Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/AoHm2VS3uMGmPVQSbCtvovxltjg.roa
File: AoHm2VS3uMGmPVQSbCtvovxltjg.roa (raw, json)
Hash identifier: ZqtoMaQ3328PBaL08lRg1p6VVJZqnTTn3/rBsY1y5w8=
Subject key identifier: 02:81:E6:D9:54:B7:B8:C1:A6:3D:54:12:6C:2B:6F:A2:FC:65:B6:38
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 44FB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/AoHm2VS3uMGmPVQSbCtvovxltjg.roa
Signing time: Sat 20 Apr 2024 13:23:05 +0000
ROA not before: Sat 20 Apr 2024 13:23:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17659 (0x44fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 13:23:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0281E6D954B7B8C1A63D54126C2B6FA2FC65B638
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:4d:54:90:1f:c8:7e:2b:09:32:5d:ab:0a:be:
38:08:45:4b:c9:90:1f:c3:82:bd:66:6e:a5:35:40:
53:08:6f:2a:63:72:cf:bf:8c:c8:ca:f2:a5:d7:49:
16:f8:f5:05:d3:e2:6a:75:f1:c6:ec:81:90:5f:cf:
ee:56:7c:bd:82:66:57:b5:9f:6b:80:22:b9:77:31:
6c:70:4a:f7:70:4f:90:30:bc:95:6d:f0:3a:8e:db:
54:63:37:d1:82:7d:c8:0d:db:41:85:8a:37:f6:5e:
8a:6e:e9:45:3c:16:a0:3a:b1:f2:92:d0:1f:18:af:
e2:85:0e:af:0a:77:03:36:66:38:8e:9b:34:eb:6c:
dc:50:c7:4e:4f:91:76:f2:30:5e:ea:1e:dc:fa:69:
1b:a3:8b:c9:02:2d:eb:81:1c:7e:cb:76:9e:30:32:
fa:78:5c:f4:af:5e:03:e6:cc:c9:f7:28:47:60:42:
ff:e0:ce:e7:d5:68:32:07:73:6f:1f:05:48:68:a4:
16:58:58:65:b6:83:9f:63:12:37:a3:b0:92:24:85:
55:27:04:d5:cf:84:0e:9e:bd:02:cc:ee:33:e9:de:
63:f9:3c:0e:e9:b6:49:b2:ff:2d:b6:73:a2:1b:36:
e1:d5:31:70:a2:19:7e:08:ce:4a:02:1e:47:ca:14:
0d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:81:E6:D9:54:B7:B8:C1:A6:3D:54:12:6C:2B:6F:A2:FC:65:B6:38
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/AoHm2VS3uMGmPVQSbCtvovxltjg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
54:ff:49:60:d6:fc:e8:f0:ce:c6:98:b2:f1:4a:2d:8a:b1:fd:
6e:e8:10:79:3b:9c:76:5e:3a:e6:e2:85:8d:ed:fe:eb:da:be:
ab:85:b6:63:ca:23:cd:47:17:c0:ee:4d:7e:31:e3:c5:88:5d:
d4:5c:89:3c:b7:c1:d0:9b:fd:84:1c:4d:76:f1:18:b8:e5:d0:
55:e0:d5:01:e4:11:8f:e7:ce:11:a7:d4:07:b5:9a:e9:4a:75:
da:55:f0:13:2d:3d:6b:cd:e0:06:ff:ee:e7:c4:e4:7b:c9:41:
c0:2a:b7:61:10:e7:65:76:dc:42:b2:23:d2:c3:7e:1c:ee:00:
c2:56:70:0c:a8:e6:3a:0a:bf:3b:dd:2e:0f:2b:51:f3:2a:5b:
9b:9a:d5:92:e7:2c:f6:17:8e:a4:fa:6c:37:f8:f7:5b:9e:70:
a0:d8:57:7a:a5:a2:ed:23:4b:47:ac:28:da:a4:cf:4c:e0:6b:
50:06:69:8d:94:54:e5:7f:b8:bd:23:e0:e7:8f:95:89:41:66:
be:38:96:cb:58:a9:fa:27:5a:b2:98:25:ae:67:ae:42:2b:82:
f8:2e:c4:af:d5:00:22:56:1a:f3:57:7a:7a:b9:1a:01:54:c3:
7f:cb:c9:0f:ae:aa:60:ab:04:dc:39:e3:ad:76:1b:af:e6:b3:
35:45:22:bc
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICRPswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAx
MzIzMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDAyODFFNkQ5NTRCN0I4
QzFBNjNENTQxMjZDMkI2RkEyRkM2NUI2MzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFTVSQH8h+KwkyXasKvjgIRUvJkB/Dgr1mbqU1QFMIbypjcs+/
jMjK8qXXSRb49QXT4mp18cbsgZBfz+5WfL2CZle1n2uAIrl3MWxwSvdwT5AwvJVt
8DqO21RjN9GCfcgN20GFijf2Xopu6UU8FqA6sfKS0B8Yr+KFDq8KdwM2ZjiOmzTr
bNxQx05PkXbyMF7qHtz6aRuji8kCLeuBHH7Ldp4wMvp4XPSvXgPmzMn3KEdgQv/g
zufVaDIHc28fBUhopBZYWGW2g59jEjejsJIkhVUnBNXPhA6evQLM7jPp3mP5PA7p
tkmy/y22c6IbNuHVMXCiGX4IzkoCHkfKFA05AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUAoHm2VS3uMGmPVQSbCtvovxltjgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0FvSG0yVlMzdU1HbVBW
UVNiQ3R2b3Z4bHRqZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFT/SWDW/OjwzsaYsvFKLYqx/W7oEHk7
nHZeOubihY3t/uvavquFtmPKI81HF8DuTX4x48WIXdRciTy3wdCb/YQcTXbxGLjl
0FXg1QHkEY/nzhGn1Ae1mulKddpV8BMtPWvN4Ab/7ufE5HvJQcAqt2EQ52V23EKy
I9LDfhzuAMJWcAyo5joKvzvdLg8rUfMqW5ua1ZLnLPYXjqT6bDf491uecKDYV3ql
ou0jS0esKNqkz0zga1AGaY2UVOV/uL0j4OePlYlBZr44lstYqfonWrKYJa5nrkIr
gvguxK/VACJWGvNXenq5GgFUw3/LyQ+uqmCrBNw54612G6/mszVFIrw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:11 2024 by rpki-client on console-fra.rpki-client.org