Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/A8-raLMlp76dga1IwTeV9itj82A.roa
File: A8-raLMlp76dga1IwTeV9itj82A.roa (raw, json)
Hash identifier: bx3i4bMgd9U8iDdghbQ7s0kgUgVzCng28R/aIjhL1UA=
Subject key identifier: 03:CF:AB:68:B3:25:A7:BE:9D:81:AD:48:C1:37:95:F6:2B:63:F3:60
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 41C3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/A8-raLMlp76dga1IwTeV9itj82A.roa
Signing time: Tue 16 Apr 2024 06:23:28 +0000
ROA not before: Tue 16 Apr 2024 06:23:28 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16835 (0x41c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 16 06:23:28 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=03CFAB68B325A7BE9D81AD48C13795F62B63F360
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:17:ae:23:ab:24:71:2c:d9:2c:da:e6:f5:3a:
8d:f4:94:ed:86:97:72:49:f2:4b:5c:22:f1:e5:8f:
98:0f:79:70:5b:b0:14:4b:1a:af:82:36:8f:e1:5c:
a5:71:8b:cd:c2:6c:a2:b4:ba:d6:47:69:45:20:da:
eb:b6:6a:72:53:2b:60:c1:9f:65:92:79:10:9f:2c:
13:10:c3:28:cb:d0:5d:b6:7b:18:9b:7c:17:3a:d3:
82:7c:5f:43:df:52:4b:c7:74:54:31:d4:21:59:0b:
f3:b4:52:07:0e:ca:7c:c9:a3:4a:2b:d3:1d:0e:bb:
38:6f:76:80:61:05:3c:01:fd:ee:be:3c:f9:92:55:
8b:4c:3f:ae:a5:b5:c3:c2:01:d3:f5:85:70:a4:52:
c1:77:e4:38:71:0e:41:9d:3d:44:15:75:d0:60:25:
ee:9d:69:f5:31:f5:71:9b:d4:14:d0:52:0a:c1:5a:
c5:97:7a:88:80:f2:ef:8b:ce:72:24:bc:6b:72:cd:
6b:88:07:8c:0f:26:3d:6e:45:8d:c5:f3:d5:b9:de:
b0:80:1c:aa:0e:ef:1b:fc:e7:d9:00:83:b2:8d:bc:
6e:72:d5:c9:56:ab:6b:e2:5d:fe:da:86:2d:f7:82:
16:02:b1:c4:66:76:bb:af:fc:cd:50:ac:2d:ab:89:
5f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:CF:AB:68:B3:25:A7:BE:9D:81:AD:48:C1:37:95:F6:2B:63:F3:60
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/A8-raLMlp76dga1IwTeV9itj82A.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
8f:7b:29:25:1e:64:c1:79:8a:24:83:9a:b8:1c:f4:14:a2:c2:
66:eb:53:3a:15:31:9b:88:26:e1:d3:ba:4b:f0:d9:32:01:fd:
8f:8a:86:88:29:df:df:41:bf:a3:59:13:9a:b1:a2:33:71:a6:
63:61:4f:b2:ab:ee:27:53:55:57:b8:be:5f:58:fb:96:b7:f4:
5a:4f:a3:e2:b9:7f:66:59:48:a1:db:2d:45:49:65:f9:c2:41:
8d:89:77:f4:71:05:3f:f7:77:46:d8:9c:4e:3b:b3:7d:89:2e:
83:21:86:24:37:57:56:ea:a0:be:ce:73:6b:b5:4a:20:7c:28:
fa:22:34:c0:3c:3a:b4:74:3f:07:75:75:58:35:0c:7b:50:d5:
7a:29:d8:f7:4c:23:c9:36:1b:04:57:cf:3c:31:34:c4:b3:4b:
ab:c8:f4:30:d9:48:c4:d4:ca:1c:53:22:0a:a9:f6:11:58:aa:
46:77:c3:36:72:d7:6c:bf:20:29:0b:a2:0c:dc:38:67:cd:fb:
e0:3d:80:fd:7d:65:6e:d6:c5:c0:4d:01:b1:28:48:a4:27:f3:
86:2e:79:cc:3e:d5:b2:7b:93:b7:8b:3a:dc:07:6b:10:37:ba:
96:d4:76:a7:87:bb:b7:57:78:ca:29:7a:db:e9:1f:26:13:67:
fb:39:82:9f
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQcMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTYw
NjIzMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDAzQ0ZBQjY4QjMyNUE3
QkU5RDgxQUQ0OEMxMzc5NUY2MkI2M0YzNjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5F64jqyRxLNks2ub1Oo30lO2Gl3JJ8ktcIvHlj5gPeXBbsBRL
Gq+CNo/hXKVxi83CbKK0utZHaUUg2uu2anJTK2DBn2WSeRCfLBMQwyjL0F22exib
fBc604J8X0PfUkvHdFQx1CFZC/O0UgcOynzJo0or0x0OuzhvdoBhBTwB/e6+PPmS
VYtMP66ltcPCAdP1hXCkUsF35DhxDkGdPUQVddBgJe6dafUx9XGb1BTQUgrBWsWX
eoiA8u+LznIkvGtyzWuIB4wPJj1uRY3F89W53rCAHKoO7xv859kAg7KNvG5y1clW
q2viXf7ahi33ghYCscRmdruv/M1QrC2riV9/AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUA8+raLMlp76dga1IwTeV9itj82AwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0E4LXJhTE1scDc2ZGdh
MUl3VGVWOWl0ajgyQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAI97KSUeZMF5iiSDmrgc9BSiwmbrUzoV
MZuIJuHTukvw2TIB/Y+Khogp399Bv6NZE5qxojNxpmNhT7Kr7idTVVe4vl9Y+5a3
9FpPo+K5f2ZZSKHbLUVJZfnCQY2Jd/RxBT/3d0bYnE47s32JLoMhhiQ3V1bqoL7O
c2u1SiB8KPoiNMA8OrR0Pwd1dVg1DHtQ1Xop2PdMI8k2GwRXzzwxNMSzS6vI9DDZ
SMTUyhxTIgqp9hFYqkZ3wzZy12y/ICkLogzcOGfN++A9gP19ZW7WxcBNAbEoSKQn
84Yuecw+1bJ7k7eLOtwHaxA3upbUdqeHu7dXeMopetvpHyYTZ/s5gp8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:21 2024 by rpki-client on console-ams.rpki-client.org