Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/8nfgjh1o5dcUsubJKoCbcq1rAYg.roa
File: 8nfgjh1o5dcUsubJKoCbcq1rAYg.roa (raw, json)
Hash identifier: qVNOaUjXQFLaPr3wEYfbvDQeavjY2/Z/WpPj87Xiy9k=
Subject key identifier: F2:77:E0:8E:1D:68:E5:D7:14:B2:E6:C9:2A:80:9B:72:AD:6B:01:88
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4043
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8nfgjh1o5dcUsubJKoCbcq1rAYg.roa
Signing time: Sun 14 Apr 2024 06:23:22 +0000
ROA not before: Sun 14 Apr 2024 06:23:22 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16451 (0x4043)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 06:23:22 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F277E08E1D68E5D714B2E6C92A809B72AD6B0188
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:2a:03:d9:9e:ff:9f:a1:5b:80:80:25:34:90:
87:c4:c9:6c:33:d5:a0:4f:eb:10:d3:90:72:57:49:
0f:5d:b0:f5:11:38:30:cd:7d:c3:56:d5:0f:c8:95:
5a:89:48:c8:06:ab:ca:cc:6b:b1:e3:ae:dd:eb:62:
5f:83:ed:e8:17:74:1f:f0:4c:7c:44:b2:ff:a7:ca:
0f:0d:fb:85:c6:11:56:a7:1b:5e:78:83:03:ea:7c:
05:a8:36:d2:e0:2f:38:d0:fc:75:2c:a8:ba:69:c4:
d2:42:e3:15:1f:0a:56:cf:9c:bf:92:4c:20:91:09:
7b:18:64:bd:bc:cc:51:9b:9f:05:f2:07:c6:f4:0b:
7b:18:50:3b:d1:6e:1e:37:9d:3e:9b:1a:de:15:1d:
20:84:9b:4b:d3:5e:4d:d8:7a:4e:19:1a:09:2b:8c:
51:e6:a5:ec:0e:d8:73:b8:f6:88:84:4d:cc:69:1e:
d7:25:f7:fd:7a:01:68:ed:56:71:1c:99:6c:af:00:
55:25:ee:5f:78:f4:4f:12:2f:0f:6e:32:c7:89:e9:
63:5d:e7:8a:21:0e:73:d8:e4:99:79:dc:e8:83:ce:
08:63:ed:03:21:5a:14:37:b8:ab:9f:8e:e9:6a:c0:
59:38:7f:fc:b7:46:f0:66:bf:d3:d6:2f:03:03:c9:
be:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:77:E0:8E:1D:68:E5:D7:14:B2:E6:C9:2A:80:9B:72:AD:6B:01:88
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/8nfgjh1o5dcUsubJKoCbcq1rAYg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
40:17:9f:3c:81:80:2c:02:69:55:2f:ad:1b:bd:de:7c:fe:64:
a5:49:e9:a3:7c:4a:2e:5b:84:49:ac:0e:0e:0b:f6:24:06:b5:
19:e3:99:32:0a:65:23:de:21:d4:70:31:1e:45:63:c7:18:e8:
05:bd:3c:9b:6f:58:83:d5:e1:1c:a1:e1:f0:16:fd:72:3e:aa:
eb:d6:66:0f:ed:95:5c:be:76:c2:89:86:e9:18:6a:97:4c:38:
6e:1f:62:73:e8:17:ac:4c:0d:bc:19:9c:2d:67:2d:d1:20:f5:
e6:f6:45:a9:f8:77:63:b0:48:ca:03:8b:28:00:6c:f2:c1:4a:
13:4d:eb:39:37:b3:fa:d7:de:ba:e6:1d:05:f7:2a:6b:be:d2:
9d:c9:46:0d:c7:b9:8f:8e:75:e4:df:79:29:bf:61:4c:84:96:
00:06:81:eb:bf:06:f0:01:d8:d8:03:a6:6e:ca:15:38:b2:28:
b3:cc:d0:a0:06:54:f7:a0:96:ed:4c:a4:aa:23:49:e2:43:d0:
60:a1:00:fe:7f:38:ca:a8:2e:c9:50:de:3d:5d:e6:84:43:3b:
df:da:af:64:62:e8:b0:c1:c9:7f:0d:c3:59:ca:19:78:ee:cb:
1e:fd:bf:57:91:e5:36:27:e4:08:8f:a3:1a:ff:60:70:7b:9a:
87:09:4d:66
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQEMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQw
NjIzMjJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEYyNzdFMDhFMUQ2OEU1
RDcxNEIyRTZDOTJBODA5QjcyQUQ2QjAxODgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbKgPZnv+foVuAgCU0kIfEyWwz1aBP6xDTkHJXSQ9dsPURODDN
fcNW1Q/IlVqJSMgGq8rMa7Hjrt3rYl+D7egXdB/wTHxEsv+nyg8N+4XGEVanG154
gwPqfAWoNtLgLzjQ/HUsqLppxNJC4xUfClbPnL+STCCRCXsYZL28zFGbnwXyB8b0
C3sYUDvRbh43nT6bGt4VHSCEm0vTXk3Yek4ZGgkrjFHmpewO2HO49oiETcxpHtcl
9/16AWjtVnEcmWyvAFUl7l949E8SLw9uMseJ6WNd54ohDnPY5Jl53OiDzghj7QMh
WhQ3uKufjulqwFk4f/y3RvBmv9PWLwMDyb4jAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU8nfgjh1o5dcUsubJKoCbcq1rAYgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzhuZmdqaDFvNWRjVXN1
YkpLb0NiY3ExckFZZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAEAXnzyBgCwCaVUvrRu93nz+ZKVJ6aN8
Si5bhEmsDg4L9iQGtRnjmTIKZSPeIdRwMR5FY8cY6AW9PJtvWIPV4Ryh4fAW/XI+
quvWZg/tlVy+dsKJhukYapdMOG4fYnPoF6xMDbwZnC1nLdEg9eb2Ran4d2OwSMoD
iygAbPLBShNN6zk3s/rX3rrmHQX3Kmu+0p3JRg3HuY+OdeTfeSm/YUyElgAGgeu/
BvAB2NgDpm7KFTiyKLPM0KAGVPeglu1MpKojSeJD0GChAP5/OMqoLslQ3j1d5oRD
O9/ar2Ri6LDByX8Nw1nKGXjuyx79v1eR5TYn5AiPoxr/YHB7mocJTWY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:19 2024 by rpki-client on console-ams.rpki-client.org