Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/BFkA1HtvE7xSUQAQtaHHPa2Vqy0.roa
File: BFkA1HtvE7xSUQAQtaHHPa2Vqy0.roa (raw, json)
Hash identifier: H5z8okccMGJy208d2xY4pXzD62kUOpjYDTbhOo1j0G8=
Subject key identifier: 04:59:00:D4:7B:6F:13:BC:52:51:00:10:B5:A1:C7:3D:AD:95:AB:2D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4303
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/BFkA1HtvE7xSUQAQtaHHPa2Vqy0.roa
Signing time: Wed 17 Apr 2024 22:23:24 +0000
ROA not before: Wed 17 Apr 2024 22:23:24 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17155 (0x4303)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 22:23:24 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=045900D47B6F13BC52510010B5A1C73DAD95AB2D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:ab:2c:e3:3d:1b:94:73:0d:4c:b6:b7:3f:cf:
f9:e2:33:e6:38:ad:3b:41:a0:8f:ac:fe:15:ee:62:
23:45:ab:dc:c6:1b:f0:32:3a:3c:c8:f8:e6:77:e7:
45:d5:e8:55:4d:72:ee:82:66:9e:02:02:a2:27:43:
a4:3f:a3:1c:be:dd:4e:78:e7:c7:b3:b3:09:61:f0:
7a:fb:9a:ea:11:57:8d:7d:af:22:11:8c:7c:e4:fe:
f7:d8:0f:42:17:08:0a:a6:d5:6e:23:ec:82:b8:98:
84:d0:2d:d3:63:08:03:60:1a:47:25:38:a8:b0:e6:
58:83:33:8a:11:7a:cc:b7:e5:a6:34:8b:c7:c3:90:
bd:52:61:f8:01:13:8e:ac:eb:9d:65:3d:5f:58:aa:
49:16:c1:aa:18:e5:1f:45:21:30:84:03:3b:2f:e7:
4f:c4:eb:15:0f:93:9e:a0:ec:0e:1d:37:a6:cf:af:
1b:a2:4f:0c:34:72:c9:2d:8b:72:76:4c:51:90:ef:
30:76:ff:d7:86:ca:af:97:5e:4a:ef:ed:00:1a:56:
7d:cd:0e:07:ae:48:2c:ee:6c:5e:c5:63:eb:2f:47:
1d:cf:12:d5:b6:07:76:10:e3:a2:e5:6e:1e:4a:05:
e9:8c:a4:a2:5e:ad:fd:16:7c:2d:f0:4f:b3:69:4d:
21:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:59:00:D4:7B:6F:13:BC:52:51:00:10:B5:A1:C7:3D:AD:95:AB:2D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/BFkA1HtvE7xSUQAQtaHHPa2Vqy0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
16:30:a2:64:37:cd:ee:75:55:e8:56:a4:ea:c1:4d:3b:37:ca:
c0:68:cf:75:fc:4c:9d:f4:84:2e:4d:1c:8f:09:57:1d:d0:f1:
47:37:32:52:70:48:63:c6:4d:92:4b:97:38:3a:9f:5d:c0:3f:
2b:1d:32:7f:0e:98:39:fd:08:10:2a:6c:d5:ff:4d:7f:c0:60:
e4:8d:21:cd:5a:84:63:5f:ee:2e:41:6a:3e:4e:2d:ce:d2:41:
fe:5e:87:3b:17:e2:b4:b0:18:9e:62:2d:25:75:7d:c1:e4:35:
23:b0:47:ae:94:c2:4d:21:b6:db:ed:5e:01:90:a3:5e:bd:6f:
32:1b:44:92:46:9d:d0:31:fc:da:08:8b:b0:1a:59:89:ef:cb:
b8:70:76:6f:73:7c:9e:69:f1:c1:e3:0a:33:8f:a3:8c:1b:71:
1e:bf:f5:67:33:df:55:c4:76:39:65:ed:60:53:04:bd:87:2e:
d1:1d:d7:2b:c3:2b:4e:22:75:92:f9:ac:db:d3:65:ef:d6:f7:
7d:68:f8:3e:18:f0:ab:ab:5e:02:ab:9a:46:68:30:8f:f6:77:
87:30:0b:88:dd:35:cf:2e:32:e5:3d:a1:1b:5b:34:aa:c9:63:
52:e6:a8:9b:d1:d1:37:9b:aa:6a:ee:cf:49:d6:2d:f4:32:73:
e7:b0:27:1b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQwMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcy
MjIzMjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA0NTkwMEQ0N0I2RjEz
QkM1MjUxMDAxMEI1QTFDNzNEQUQ5NUFCMkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhqyzjPRuUcw1Mtrc/z/niM+Y4rTtBoI+s/hXuYiNFq9zGG/Ay
OjzI+OZ350XV6FVNcu6CZp4CAqInQ6Q/oxy+3U5458ezswlh8Hr7muoRV419ryIR
jHzk/vfYD0IXCAqm1W4j7IK4mITQLdNjCANgGkclOKiw5liDM4oResy35aY0i8fD
kL1SYfgBE46s651lPV9YqkkWwaoY5R9FITCEAzsv50/E6xUPk56g7A4dN6bPrxui
Tww0cskti3J2TFGQ7zB2/9eGyq+XXkrv7QAaVn3NDgeuSCzubF7FY+svRx3PEtW2
B3YQ46Llbh5KBemMpKJerf0WfC3wT7NpTSFZAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUBFkA1HtvE7xSUQAQtaHHPa2Vqy0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0JGa0ExSHR2RTd4U1VR
QVF0YUhIUGEyVnF5MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBABYwomQ3ze51VehWpOrBTTs3ysBoz3X8
TJ30hC5NHI8JVx3Q8Uc3MlJwSGPGTZJLlzg6n13APysdMn8OmDn9CBAqbNX/TX/A
YOSNIc1ahGNf7i5Baj5OLc7SQf5ehzsX4rSwGJ5iLSV1fcHkNSOwR66Uwk0httvt
XgGQo169bzIbRJJGndAx/NoIi7AaWYnvy7hwdm9zfJ5p8cHjCjOPo4wbcR6/9Wcz
31XEdjll7WBTBL2HLtEd1yvDK04idZL5rNvTZe/W931o+D4Y8KurXgKrmkZoMI/2
d4cwC4jdNc8uMuU9oRtbNKrJY1LmqJvR0Tebqmruz0nWLfQyc+ewJxs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:22 2024 by rpki-client on console-ams.rpki-client.org