Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/F4onNiG3Ydh-eAGJTtQj0IZ9fQM.roa
File: F4onNiG3Ydh-eAGJTtQj0IZ9fQM.roa (raw, json)
Hash identifier: UR0SwlXw8rbgVb3EOgjeilHf/VcmA0ROUleCFZ/PqKQ=
Subject key identifier: 17:8A:27:36:21:B7:61:D8:7E:78:01:89:4E:D4:23:D0:86:7D:7D:03
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 39E7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/F4onNiG3Ydh-eAGJTtQj0IZ9fQM.roa
Signing time: Fri 05 Apr 2024 18:52:54 +0000
ROA not before: Fri 05 Apr 2024 18:52:54 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14823 (0x39e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 5 18:52:54 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=178A273621B761D87E7801894ED423D0867D7D03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:3b:f2:19:5c:91:f0:13:c3:5f:35:3d:ba:3b:
9a:d2:03:76:65:9c:c9:6f:3f:be:fe:c8:1b:60:16:
cd:dd:f4:9b:eb:11:a2:3b:f6:a3:c8:a1:f8:e1:a0:
06:07:8c:c8:dc:a8:f5:82:1a:36:76:8d:70:a2:4e:
40:5a:82:d8:26:23:85:2e:56:73:8c:0c:22:62:b4:
29:2b:57:36:84:8f:76:97:b4:4b:10:61:29:57:6b:
f4:60:18:18:96:43:2e:8c:20:f5:af:12:bf:01:9e:
77:24:28:8b:e2:44:db:d5:d2:dc:8d:be:99:ce:41:
2f:b1:ec:63:9e:68:38:6f:b3:45:df:e0:a3:3c:2d:
23:78:9d:e0:61:2c:f6:29:e8:79:9d:e5:f2:b2:64:
a2:7a:53:1e:36:9e:52:31:77:f4:38:9d:70:54:18:
0c:c0:e3:41:42:97:a3:3c:df:27:14:74:65:34:5a:
5a:7b:22:32:2a:91:5d:e0:c8:21:2b:dc:4a:60:80:
6f:cd:e1:e1:e6:04:32:0b:20:7e:37:25:d9:cf:39:
76:26:80:1f:13:3a:8a:20:45:ac:8b:9b:45:61:f4:
97:54:75:db:cc:15:17:07:ba:d9:58:91:60:0c:0b:
56:00:e1:ee:8f:8e:c6:68:aa:3e:ff:6c:25:3a:a5:
5a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:8A:27:36:21:B7:61:D8:7E:78:01:89:4E:D4:23:D0:86:7D:7D:03
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/F4onNiG3Ydh-eAGJTtQj0IZ9fQM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
90:df:74:8f:e7:8a:72:11:a5:83:7f:35:51:52:50:b9:eb:03:
02:a4:58:dd:e4:d2:42:29:d7:63:d6:cd:05:93:61:0f:ba:01:
f7:a6:cc:40:66:95:08:50:0a:33:14:60:f0:b4:50:c9:42:6b:
58:75:e1:bf:52:c3:e3:f0:aa:ca:aa:70:2c:bf:46:00:a3:5d:
5d:a7:f1:b2:c0:0c:cf:6f:cf:45:d8:27:09:45:f7:72:09:3c:
c1:5f:9d:0f:fd:5d:37:f8:ad:6b:69:95:3d:00:46:8c:8b:61:
27:cd:74:6b:e0:a0:3e:e6:42:db:ad:76:18:ce:8b:c8:4d:42:
57:8a:6f:86:e9:75:d9:0a:e7:64:eb:22:95:aa:e5:94:f9:cf:
ab:8a:f5:d1:cf:14:76:35:46:a1:05:5d:ba:c2:b7:10:ed:85:
c1:bc:b9:f4:94:16:dc:6b:5a:1d:13:f7:0a:f1:5d:57:9f:8e:
13:ac:08:57:95:35:84:c8:d6:af:2e:7f:dd:00:01:83:82:32:
1e:df:12:9c:e9:8d:99:80:4c:ac:ff:04:61:2d:61:fc:37:df:
08:ab:1e:d9:75:b2:1b:f6:3d:21:3c:91:65:a1:b0:7d:b4:85:
c6:77:bc:9a:70:4e:35:60:3f:4e:60:c0:e9:95:63:20:0f:23:
b8:a0:e8:4e
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICOecwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDUx
ODUyNTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE3OEEyNzM2MjFCNzYx
RDg3RTc4MDE4OTRFRDQyM0QwODY3RDdEMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnO/IZXJHwE8NfNT26O5rSA3ZlnMlvP77+yBtgFs3d9JvrEaI7
9qPIofjhoAYHjMjcqPWCGjZ2jXCiTkBagtgmI4UuVnOMDCJitCkrVzaEj3aXtEsQ
YSlXa/RgGBiWQy6MIPWvEr8BnnckKIviRNvV0tyNvpnOQS+x7GOeaDhvs0Xf4KM8
LSN4neBhLPYp6Hmd5fKyZKJ6Ux42nlIxd/Q4nXBUGAzA40FCl6M83ycUdGU0Wlp7
IjIqkV3gyCEr3EpggG/N4eHmBDILIH43JdnPOXYmgB8TOoogRayLm0Vh9JdUddvM
FRcHutlYkWAMC1YA4e6PjsZoqj7/bCU6pVoNAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUF4onNiG3Ydh+eAGJTtQj0IZ9fQMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0Y0b25OaUczWWRoLWVB
R0pUdFFqMElaOWZRTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAJDfdI/ninIRpYN/NVFSULnrAwKkWN3k
0kIp12PWzQWTYQ+6AfemzEBmlQhQCjMUYPC0UMlCa1h14b9Sw+PwqsqqcCy/RgCj
XV2n8bLADM9vz0XYJwlF93IJPMFfnQ/9XTf4rWtplT0ARoyLYSfNdGvgoD7mQtut
dhjOi8hNQleKb4bpddkK52TrIpWq5ZT5z6uK9dHPFHY1RqEFXbrCtxDthcG8ufSU
FtxrWh0T9wrxXVefjhOsCFeVNYTI1q8uf90AAYOCMh7fEpzpjZmATKz/BGEtYfw3
3wirHtl1shv2PSE8kWWhsH20hcZ3vJpwTjVgP05gwOmVYyAPI7ig6E4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:14 2024 by rpki-client on console-fra.rpki-client.org