzMDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEYxRDUwMkRFQTU1QzQw
QThCQjZBOEIzQkI2QUY1QUI1MUY5NTQ3MDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrr64c8WvXeJ6iXkYIx8BCPv1NIi2KYbx9P1whl76FBIxUQIQk
++fto2NOPZ6YwgPB4xnHlLGCd2MWxe46XirM2MyUZC0krY6RXRWiJxkEudHx6wVz
p48HeRGlb91CXvy29K2Lr+flHBAee6E/uIdfSwMjwuYkYJzCX4dbet+yTk84iX3V
jJIJypAhUmiFWdlxkMiL66gVARnzxpoq4XZLp/nc7KwRcnDHMaKn4GNLA8cKD8ku
bgerNDVv0FB+/NPlHiM+VG6sPIwI1RFGSJc/WUbMXdyy8mU2GHNQavczpvOVHtAK
eH7wfIXo5Yybm0vdnx5c/O+hIAzXkFGQculZAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU8dUC3qVcQKi7aos7tq9atR+VRwQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzhkVUMzcVZjUUtpN2Fv
czd0cTlhdFItVlJ3US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBABtaHATbUo5khkOOxc8vPUF/7ODMWFvo
uTNKaJF38PwcjqgwaVITkjrr6vuW7jHIF1MrUewpWzwPd3OD4iiQBMLLvu7w1iji
YkcjHNffzvRVBcvF9f7ZDAi+CqP5MpbQqwBVdjcf0f7pDDPhnju/sOnvrtgnYYjU
wqMyQLv4wfGJML/lBQFbLilmUWPAUI0uVIC7wpixIQVuizZTD9g2L7s/2uFYGmNK
VZFNH6m54AA+0ehEpN0mdf/vyM07jlWnoinR21UgEKWPQbte+09delbosNQhRmlx
yXEWHjT2fPZNn0oHYM0AsK6XZcCQ0Poz0FGINY/mYnwFykoQf4QOwk4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:09 2024 by rpki-client on console-fra.rpki-client.org