Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Aqow561VzvUXAlKAi6dyzgrGIms.roa
File: Aqow561VzvUXAlKAi6dyzgrGIms.roa (raw, json)
Hash identifier: NQAsBlqQ3FsHyLtT9xCmp5wjGweg7oB31fpBq+c8tlA=
Subject key identifier: 02:AA:30:E7:AD:55:CE:F5:17:02:52:80:8B:A7:72:CE:0A:C6:22:6B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3D3B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Aqow561VzvUXAlKAi6dyzgrGIms.roa
Signing time: Wed 10 Apr 2024 05:22:41 +0000
ROA not before: Wed 10 Apr 2024 05:22:41 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15675 (0x3d3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 10 05:22:41 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=02AA30E7AD55CEF5170252808BA772CE0AC6226B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:31:94:e2:d5:18:68:76:c8:f4:18:f7:9b:59:
9c:d2:7d:54:bc:96:1e:32:68:db:a0:a6:e0:be:bd:
2b:eb:2b:ee:89:7a:8f:df:cb:6c:66:71:b4:df:76:
bd:35:1d:ce:99:a8:c9:38:cf:24:81:8c:22:77:97:
e9:da:d4:62:a7:4c:b0:b4:a3:d7:48:9a:d0:85:15:
04:3c:60:9b:84:61:d7:3e:04:48:93:e8:47:fe:01:
11:82:b6:ef:26:ce:28:56:ed:61:aa:1e:5f:98:fa:
f7:69:7c:5b:a4:96:19:cb:02:9f:55:a4:32:c4:c5:
f8:31:a6:eb:19:e7:33:2c:05:12:16:06:6e:76:27:
7d:e8:80:04:d7:88:29:68:1e:fa:46:85:17:12:89:
a2:4c:a0:45:39:03:ea:8e:2d:0c:d6:71:1b:ab:79:
b3:47:c3:af:43:67:35:84:78:d3:56:b6:9b:5e:6e:
fd:af:27:23:21:ad:3d:ac:0a:f3:fd:e8:c7:a5:b8:
bd:e5:1d:7c:fc:e9:fa:3e:51:fe:8c:8b:2b:26:e2:
78:73:a1:08:02:1c:90:15:91:61:91:d1:8e:10:90:
ed:20:3e:81:65:0f:7d:e6:09:02:7b:a1:21:1e:bf:
24:43:74:d7:b5:0f:f9:8a:45:79:ee:af:64:ec:0b:
c3:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:AA:30:E7:AD:55:CE:F5:17:02:52:80:8B:A7:72:CE:0A:C6:22:6B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Aqow561VzvUXAlKAi6dyzgrGIms.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
8e:1b:6a:b9:11:3e:72:be:06:f4:1f:6b:db:e0:94:43:b2:8d:
9b:08:36:e4:be:c9:84:8b:f7:db:23:e9:ce:36:3b:1e:ab:31:
38:36:56:38:5c:e3:19:9b:11:a3:eb:0c:5c:68:a7:ad:f7:00:
71:40:f8:35:a0:3b:b9:b9:d9:45:01:a3:5d:03:39:72:b4:05:
ce:24:99:e1:5f:a5:4b:b8:40:72:6d:ce:e7:d2:36:8f:3b:e3:
af:8c:cb:ca:8f:18:12:d8:0d:34:e4:4a:d9:9b:7b:e9:31:3a:
64:64:d8:39:8c:0a:4e:a6:81:ad:9c:4b:d6:61:c7:79:65:96:
0e:b2:c9:01:9f:08:07:47:99:07:37:d2:d5:b0:6c:d1:01:e1:
9f:e4:4a:fe:dc:86:50:32:e6:97:9a:65:67:d2:5a:c4:82:3c:
17:eb:7a:d5:57:ef:dc:be:45:a7:1c:f4:b8:ca:76:e2:52:c8:
cc:a8:03:58:6f:d2:2c:d1:37:fa:0e:8a:26:4a:45:70:83:3f:
4d:7e:0a:3d:50:a5:97:36:e4:95:c8:be:35:61:73:40:83:13:
03:df:7b:aa:16:00:f3:4c:9f:53:41:99:b5:05:bb:aa:9f:7e:
f3:15:4c:e8:80:d7:72:ac:c4:33:60:3f:f6:db:72:8c:7c:24:
38:6d:58:7d
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPTswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTAw
NTIyNDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDAyQUEzMEU3QUQ1NUNF
RjUxNzAyNTI4MDhCQTc3MkNFMEFDNjIyNkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCcMZTi1Rhodsj0GPebWZzSfVS8lh4yaNugpuC+vSvrK+6Jeo/f
y2xmcbTfdr01Hc6ZqMk4zySBjCJ3l+na1GKnTLC0o9dImtCFFQQ8YJuEYdc+BEiT
6Ef+ARGCtu8mzihW7WGqHl+Y+vdpfFuklhnLAp9VpDLExfgxpusZ5zMsBRIWBm52
J33ogATXiCloHvpGhRcSiaJMoEU5A+qOLQzWcRurebNHw69DZzWEeNNWtptebv2v
JyMhrT2sCvP96MeluL3lHXz86fo+Uf6Miysm4nhzoQgCHJAVkWGR0Y4QkO0gPoFl
D33mCQJ7oSEevyRDdNe1D/mKRXnur2TsC8PtAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUAqow561VzvUXAlKAi6dyzgrGImswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0Fxb3c1NjFWenZVWEFs
S0FpNmR5emdyR0ltcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAI4barkRPnK+BvQfa9vglEOyjZsINuS+
yYSL99sj6c42Ox6rMTg2Vjhc4xmbEaPrDFxop633AHFA+DWgO7m52UUBo10DOXK0
Bc4kmeFfpUu4QHJtzufSNo8746+My8qPGBLYDTTkStmbe+kxOmRk2DmMCk6mga2c
S9Zhx3lllg6yyQGfCAdHmQc30tWwbNEB4Z/kSv7chlAy5peaZWfSWsSCPBfretVX
79y+Racc9LjKduJSyMyoA1hv0izRN/oOiiZKRXCDP01+Cj1QpZc25JXIvjVhc0CD
EwPfe6oWAPNMn1NBmbUFu6qffvMVTOiA13KsxDNgP/bbcox8JDhtWH0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:11 2024 by rpki-client on console-fra.rpki-client.org