Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/BSRKoMlvpPeVrkGVP_cGzJZyVzE.roa
File: BSRKoMlvpPeVrkGVP_cGzJZyVzE.roa (raw, json)
Hash identifier: qFb05rExV3/FLj+2MCfxuZusFE5cS1/Uy8YykPwLU3I=
Subject key identifier: 05:24:4A:A0:C9:6F:A4:F7:95:AE:41:95:3F:F7:06:CC:96:72:57:31
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 343F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/BSRKoMlvpPeVrkGVP_cGzJZyVzE.roa
Signing time: Fri 29 Mar 2024 05:52:05 +0000
ROA not before: Fri 29 Mar 2024 05:52:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13375 (0x343f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 05:52:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=05244AA0C96FA4F795AE41953FF706CC96725731
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a3:f5:b8:55:27:4f:8a:4a:7a:ad:25:d0:5e:
6b:3f:2e:34:fb:50:8c:0d:13:b6:04:9d:8d:5f:bf:
83:7f:f4:43:34:8f:d7:33:f8:81:a6:9c:07:9f:65:
7d:93:02:2c:0e:f2:01:31:01:a3:5f:8c:90:da:15:
50:f2:3c:1d:3c:74:b1:6a:43:b2:cd:73:b5:56:e6:
d7:ef:2b:c5:ea:a8:52:3a:c3:ee:cc:a8:2c:86:9d:
b2:24:ce:41:a8:bc:b0:2b:26:1f:2e:20:eb:d6:a1:
26:32:af:38:94:28:d0:b3:06:13:44:db:5f:f7:98:
62:b2:a0:cf:5e:fc:45:87:f0:7a:83:be:5f:c9:47:
59:60:84:54:b5:10:94:21:f3:c4:6f:e1:f4:19:a8:
0e:7e:a1:90:d2:c2:9f:eb:ef:47:71:e5:76:02:a9:
fa:a0:56:eb:9a:c6:f9:81:ef:22:4f:3c:45:dd:88:
c5:82:60:3f:14:ed:df:3e:14:2e:71:ac:2a:10:a2:
08:b2:e7:16:22:e4:6d:e1:e8:80:56:f1:38:1d:49:
bc:38:02:90:7c:12:0a:29:43:5f:35:c2:30:d3:aa:
7f:bc:46:f4:55:2d:d0:9d:5a:cb:55:0f:a0:18:33:
da:46:95:0a:57:f1:a7:49:73:6e:01:5e:79:34:d1:
75:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:24:4A:A0:C9:6F:A4:F7:95:AE:41:95:3F:F7:06:CC:96:72:57:31
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/BSRKoMlvpPeVrkGVP_cGzJZyVzE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
a0:e8:06:94:cd:59:3f:36:40:10:d9:3e:39:ee:0c:64:5a:5f:
17:d4:09:67:74:d3:41:06:4f:9d:88:94:c4:15:df:0c:84:84:
69:a4:ec:ad:be:31:ea:bd:87:8c:af:ac:c0:65:47:c1:45:2d:
a6:b7:ad:86:d4:ec:56:2b:55:4b:b6:1a:5a:44:6b:09:11:52:
25:c3:e7:48:c2:84:65:a7:bf:db:ba:00:05:81:5b:6f:08:07:
75:41:95:b6:63:92:f3:ca:6c:fe:c4:c6:50:8f:1f:88:64:6d:
59:e0:3c:0d:a9:9a:a4:93:08:a7:d3:d9:2f:bb:d3:5f:0e:c3:
19:9b:0a:e2:73:c9:d4:e1:ba:02:5e:68:98:3e:c6:78:29:a8:
38:7d:be:74:68:7e:03:66:d2:f4:e0:ce:bf:c9:1d:e4:56:41:
d6:fe:5e:d3:aa:1a:f5:a2:96:86:05:ce:8f:07:2e:84:2a:62:
fd:08:84:be:a1:57:ed:49:6f:83:08:50:82:75:21:d3:03:c4:
d7:1b:a3:b5:c5:09:c9:ec:f7:b1:48:b1:ea:ed:06:93:67:27:
a2:d7:d5:47:f1:07:4b:d4:53:e2:a7:25:22:4d:9c:0e:53:c2:
cb:22:5f:87:3b:50:d5:6e:24:31:16:02:29:29:cb:7b:49:9f:
6e:40:db:8e
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICND8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjkw
NTUyMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA1MjQ0QUEwQzk2RkE0
Rjc5NUFFNDE5NTNGRjcwNkNDOTY3MjU3MzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCo/W4VSdPikp6rSXQXms/LjT7UIwNE7YEnY1fv4N/9EM0j9cz
+IGmnAefZX2TAiwO8gExAaNfjJDaFVDyPB08dLFqQ7LNc7VW5tfvK8XqqFI6w+7M
qCyGnbIkzkGovLArJh8uIOvWoSYyrziUKNCzBhNE21/3mGKyoM9e/EWH8HqDvl/J
R1lghFS1EJQh88Rv4fQZqA5+oZDSwp/r70dx5XYCqfqgVuuaxvmB7yJPPEXdiMWC
YD8U7d8+FC5xrCoQogiy5xYi5G3h6IBW8TgdSbw4ApB8EgopQ181wjDTqn+8RvRV
LdCdWstVD6AYM9pGlQpX8adJc24BXnk00XXBAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUBSRKoMlvpPeVrkGVP/cGzJZyVzEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0JTUktvTWx2cFBlVnJr
R1ZQX2NHekpaeVZ6RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAKDoBpTNWT82QBDZPjnuDGRaXxfUCWd0
00EGT52IlMQV3wyEhGmk7K2+Meq9h4yvrMBlR8FFLaa3rYbU7FYrVUu2GlpEawkR
UiXD50jChGWnv9u6AAWBW28IB3VBlbZjkvPKbP7ExlCPH4hkbVngPA2pmqSTCKfT
2S+7018OwxmbCuJzydThugJeaJg+xngpqDh9vnRofgNm0vTgzr/JHeRWQdb+XtOq
GvWiloYFzo8HLoQqYv0IhL6hV+1Jb4MIUIJ1IdMDxNcbo7XFCcns97FIsertBpNn
J6LX1UfxB0vUU+KnJSJNnA5TwssiX4c7UNVuJDEWAikpy3tJn25A244=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:12 2024 by rpki-client on console-fra.rpki-client.org