Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/H7G0riaTLkj2xLErN0lVm1ExNfo.roa
File: H7G0riaTLkj2xLErN0lVm1ExNfo.roa (raw, json)
Hash identifier: xvEbwPOSeHGGCWcS+443PTEc/oafsVlJeeEAhlodPUY=
Subject key identifier: 1F:B1:B4:AE:26:93:2E:48:F6:C4:B1:2B:37:49:55:9B:51:31:35:FA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4DB7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/H7G0riaTLkj2xLErN0lVm1ExNfo.roa
Signing time: Thu 02 May 2024 04:53:58 +0000
ROA not before: Thu 02 May 2024 04:53:58 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19895 (0x4db7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 2 04:53:58 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1FB1B4AE26932E48F6C4B12B3749559B513135FA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:74:6a:79:81:42:1a:17:88:f1:3a:a0:5b:ca:
0d:8f:58:14:ab:20:79:bd:75:7b:94:90:ed:1e:40:
8a:fc:af:9a:ba:af:1e:c9:da:6f:9b:96:e8:78:49:
2c:00:77:17:b2:cb:35:68:5b:eb:81:7f:62:6f:37:
77:e7:3b:eb:37:3b:27:6e:2d:f2:df:cd:70:fd:15:
37:44:69:18:c3:3d:ae:7e:a0:3d:1c:b3:7b:17:7d:
6b:4d:40:be:3d:04:ec:80:6d:52:1f:44:c3:47:00:
5a:b2:33:85:5f:b1:d2:c1:0f:27:81:3f:10:24:52:
22:e2:8a:f9:a4:56:b4:92:bb:ac:26:cf:49:8a:12:
8c:87:b5:cd:d9:95:70:e3:7b:f4:cf:48:59:f5:40:
ba:60:ab:1e:a2:98:ef:64:73:60:2d:cc:0a:6b:0d:
b4:e3:1c:f7:14:04:e3:31:f8:50:ee:f1:d9:16:7d:
8d:bf:89:c6:03:ac:3a:fc:40:0c:73:61:d0:28:b9:
25:9e:95:17:c0:e7:b8:22:8e:d8:81:56:c7:48:11:
12:59:ec:26:1d:fd:24:15:92:97:39:cb:52:20:97:
4c:90:07:b0:95:6f:9e:4b:eb:58:02:dc:c5:c2:39:
a8:9b:12:db:9c:d3:a9:00:df:27:60:39:c0:12:0b:
5e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:B1:B4:AE:26:93:2E:48:F6:C4:B1:2B:37:49:55:9B:51:31:35:FA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/H7G0riaTLkj2xLErN0lVm1ExNfo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
90:78:df:4a:f5:07:82:3b:63:26:b3:de:5e:88:e3:07:86:98:
d4:a8:33:d6:61:70:10:9c:09:08:ef:66:47:82:cb:12:cb:64:
a5:ad:81:39:eb:a0:57:d5:2d:a3:1b:3c:7d:ab:f2:bb:2b:19:
19:ef:59:cb:fc:be:49:c1:07:8e:ea:21:f8:d9:76:61:c3:23:
3e:ba:72:ee:7d:cb:fc:73:3f:1e:fc:1b:9d:6c:a5:e2:6e:81:
2e:6a:ba:b8:ce:5e:21:87:de:27:97:59:20:85:1c:99:98:47:
72:3c:05:b0:58:16:9c:56:79:84:20:c6:8f:b1:a5:e3:38:50:
16:c4:b4:22:d7:2d:ed:0b:39:40:44:51:4b:ce:51:d5:bb:0b:
95:35:2a:10:ef:2f:1d:58:c4:37:6c:70:9e:66:6f:db:b6:77:
cb:6f:89:d1:cc:2c:5d:66:dd:18:4f:43:35:50:fd:98:21:59:
dd:93:3f:0c:26:08:e5:80:e8:4c:0a:87:21:20:e5:84:f2:01:
a6:1b:6a:8e:32:b2:05:3f:0e:55:4b:cb:7a:6b:39:f2:39:c9:
56:1c:98:2d:9c:05:84:d6:50:6d:e7:7c:1b:81:14:64:a7:66:
de:42:ea:46:8d:fa:75:f2:6c:6d:ae:41:6a:ad:16:b0:9c:33:
0b:69:03:75
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTbcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDIw
NDUzNThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFGQjFCNEFFMjY5MzJF
NDhGNkM0QjEyQjM3NDk1NTlCNTEzMTM1RkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCdGp5gUIaF4jxOqBbyg2PWBSrIHm9dXuUkO0eQIr8r5q6rx7J
2m+bluh4SSwAdxeyyzVoW+uBf2JvN3fnO+s3OyduLfLfzXD9FTdEaRjDPa5+oD0c
s3sXfWtNQL49BOyAbVIfRMNHAFqyM4VfsdLBDyeBPxAkUiLiivmkVrSSu6wmz0mK
EoyHtc3ZlXDje/TPSFn1QLpgqx6imO9kc2AtzAprDbTjHPcUBOMx+FDu8dkWfY2/
icYDrDr8QAxzYdAouSWelRfA57gijtiBVsdIERJZ7CYd/SQVkpc5y1Igl0yQB7CV
b55L61gC3MXCOaibEtuc06kA3ydgOcASC15tAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUH7G0riaTLkj2xLErN0lVm1ExNfowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0g3RzByaWFUTGtqMnhM
RXJOMGxWbTFFeE5mby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAJB430r1B4I7Yyaz3l6I4weGmNSoM9Zh
cBCcCQjvZkeCyxLLZKWtgTnroFfVLaMbPH2r8rsrGRnvWcv8vknBB47qIfjZdmHD
Iz66cu59y/xzPx78G51speJugS5qurjOXiGH3ieXWSCFHJmYR3I8BbBYFpxWeYQg
xo+xpeM4UBbEtCLXLe0LOUBEUUvOUdW7C5U1KhDvLx1YxDdscJ5mb9u2d8tvidHM
LF1m3RhPQzVQ/ZghWd2TPwwmCOWA6EwKhyEg5YTyAaYbao4ysgU/DlVLy3prOfI5
yVYcmC2cBYTWUG3nfBuBFGSnZt5C6kaN+nXybG2uQWqtFrCcMwtpA3U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:16 2024 by rpki-client on console-fra.rpki-client.org