Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/BN9oaUKQubaCfpAgleu2maH6dks.roa
File: BN9oaUKQubaCfpAgleu2maH6dks.roa (raw, json)
Hash identifier: Fio87tvEqqUaTFeWm+SmoFuIsNiGyUcdonbg/od3To8=
Subject key identifier: 04:DF:68:69:42:90:B9:B6:82:7E:90:20:95:EB:B6:99:A1:FA:76:4B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 52E7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/BN9oaUKQubaCfpAgleu2maH6dks.roa
Signing time: Thu 09 May 2024 02:53:57 +0000
ROA not before: Thu 09 May 2024 02:53:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21223 (0x52e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 9 02:53:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=04DF68694290B9B6827E902095EBB699A1FA764B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:1f:d1:86:25:1e:18:ef:12:9d:32:37:1e:45:
b9:7b:37:70:46:75:63:85:50:ce:82:2f:ef:40:b3:
e4:2e:a1:3b:93:bc:2f:ff:df:90:bb:8c:d2:22:cb:
85:e3:12:b3:22:a3:77:13:50:b4:86:28:34:a7:fa:
e7:4a:fc:6c:8c:e4:c4:c7:e1:dc:da:7a:c8:8e:e4:
97:e2:49:5c:ed:a4:b8:47:13:4a:7b:e5:cc:21:7e:
8f:71:5a:ff:99:bc:a2:c9:82:5e:a1:44:6b:a8:3a:
be:32:71:44:b0:92:94:21:bc:24:0e:e9:c3:8c:bc:
54:71:e6:65:5c:38:e1:92:32:b5:bb:8e:d5:ca:c7:
42:bb:f0:92:48:7d:de:4d:62:1b:98:e4:a8:b9:24:
8b:9c:de:df:f6:91:42:8b:8c:d3:2a:48:28:3f:9b:
09:44:77:76:2d:28:b6:26:b4:40:3e:2d:fa:47:ba:
16:a6:42:24:67:4d:b6:15:7f:b0:d6:40:f9:a3:04:
f8:fb:fe:8a:da:9b:89:8d:bb:2e:2b:03:7a:65:63:
46:31:3f:24:62:17:13:12:ac:d4:8e:1b:ab:54:ee:
25:d9:9c:a3:08:13:3d:d6:4b:93:cf:34:78:76:10:
9c:ed:80:12:ff:88:0d:35:a8:88:f7:54:b9:df:cb:
30:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:DF:68:69:42:90:B9:B6:82:7E:90:20:95:EB:B6:99:A1:FA:76:4B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/BN9oaUKQubaCfpAgleu2maH6dks.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
52:9d:a0:7d:da:f1:e6:4c:fe:a3:85:01:a2:50:fb:24:ce:a5:
65:51:31:37:10:90:aa:f7:b0:31:5d:3f:ec:91:c3:7e:88:1d:
92:ee:c7:01:c7:07:5f:2f:f0:cf:d4:10:14:79:d9:8f:80:48:
55:00:3f:88:4d:0d:f6:69:9a:d2:28:7d:b1:9f:83:f3:f1:1f:
5d:1d:9b:ab:9a:10:07:6a:1d:20:a4:9e:b8:0e:80:f7:04:39:
9d:2f:92:ea:eb:5d:c8:91:69:b3:b6:ab:2b:6d:45:08:3d:24:
4c:bb:96:77:6e:cb:1c:c7:20:0f:72:79:50:25:09:e9:e8:00:
b2:3f:60:49:de:a2:64:8f:52:5e:58:43:9b:cd:ee:0a:9f:43:
dc:75:59:7f:ea:da:49:91:a7:47:3c:73:cc:e5:6a:3b:79:b5:
17:12:f7:22:09:cc:fe:45:c0:ab:7a:98:3d:93:7b:fc:a7:93:
d5:f5:10:66:42:a7:f2:d8:41:17:e9:ee:0d:41:f2:85:bc:5d:
e2:ae:24:e5:9a:d4:72:a3:db:1a:8f:58:d6:e8:17:40:7e:cd:
38:45:96:18:ca:ff:e2:19:13:58:40:b3:ed:1b:07:f2:2f:24:
5e:62:52:55:f4:99:05:3f:3f:34:b6:a4:f1:ff:dc:7c:78:d9:
42:6a:a3:d2
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICUucwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDkw
MjUzNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA0REY2ODY5NDI5MEI5
QjY4MjdFOTAyMDk1RUJCNjk5QTFGQTc2NEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOH9GGJR4Y7xKdMjceRbl7N3BGdWOFUM6CL+9As+QuoTuTvC//
35C7jNIiy4XjErMio3cTULSGKDSn+udK/GyM5MTH4dzaesiO5JfiSVztpLhHE0p7
5cwhfo9xWv+ZvKLJgl6hRGuoOr4ycUSwkpQhvCQO6cOMvFRx5mVcOOGSMrW7jtXK
x0K78JJIfd5NYhuY5Ki5JIuc3t/2kUKLjNMqSCg/mwlEd3YtKLYmtEA+LfpHuham
QiRnTbYVf7DWQPmjBPj7/oram4mNuy4rA3plY0YxPyRiFxMSrNSOG6tU7iXZnKMI
Ez3WS5PPNHh2EJztgBL/iA01qIj3VLnfyzD/AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUBN9oaUKQubaCfpAgleu2maH6dkswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0JOOW9hVUtRdWJhQ2Zw
QWdsZXUybWFINmRrcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFKdoH3a8eZM/qOFAaJQ+yTOpWVRMTcQ
kKr3sDFdP+yRw36IHZLuxwHHB18v8M/UEBR52Y+ASFUAP4hNDfZpmtIofbGfg/Px
H10dm6uaEAdqHSCknrgOgPcEOZ0vkurrXciRabO2qyttRQg9JEy7lnduyxzHIA9y
eVAlCenoALI/YEneomSPUl5YQ5vN7gqfQ9x1WX/q2kmRp0c8c8zlajt5tRcS9yIJ
zP5FwKt6mD2Te/ynk9X1EGZCp/LYQRfp7g1B8oW8XeKuJOWa1HKj2xqPWNboF0B+
zThFlhjK/+IZE1hAs+0bB/IvJF5iUlX0mQU/PzS2pPH/3Hx42UJqo9I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:22 2024 by rpki-client on console-ams.rpki-client.org