Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/DHiFhlDk5UC--dGD2IM3u-x3qlI.roa
File: DHiFhlDk5UC--dGD2IM3u-x3qlI.roa (raw, json)
Hash identifier: ujv60D3g7yzPELLOcpC+2aS/RUgnb9zhRmc5oqsOVDA=
Subject key identifier: 0C:78:85:86:50:E4:E5:40:BE:F9:D1:83:D8:83:37:BB:EC:77:AA:52
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 44C3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/DHiFhlDk5UC--dGD2IM3u-x3qlI.roa
Signing time: Sat 20 Apr 2024 06:23:02 +0000
ROA not before: Sat 20 Apr 2024 06:23:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17603 (0x44c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 06:23:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0C78858650E4E540BEF9D183D88337BBEC77AA52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:9c:2d:dc:b4:4d:9e:a7:63:90:62:d1:62:bb:
ea:14:73:f2:5c:4a:e6:93:7c:f5:12:a5:ed:bd:76:
20:ea:46:9c:1b:d1:a4:d9:fe:1e:b4:5e:0a:aa:f6:
ef:ae:84:c5:f8:38:5c:f5:94:8e:08:a5:f6:62:2f:
f8:09:da:3f:81:73:75:55:06:48:da:44:bb:22:8e:
da:c1:06:03:59:65:1c:04:14:19:e8:ed:fd:a2:d2:
09:84:41:bf:c4:49:4d:7a:e1:9d:40:3a:dc:8e:c8:
67:7d:01:31:ae:5c:f9:a9:b4:1f:b7:db:46:04:14:
e9:85:2a:b6:17:10:b1:3a:9f:6e:79:e4:6f:aa:ba:
87:2a:93:56:01:f9:e1:10:19:e1:26:76:d0:e1:5a:
37:66:f0:5a:8a:06:37:c2:23:3b:71:f9:30:42:05:
bf:c5:6c:97:66:b5:52:29:95:eb:03:4c:1d:00:7a:
20:22:f3:86:69:88:3b:3e:ad:2a:2c:07:bf:27:8c:
7c:8d:b9:04:db:f1:a9:c3:60:ba:39:08:29:0b:c9:
30:3f:bb:56:06:dc:f8:29:9a:e6:76:51:30:84:f5:
79:ea:d4:61:02:b7:09:53:47:ac:ae:c3:e1:2f:40:
34:87:c3:b6:c1:b5:43:3e:1b:68:80:e0:76:90:17:
87:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:78:85:86:50:E4:E5:40:BE:F9:D1:83:D8:83:37:BB:EC:77:AA:52
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/DHiFhlDk5UC--dGD2IM3u-x3qlI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
90:1c:c5:a8:2c:e4:e2:8f:b9:d5:b1:68:4e:f9:6d:f6:88:b7:
ef:3d:40:da:0d:5e:24:42:a4:56:8b:7c:e0:16:83:1e:fc:3b:
6f:10:d4:5f:c0:dc:c6:60:79:f8:76:5a:60:b9:2f:0c:25:54:
94:f1:bc:eb:19:71:43:65:4c:e4:d4:88:8d:16:74:1a:a3:f7:
84:ec:48:d3:b9:66:c0:4e:99:1c:74:c2:13:8c:85:66:47:56:
cc:d0:4f:d9:5f:79:55:55:9a:49:24:12:70:72:0e:a9:0c:2a:
81:de:ca:fc:56:4a:f2:d3:23:dd:24:71:e7:93:ef:c6:04:f8:
8d:dd:47:1e:11:fb:f2:e0:a0:0c:91:e0:da:75:6a:8b:4a:c7:
8f:3d:d6:99:bd:57:ae:27:39:e4:53:d1:c8:79:68:80:f1:00:
09:bf:a6:25:c6:18:6c:30:2e:3d:14:f9:f6:fe:79:5b:66:19:
ed:85:4c:4e:1a:2d:0c:76:c3:dd:00:d9:69:6b:76:eb:18:6a:
4f:7e:2d:d0:41:c2:f6:c9:b7:68:6e:0a:61:57:5e:17:7c:22:
af:c9:5e:50:af:5f:5f:4c:4a:d2:9e:28:a6:04:4f:23:94:7c:
00:82:a3:1e:5b:31:c8:bc:79:35:9a:cf:11:ab:54:10:2f:aa:
7e:35:93:20
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICRMMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAw
NjIzMDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBDNzg4NTg2NTBFNEU1
NDBCRUY5RDE4M0Q4ODMzN0JCRUM3N0FBNTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNnC3ctE2ep2OQYtFiu+oUc/JcSuaTfPUSpe29diDqRpwb0aTZ
/h60Xgqq9u+uhMX4OFz1lI4IpfZiL/gJ2j+Bc3VVBkjaRLsijtrBBgNZZRwEFBno
7f2i0gmEQb/ESU164Z1AOtyOyGd9ATGuXPmptB+320YEFOmFKrYXELE6n2555G+q
uocqk1YB+eEQGeEmdtDhWjdm8FqKBjfCIztx+TBCBb/FbJdmtVIplesDTB0AeiAi
84ZpiDs+rSosB78njHyNuQTb8anDYLo5CCkLyTA/u1YG3PgpmuZ2UTCE9Xnq1GEC
twlTR6yuw+EvQDSHw7bBtUM+G2iA4HaQF4dJAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUDHiFhlDk5UC++dGD2IM3u+x3qlIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0RIaUZobERrNVVDLS1k
R0QySU0zdS14M3FsSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAJAcxags5OKPudWxaE75bfaIt+89QNoN
XiRCpFaLfOAWgx78O28Q1F/A3MZgefh2WmC5LwwlVJTxvOsZcUNlTOTUiI0WdBqj
94TsSNO5ZsBOmRx0whOMhWZHVszQT9lfeVVVmkkkEnByDqkMKoHeyvxWSvLTI90k
ceeT78YE+I3dRx4R+/LgoAyR4Np1aotKx4891pm9V64nOeRT0ch5aIDxAAm/piXG
GGwwLj0U+fb+eVtmGe2FTE4aLQx2w90A2WlrdusYak9+LdBBwvbJt2huCmFXXhd8
Iq/JXlCvX19MStKeKKYETyOUfACCox5bMci8eTWazxGrVBAvqn41kyA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:13 2024 by rpki-client on console-fra.rpki-client.org