Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Bfniloeozw_I2irRimFaF7eaDK8.roa
File: Bfniloeozw_I2irRimFaF7eaDK8.roa (raw, json)
Hash identifier: A1+vxVSSFADkHngvrluoXd0zCCnSduJYy7BVUJnpqcg=
Subject key identifier: 05:F9:E2:96:87:A8:CF:0F:C8:DA:2A:D1:8A:61:5A:17:B7:9A:0C:AF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4333
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Bfniloeozw_I2irRimFaF7eaDK8.roa
Signing time: Thu 18 Apr 2024 04:22:58 +0000
ROA not before: Thu 18 Apr 2024 04:22:58 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17203 (0x4333)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 18 04:22:58 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=05F9E29687A8CF0FC8DA2AD18A615A17B79A0CAF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:08:4e:a3:15:9b:ee:cb:13:a6:a6:75:6c:34:
e3:2b:14:99:ab:2e:ae:5d:40:b6:1b:9d:6b:bf:85:
36:36:1e:8e:b9:6f:90:f3:20:70:ec:ef:0b:5d:23:
4d:5b:5b:8d:82:bb:f5:51:7e:d7:3c:d1:73:a9:2d:
a1:5a:91:b5:e2:1f:42:5b:8c:bc:9e:1d:8b:27:37:
2f:b6:65:63:e3:1b:80:a2:ad:52:2f:19:ce:56:94:
69:31:39:62:b2:22:b5:a3:a3:8e:e6:8a:6c:ec:70:
53:5e:a1:cc:d4:c0:4e:77:7d:b9:f5:6b:ac:ca:e9:
08:64:05:b0:aa:80:92:75:e7:17:8a:d8:ae:85:9d:
19:c0:c4:b9:2a:05:c5:c5:af:5d:e5:b2:d5:f7:c1:
d8:1d:d7:d9:f3:9b:a8:04:53:0e:04:04:72:10:70:
24:34:55:5f:5e:3c:31:37:a0:83:a5:e9:ce:46:71:
e2:6e:5b:cd:0c:57:27:10:a8:41:0e:06:7b:0a:6b:
12:27:ec:4c:e4:40:fe:77:f1:0c:03:0c:57:51:c7:
28:be:15:7d:27:df:a1:47:91:ab:aa:1c:f3:19:c8:
dc:48:73:8a:98:8f:f2:b0:c2:57:2b:da:46:f2:54:
4c:8c:3f:29:06:48:25:a0:ef:20:70:62:95:61:8b:
1d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:F9:E2:96:87:A8:CF:0F:C8:DA:2A:D1:8A:61:5A:17:B7:9A:0C:AF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Bfniloeozw_I2irRimFaF7eaDK8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
3f:3f:f4:04:bd:ab:bd:f1:9e:c1:4a:8f:6b:ee:f5:4a:02:a1:
11:cb:a7:90:6f:e9:27:b2:98:48:1f:22:10:de:10:11:7b:ea:
81:8c:72:c6:96:e0:ca:88:ba:a6:a0:73:7b:32:a7:8e:ab:d4:
ef:d9:a7:08:c7:69:3c:8e:d3:cd:d8:7f:b8:71:05:93:e7:43:
27:63:2c:bf:b3:ee:14:0e:d9:e2:b8:d6:5e:e7:ed:c4:05:ae:
c6:b4:a8:6b:13:b3:89:af:7f:cd:72:56:3a:18:6e:a7:5c:8b:
ab:10:b0:8f:97:ed:ee:9a:be:63:30:ba:83:ca:a3:39:b1:f8:
a7:2a:53:68:ab:21:83:6d:2e:67:5f:f1:74:bb:a4:41:7a:b9:
9a:60:ca:51:05:66:17:58:1b:73:9c:18:07:48:d2:75:70:a2:
8d:f7:55:53:c2:a2:af:f4:3e:b0:5a:32:38:b4:e6:fb:27:32:
ca:14:14:29:2e:22:5c:b0:24:5a:67:68:64:ae:ba:8f:e4:78:
b4:dc:6c:80:8b:92:5e:57:81:df:0d:07:94:89:14:52:ba:0c:
a7:50:15:3c:33:34:30:36:e0:77:30:76:27:19:ec:ce:fd:fa:
f5:f2:8d:66:a5:e9:46:ba:ef:c0:0c:5f:21:60:98:bd:46:84:
ce:8d:1d:a2
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQzMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTgw
NDIyNThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA1RjlFMjk2ODdBOENG
MEZDOERBMkFEMThBNjE1QTE3Qjc5QTBDQUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnCE6jFZvuyxOmpnVsNOMrFJmrLq5dQLYbnWu/hTY2Ho65b5Dz
IHDs7wtdI01bW42Cu/VRftc80XOpLaFakbXiH0JbjLyeHYsnNy+2ZWPjG4CirVIv
Gc5WlGkxOWKyIrWjo47mimzscFNeoczUwE53fbn1a6zK6QhkBbCqgJJ15xeK2K6F
nRnAxLkqBcXFr13lstX3wdgd19nzm6gEUw4EBHIQcCQ0VV9ePDE3oIOl6c5GceJu
W80MVycQqEEOBnsKaxIn7EzkQP538QwDDFdRxyi+FX0n36FHkauqHPMZyNxIc4qY
j/Kwwlcr2kbyVEyMPykGSCWg7yBwYpVhix0XAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUBfniloeozw/I2irRimFaF7eaDK8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0Jmbmlsb2VvendfSTJp
clJpbUZhRjdlYURLOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAD8/9AS9q73xnsFKj2vu9UoCoRHLp5Bv
6SeymEgfIhDeEBF76oGMcsaW4MqIuqagc3syp46r1O/ZpwjHaTyO083Yf7hxBZPn
QydjLL+z7hQO2eK41l7n7cQFrsa0qGsTs4mvf81yVjoYbqdci6sQsI+X7e6avmMw
uoPKozmx+KcqU2irIYNtLmdf8XS7pEF6uZpgylEFZhdYG3OcGAdI0nVwoo33VVPC
oq/0PrBaMji05vsnMsoUFCkuIlywJFpnaGSuuo/keLTcbICLkl5Xgd8NB5SJFFK6
DKdQFTwzNDA24HcwdicZ7M79+vXyjWal6Ua678AMXyFgmL1GhM6NHaI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:12 2024 by rpki-client on console-fra.rpki-client.org