Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/AgMln86bFnH0h4SDg8jpo-axWwc.roa
File: AgMln86bFnH0h4SDg8jpo-axWwc.roa (raw, json)
Hash identifier: HxgVGj5byMivP+wh7XCzRXBeh618sbgKlM67xwTf3D0=
Subject key identifier: 02:03:25:9F:CE:9B:16:71:F4:87:84:83:83:C8:E9:A3:E6:B1:5B:07
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4DAB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/AgMln86bFnH0h4SDg8jpo-axWwc.roa
Signing time: Thu 02 May 2024 03:23:41 +0000
ROA not before: Thu 02 May 2024 03:23:41 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19883 (0x4dab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 2 03:23:41 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0203259FCE9B1671F487848383C8E9A3E6B15B07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:a5:19:95:a9:37:12:f8:cc:40:3d:8a:ed:54:
3d:d7:f4:2e:95:28:f4:fd:bd:52:c5:ed:91:b6:90:
d4:d9:25:72:7a:94:ed:a2:40:c5:51:3f:1c:8c:01:
3c:13:e5:e5:69:f8:07:96:8e:b0:28:19:76:9e:ae:
0b:1a:ea:e1:c6:94:8c:15:64:4b:7d:2d:be:9a:41:
15:b7:92:1d:da:f8:22:50:08:c5:be:10:1e:95:c4:
27:e1:dd:a1:dc:c6:f7:b7:cb:ea:ae:ea:5c:86:95:
00:7a:ec:9f:1a:e5:2d:8c:57:7c:1e:ee:52:55:7e:
39:bc:a6:24:cb:a3:96:61:77:f8:cb:7c:e8:48:f5:
30:37:9a:64:83:a0:58:d4:da:31:61:02:3d:ce:a4:
a7:04:c6:77:4b:b5:4e:e0:13:03:da:ad:26:94:a4:
3b:3c:fb:4d:35:e3:84:77:3e:86:be:39:3e:7c:0a:
ed:8e:6f:df:7d:c6:6a:10:ed:b6:e9:d3:2d:ce:d9:
13:8b:23:83:fc:1a:86:a0:17:c3:4f:cb:36:ee:07:
54:6c:24:03:7a:d1:00:0b:5e:46:ff:4c:cd:70:db:
17:aa:ce:76:1a:75:8f:0e:ef:dd:a8:8b:c1:7c:f4:
53:58:54:22:56:76:fc:02:a3:82:bd:7b:b4:5a:2e:
c5:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:03:25:9F:CE:9B:16:71:F4:87:84:83:83:C8:E9:A3:E6:B1:5B:07
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/AgMln86bFnH0h4SDg8jpo-axWwc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
18:8e:36:83:3e:70:48:e4:ff:a9:44:16:3a:58:c0:a5:f1:84:
9a:25:c0:a2:03:66:d3:9f:7f:85:c4:97:e6:73:23:1f:21:1f:
16:69:6f:b5:c8:b4:82:3f:ce:aa:35:21:d4:da:c2:f0:cf:92:
33:f0:b8:b4:b5:64:84:2f:fd:6f:54:9c:2e:d8:44:32:66:3a:
e2:32:84:1f:46:79:c3:84:21:95:35:44:49:6a:62:10:48:ea:
45:19:82:a9:e7:44:17:fe:f5:7d:43:10:45:63:cb:df:98:d5:
b4:15:8b:6f:54:0a:57:c1:77:8f:d4:50:aa:ab:ce:97:79:29:
e7:a2:f7:e7:93:ed:1e:03:26:50:1e:43:60:53:4e:32:37:c5:
d2:e1:27:71:cc:5a:59:22:52:a0:4d:14:b2:a5:7b:93:38:ec:
3f:e3:48:9f:09:8f:e3:c4:4f:b7:df:5b:a0:94:ff:5f:e9:b9:
7c:f6:4b:67:41:15:d9:73:55:74:33:0e:b1:5c:9e:37:a7:20:
af:ab:32:68:b1:5b:87:ba:ad:cf:84:31:0b:e2:38:df:ee:5b:
28:14:a2:fe:d8:3a:58:c1:b1:cc:7c:2c:a2:f3:0a:50:ce:fb:
46:6e:04:11:8b:4d:87:5a:a7:8b:86:1e:5e:a2:79:62:b4:e1:
d0:00:3e:89
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTaswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDIw
MzIzNDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDAyMDMyNTlGQ0U5QjE2
NzFGNDg3ODQ4MzgzQzhFOUEzRTZCMTVCMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCTpRmVqTcS+MxAPYrtVD3X9C6VKPT9vVLF7ZG2kNTZJXJ6lO2i
QMVRPxyMATwT5eVp+AeWjrAoGXaergsa6uHGlIwVZEt9Lb6aQRW3kh3a+CJQCMW+
EB6VxCfh3aHcxve3y+qu6lyGlQB67J8a5S2MV3we7lJVfjm8piTLo5Zhd/jLfOhI
9TA3mmSDoFjU2jFhAj3OpKcExndLtU7gEwParSaUpDs8+00144R3Poa+OT58Cu2O
b999xmoQ7bbp0y3O2ROLI4P8GoagF8NPyzbuB1RsJAN60QALXkb/TM1w2xeqznYa
dY8O792oi8F89FNYVCJWdvwCo4K9e7RaLsXDAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUAgMln86bFnH0h4SDg8jpo+axWwcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0FnTWxuODZiRm5IMGg0
U0RnOGpwby1heFd3Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBABiONoM+cEjk/6lEFjpYwKXxhJolwKID
ZtOff4XEl+ZzIx8hHxZpb7XItII/zqo1IdTawvDPkjPwuLS1ZIQv/W9UnC7YRDJm
OuIyhB9GecOEIZU1RElqYhBI6kUZgqnnRBf+9X1DEEVjy9+Y1bQVi29UClfBd4/U
UKqrzpd5Keei9+eT7R4DJlAeQ2BTTjI3xdLhJ3HMWlkiUqBNFLKle5M47D/jSJ8J
j+PET7ffW6CU/1/puXz2S2dBFdlzVXQzDrFcnjenIK+rMmixW4e6rc+EMQviON/u
WygUov7YOljBscx8LKLzClDO+0ZuBBGLTYdap4uGHl6ieWK04dAAPok=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:11 2024 by rpki-client on console-fra.rpki-client.org