Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/EkSS_dmiXDvkspGESBqGtQrswRc.roa
File: EkSS_dmiXDvkspGESBqGtQrswRc.roa (raw, json)
Hash identifier: bHpH45QSCAr9gnwl5I69VsjjtC/hB4o53gqcUSPMU6w=
Subject key identifier: 12:44:92:FD:D9:A2:5C:3B:E4:B2:91:84:48:1A:86:B5:0A:EC:C1:17
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3FA3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/EkSS_dmiXDvkspGESBqGtQrswRc.roa
Signing time: Sat 13 Apr 2024 10:22:55 +0000
ROA not before: Sat 13 Apr 2024 10:22:55 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16291 (0x3fa3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 13 10:22:55 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=124492FDD9A25C3BE4B29184481A86B50AECC117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:04:37:0e:f7:46:6c:0f:3e:83:4f:59:b2:21:
de:30:40:90:f5:a6:d8:dc:b7:96:8e:69:0e:62:d8:
14:01:fa:53:54:e2:96:9b:40:01:42:c8:af:23:10:
ee:64:d0:07:78:81:71:64:34:b6:d5:43:91:c7:3b:
d0:d5:98:31:47:d0:bb:a1:c6:6a:e8:db:f6:2f:2c:
6c:27:ea:17:0b:62:26:8d:5f:dd:86:e8:df:01:d6:
72:83:46:22:af:16:1a:b9:b6:84:10:ad:ee:d6:58:
54:79:f0:68:f3:9c:c9:db:9d:41:71:77:d2:af:25:
a7:60:ae:f7:88:be:7a:f0:2a:a9:fd:eb:1a:02:5f:
8e:b0:f2:10:51:ea:31:80:29:e6:02:f3:ed:27:7f:
1c:e5:87:a8:1c:5a:fa:39:52:0a:52:08:90:5b:c8:
1d:46:02:70:e2:b8:6f:4b:c1:6b:a3:59:a0:15:4e:
47:e5:f8:6f:08:c5:de:d0:5b:b8:4c:c8:23:53:b9:
61:09:56:17:32:8a:cb:39:d4:8c:37:2c:36:72:67:
fd:38:51:c9:5f:3e:68:fd:1b:38:9d:50:53:c4:77:
58:67:a2:c6:00:3c:4c:cd:9d:67:90:04:b0:19:a1:
49:27:b8:23:da:84:91:b2:34:77:72:ae:2d:04:c0:
64:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:44:92:FD:D9:A2:5C:3B:E4:B2:91:84:48:1A:86:B5:0A:EC:C1:17
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/EkSS_dmiXDvkspGESBqGtQrswRc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
71:27:fa:83:de:93:f9:78:8b:96:f1:c4:23:1c:30:81:11:2c:
1e:75:7b:95:9e:9e:d4:59:e9:4a:cd:d1:d2:ba:8e:03:2f:8e:
a4:52:df:f9:0f:e6:00:b7:d1:4d:0e:0a:0b:35:1e:bf:bf:86:
e8:53:b4:4a:23:2d:4e:b0:18:b9:02:06:07:85:76:b4:2b:4c:
e0:ba:09:9c:0a:89:4d:1f:da:e3:95:cc:57:dc:7f:9a:e6:b8:
47:dd:4a:9f:52:99:b5:1b:82:49:a0:09:d5:1b:cf:ed:ea:36:
48:07:db:09:88:87:89:42:8a:66:20:4b:54:41:33:f1:64:65:
a1:95:96:14:81:05:d2:fd:32:22:ea:ad:b8:bc:3d:39:3f:93:
84:07:00:32:d0:af:d0:89:b8:2a:4e:e5:ef:21:dc:fc:e1:52:
9c:a3:a4:04:ce:d5:bf:08:3f:fb:cd:69:27:e3:e0:59:ed:46:
9c:36:62:69:d8:a8:63:6e:54:f7:71:18:59:8d:33:a7:f1:a0:
fe:28:4f:28:41:d8:04:a9:41:f1:10:91:b3:24:d2:0c:69:db:
53:4b:f3:df:74:e7:33:72:f5:cb:ff:b1:1b:7e:fd:78:e9:1c:
3b:30:49:67:5d:cc:8b:d5:1f:62:c4:8a:f5:72:fe:40:09:54:
ba:27:24:44
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICP6MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTMx
MDIyNTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDEyNDQ5MkZERDlBMjVD
M0JFNEIyOTE4NDQ4MUE4NkI1MEFFQ0MxMTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfBDcO90ZsDz6DT1myId4wQJD1ptjct5aOaQ5i2BQB+lNU4pab
QAFCyK8jEO5k0Ad4gXFkNLbVQ5HHO9DVmDFH0Luhxmro2/YvLGwn6hcLYiaNX92G
6N8B1nKDRiKvFhq5toQQre7WWFR58GjznMnbnUFxd9KvJadgrveIvnrwKqn96xoC
X46w8hBR6jGAKeYC8+0nfxzlh6gcWvo5UgpSCJBbyB1GAnDiuG9LwWujWaAVTkfl
+G8Ixd7QW7hMyCNTuWEJVhcyiss51Iw3LDZyZ/04UclfPmj9GzidUFPEd1hnosYA
PEzNnWeQBLAZoUknuCPahJGyNHdyri0EwGRvAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUEkSS/dmiXDvkspGESBqGtQrswRcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0VrU1NfZG1pWER2a3Nw
R0VTQnFHdFFyc3dSYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAHEn+oPek/l4i5bxxCMcMIERLB51e5We
ntRZ6UrN0dK6jgMvjqRS3/kP5gC30U0OCgs1Hr+/huhTtEojLU6wGLkCBgeFdrQr
TOC6CZwKiU0f2uOVzFfcf5rmuEfdSp9SmbUbgkmgCdUbz+3qNkgH2wmIh4lCimYg
S1RBM/FkZaGVlhSBBdL9MiLqrbi8PTk/k4QHADLQr9CJuCpO5e8h3PzhUpyjpATO
1b8IP/vNaSfj4FntRpw2YmnYqGNuVPdxGFmNM6fxoP4oTyhB2ASpQfEQkbMk0gxp
21NL89905zNy9cv/sRt+/XjpHDswSWddzIvVH2LEivVy/kAJVLonJEQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:14 2024 by rpki-client on console-fra.rpki-client.org