Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/CHs38BLDd8Ck1yvNzY18uMYauXo.roa
File: CHs38BLDd8Ck1yvNzY18uMYauXo.roa (raw, json)
Hash identifier: xKeF00rGWPMwb8QSmmTuIdNxqWM4qoT3LlGtdT8yK6Q=
Subject key identifier: 08:7B:37:F0:12:C3:77:C0:A4:D7:2B:CD:CD:8D:7C:B8:C6:1A:B9:7A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4513
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/CHs38BLDd8Ck1yvNzY18uMYauXo.roa
Signing time: Sat 20 Apr 2024 16:23:05 +0000
ROA not before: Sat 20 Apr 2024 16:23:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17683 (0x4513)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 16:23:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=087B37F012C377C0A4D72BCDCD8D7CB8C61AB97A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d0:13:f9:5f:20:15:60:fb:51:b7:3e:b0:0d:
54:bd:43:55:17:11:d7:c9:a5:46:01:25:24:a8:c9:
23:27:57:d6:a2:2b:61:fa:9b:41:63:39:b0:dd:c1:
bd:7c:dd:b1:00:76:21:10:15:39:5f:28:91:66:c4:
a8:9e:98:66:72:02:30:29:7c:f8:f9:4f:e1:59:de:
cc:e1:64:97:39:4b:20:5c:f2:13:27:a4:b4:6b:40:
e1:88:de:66:dd:4c:e6:2a:13:c1:ed:33:65:f0:37:
ce:f5:b5:e0:54:74:2c:31:bf:44:2c:61:8d:df:5d:
cf:79:4f:79:55:90:e4:06:da:a1:e7:07:75:f1:50:
ac:3b:54:1d:cb:fd:37:26:18:00:ec:c3:88:26:58:
7f:08:66:75:cc:81:7d:30:d9:fe:ad:5e:dd:f9:4c:
95:ac:76:48:16:be:aa:81:01:33:70:d5:83:bf:0a:
b2:e5:c5:7d:87:6f:cf:7d:61:af:7e:ba:3a:79:6e:
96:fb:1e:ee:3d:b2:5a:89:d0:32:7f:fc:35:2a:cf:
81:b6:8f:23:6d:0e:37:5b:ec:3d:e1:49:10:45:55:
52:64:d9:7e:ed:db:42:01:68:37:ed:cc:dc:31:68:
1e:3c:c7:02:99:47:81:02:9c:01:0d:87:ee:37:2d:
8e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:7B:37:F0:12:C3:77:C0:A4:D7:2B:CD:CD:8D:7C:B8:C6:1A:B9:7A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/CHs38BLDd8Ck1yvNzY18uMYauXo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
18:79:7b:72:68:d6:d9:4f:46:3a:40:02:a9:fe:33:02:b1:a9:
7e:79:37:15:52:cc:c2:db:e4:d7:4d:a1:09:8e:d4:57:8b:4a:
d7:9d:d9:d6:7a:a1:88:94:ff:60:bc:c2:6e:77:cb:40:f6:80:
20:3e:b5:97:ca:d5:ac:22:9c:68:5d:7a:1e:2b:22:bb:fb:e2:
73:e7:71:27:d4:53:a6:ad:11:7d:6a:7a:44:bb:68:e4:86:ca:
76:91:65:42:67:c0:79:dd:b3:74:66:b3:f2:f1:69:68:51:54:
56:2c:5a:7d:0d:e7:e0:46:af:ad:f5:d6:05:49:0e:86:0f:1f:
ff:7e:d8:90:37:b9:bb:01:a9:cf:21:4d:3c:2d:f3:71:8f:8d:
06:bb:41:fd:36:a3:10:06:17:0b:94:21:f1:78:e3:05:af:2a:
7c:9d:2b:1f:1c:fe:08:c4:f4:0d:32:ed:82:b1:15:07:5b:3e:
06:06:ee:67:60:85:33:3f:38:75:a4:34:a3:21:fa:8c:63:ac:
ec:36:80:9c:4e:c7:b7:8f:05:d0:1c:30:da:e1:d9:de:29:bf:
04:d6:da:77:3d:3c:02:4c:f3:32:30:df:b7:51:1a:23:c0:c3:
19:7d:f5:f6:60:f5:f3:fb:fc:61:35:c4:6e:f2:bb:53:4f:7c:
e0:31:8d:f6
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICRRMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAx
NjIzMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA4N0IzN0YwMTJDMzc3
QzBBNEQ3MkJDRENEOEQ3Q0I4QzYxQUI5N0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCs0BP5XyAVYPtRtz6wDVS9Q1UXEdfJpUYBJSSoySMnV9aiK2H6
m0FjObDdwb183bEAdiEQFTlfKJFmxKiemGZyAjApfPj5T+FZ3szhZJc5SyBc8hMn
pLRrQOGI3mbdTOYqE8HtM2XwN871teBUdCwxv0QsYY3fXc95T3lVkOQG2qHnB3Xx
UKw7VB3L/TcmGADsw4gmWH8IZnXMgX0w2f6tXt35TJWsdkgWvqqBATNw1YO/CrLl
xX2Hb899Ya9+ujp5bpb7Hu49slqJ0DJ//DUqz4G2jyNtDjdb7D3hSRBFVVJk2X7t
20IBaDftzNwxaB48xwKZR4ECnAENh+43LY6RAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUCHs38BLDd8Ck1yvNzY18uMYauXowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0NIczM4QkxEZDhDazF5
dk56WTE4dU1ZYXVYby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBABh5e3Jo1tlPRjpAAqn+MwKxqX55NxVS
zMLb5NdNoQmO1FeLSted2dZ6oYiU/2C8wm53y0D2gCA+tZfK1awinGhdeh4rIrv7
4nPncSfUU6atEX1qekS7aOSGynaRZUJnwHnds3Rms/LxaWhRVFYsWn0N5+BGr631
1gVJDoYPH/9+2JA3ubsBqc8hTTwt83GPjQa7Qf02oxAGFwuUIfF44wWvKnydKx8c
/gjE9A0y7YKxFQdbPgYG7mdghTM/OHWkNKMh+oxjrOw2gJxOx7ePBdAcMNrh2d4p
vwTW2nc9PAJM8zIw37dRGiPAwxl99fZg9fP7/GE1xG7yu1NPfOAxjfY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:13 2024 by rpki-client on console-fra.rpki-client.org