Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/GSCJhTlYq1xknhA-cMDqMOrP7iw.roa
File: GSCJhTlYq1xknhA-cMDqMOrP7iw.roa (raw, json)
Hash identifier: RF1SEysdVZKR1/8N2Z7EwO+aF4mQuto6j/6nlHdF7a4=
Subject key identifier: 19:20:89:85:39:58:AB:5C:64:9E:10:3E:70:C0:EA:30:EA:CF:EE:2C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4787
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GSCJhTlYq1xknhA-cMDqMOrP7iw.roa
Signing time: Tue 23 Apr 2024 22:53:12 +0000
ROA not before: Tue 23 Apr 2024 22:53:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18311 (0x4787)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 23 22:53:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=192089853958AB5C649E103E70C0EA30EACFEE2C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ce:70:c5:87:c8:12:dc:ec:f9:dd:33:2e:4d:
e8:9e:8e:65:94:a0:28:e1:72:02:07:49:59:88:6a:
95:1b:9c:f8:a9:24:69:0f:64:44:63:d1:c5:24:7c:
9e:0d:e7:33:79:65:0a:c7:73:66:31:a7:a7:21:dd:
12:0b:b0:c2:d5:74:8a:53:a9:69:2a:3d:e3:6f:be:
ac:b5:c9:95:9d:19:9a:d6:65:b6:8e:1b:20:ec:d3:
cb:ca:10:09:e4:eb:af:1e:dc:d0:35:94:06:d1:03:
f7:0a:46:fa:4e:6d:b1:2a:d3:6e:a0:00:dc:c4:5f:
63:ca:60:30:7d:95:a5:61:63:32:3c:a5:7d:c3:3c:
48:07:47:c6:5e:22:92:72:e7:2b:62:57:61:b6:bd:
ec:c8:0c:bf:70:8d:86:28:f9:38:90:ca:16:12:45:
84:5f:e0:99:f4:49:6b:fe:a7:70:c3:4d:1d:85:81:
2e:c6:e9:c8:18:85:c7:22:23:1c:22:05:2a:6d:a1:
75:a9:9c:30:e8:71:d3:45:99:1f:b7:27:f4:8b:fb:
c8:5d:cf:0d:86:f8:19:3b:21:3f:cd:50:7b:dd:14:
45:1f:1e:fb:25:58:a6:1f:91:08:f5:c0:98:39:ad:
27:ed:bc:2d:bc:3f:12:75:c7:90:ec:7e:4d:10:6e:
86:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:20:89:85:39:58:AB:5C:64:9E:10:3E:70:C0:EA:30:EA:CF:EE:2C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/GSCJhTlYq1xknhA-cMDqMOrP7iw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
bc:4d:3b:35:1b:1f:24:04:ed:91:0c:1f:ad:72:83:cf:b7:ea:
56:d3:fc:74:51:48:f6:9d:17:ff:6e:1f:cf:61:26:73:bc:d5:
aa:dc:ed:d0:01:ad:93:3c:5d:53:43:cc:e2:05:0c:30:af:97:
83:ae:dc:7d:d5:78:c8:38:b0:26:a0:7e:d3:3a:e1:b3:91:c1:
e1:ea:66:d5:2d:b1:3a:f6:75:45:6f:15:a9:51:3c:e7:c6:1c:
97:71:cc:b1:9a:82:a2:bb:7a:0f:15:f2:5b:db:7a:48:eb:43:
c2:ec:1d:7b:fb:ff:8b:1a:8d:73:41:1e:af:8c:80:d6:c5:e6:
ba:b0:0a:54:98:6d:c7:2d:df:25:85:46:b6:b8:67:6a:92:6d:
7d:35:66:40:1e:b2:e2:cf:7e:ed:c9:ae:f0:84:c5:1c:17:8f:
75:c0:69:32:58:73:0b:ae:eb:4f:e7:a2:a4:e3:63:23:4e:f4:
56:0a:84:e5:93:8f:bd:d1:78:d1:88:ea:8d:3c:a3:88:45:3d:
3d:8c:79:fd:ac:73:33:02:2f:1a:fe:68:16:f2:c2:d5:41:c0:
32:ec:8b:96:63:57:83:f3:f4:24:aa:0f:2b:56:6f:10:fd:be:
f3:fe:be:70:7d:be:5a:5b:67:ad:8e:59:34:32:91:25:d7:f6:
b8:0f:5f:95
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICR4cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjMy
MjUzMTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE5MjA4OTg1Mzk1OEFC
NUM2NDlFMTAzRTcwQzBFQTMwRUFDRkVFMkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/znDFh8gS3Oz53TMuTeiejmWUoCjhcgIHSVmIapUbnPipJGkP
ZERj0cUkfJ4N5zN5ZQrHc2Yxp6ch3RILsMLVdIpTqWkqPeNvvqy1yZWdGZrWZbaO
GyDs08vKEAnk668e3NA1lAbRA/cKRvpObbEq026gANzEX2PKYDB9laVhYzI8pX3D
PEgHR8ZeIpJy5ytiV2G2vezIDL9wjYYo+TiQyhYSRYRf4Jn0SWv+p3DDTR2FgS7G
6cgYhcciIxwiBSptoXWpnDDocdNFmR+3J/SL+8hdzw2G+Bk7IT/NUHvdFEUfHvsl
WKYfkQj1wJg5rSftvC28PxJ1x5Dsfk0QboatAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUGSCJhTlYq1xknhA+cMDqMOrP7iwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0dTQ0poVGxZcTF4a25o
QS1jTURxTU9yUDdpdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALxNOzUbHyQE7ZEMH61yg8+36lbT/HRR
SPadF/9uH89hJnO81arc7dABrZM8XVNDzOIFDDCvl4Ou3H3VeMg4sCagftM64bOR
weHqZtUtsTr2dUVvFalRPOfGHJdxzLGagqK7eg8V8lvbekjrQ8LsHXv7/4sajXNB
Hq+MgNbF5rqwClSYbcct3yWFRra4Z2qSbX01ZkAesuLPfu3JrvCExRwXj3XAaTJY
cwuu60/noqTjYyNO9FYKhOWTj73ReNGI6o08o4hFPT2Mef2sczMCLxr+aBbywtVB
wDLsi5ZjV4Pz9CSqDytWbxD9vvP+vnB9vlpbZ62OWTQykSXX9rgPX5U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:27 2024 by rpki-client on console-ams.rpki-client.org