Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/HKOY-pFqTqX5nQk4cM_MzD6pB1g.roa
File: HKOY-pFqTqX5nQk4cM_MzD6pB1g.roa (raw, json)
Hash identifier: clWTo207DgbuD0wPljSitjBy21m2aVIoEwJDG7jtHNs=
Subject key identifier: 1C:A3:98:FA:91:6A:4E:A5:F9:9D:09:38:70:CF:CC:CC:3E:A9:07:58
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 44BB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/HKOY-pFqTqX5nQk4cM_MzD6pB1g.roa
Signing time: Sat 20 Apr 2024 05:23:04 +0000
ROA not before: Sat 20 Apr 2024 05:23:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17595 (0x44bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 05:23:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1CA398FA916A4EA5F99D093870CFCCCC3EA90758
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a1:23:95:5a:46:14:87:48:34:f3:1e:ac:cc:
e9:70:0f:84:ec:90:d6:df:89:47:21:7f:14:e3:9d:
89:77:e1:3b:16:be:28:70:49:9d:3b:73:fd:aa:d7:
34:71:06:a8:1a:4b:89:5b:22:83:e2:80:b5:6f:a8:
75:93:bc:b4:dd:07:4e:02:40:7c:c7:ef:59:53:34:
e8:23:6c:d2:29:9a:a9:0a:fb:7c:60:d9:b6:9d:07:
9f:9b:1e:7d:a2:eb:3c:48:07:e8:b1:be:91:47:25:
1a:c2:4f:39:40:f2:da:18:6d:ad:42:1c:d5:c6:7e:
66:5a:67:e8:89:3b:fe:ff:6a:3c:06:12:7f:fa:6b:
f6:92:5a:f8:60:66:e7:d5:40:8c:2e:3e:08:ab:30:
8f:55:8c:cc:32:c1:29:e4:7d:9f:10:26:0f:20:b3:
dd:e6:2b:d7:a1:0c:b0:1e:ae:4b:e0:45:6f:36:60:
7e:53:1d:70:b1:b8:da:98:bf:5a:c9:d6:80:49:a3:
f9:92:fc:7e:ce:2f:bf:40:0e:98:95:65:47:c2:85:
64:09:4c:15:6c:01:87:24:26:ee:e2:27:fb:b8:e0:
d4:91:7b:51:53:b1:c4:78:73:a6:f5:46:49:0d:37:
85:ab:48:c7:fe:d9:e4:12:5a:4c:f0:4e:0a:c2:c1:
de:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:A3:98:FA:91:6A:4E:A5:F9:9D:09:38:70:CF:CC:CC:3E:A9:07:58
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/HKOY-pFqTqX5nQk4cM_MzD6pB1g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
2e:47:fb:0d:ca:e6:e0:e8:4d:af:11:45:24:66:72:2c:fa:32:
d5:2f:65:f3:33:99:6a:be:d0:74:86:d5:12:52:ca:37:08:d4:
ba:68:45:84:69:bd:36:c1:d2:33:31:18:97:0d:e9:84:ab:67:
dc:29:f1:5b:ad:41:18:ed:df:24:8e:dc:a1:df:ec:93:aa:a9:
b7:73:8f:fd:5f:0e:74:49:bb:4f:43:06:33:a0:d2:12:92:87:
eb:d8:41:9a:81:67:16:2b:cc:cf:5f:32:50:96:bf:0e:c0:44:
0f:a9:ec:1d:f6:6d:b8:cd:92:05:16:07:98:37:4a:3c:03:68:
29:4d:bf:e8:f7:32:fe:ac:9b:06:3c:9c:68:8a:28:06:c8:22:
34:b1:a0:df:31:c5:42:74:6b:6a:13:55:5d:40:e1:83:4c:41:
67:eb:26:a6:e7:fc:84:36:f7:34:8d:f4:76:3c:78:01:e7:01:
b5:c6:60:8d:d4:01:a1:9c:8a:95:7b:44:78:5f:34:35:8a:85:
c5:40:6e:35:69:da:7f:99:d8:c2:34:11:93:89:d8:6c:8d:ce:
a6:6f:32:ba:bc:e0:ca:21:bc:b5:4d:e2:4f:0c:2a:1c:05:55:
a5:80:24:99:94:f1:bd:8d:1a:87:3e:14:21:40:91:50:fe:5f:
92:f2:b3:29
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICRLswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAw
NTIzMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFDQTM5OEZBOTE2QTRF
QTVGOTlEMDkzODcwQ0ZDQ0NDM0VBOTA3NTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzoSOVWkYUh0g08x6szOlwD4TskNbfiUchfxTjnYl34TsWvihw
SZ07c/2q1zRxBqgaS4lbIoPigLVvqHWTvLTdB04CQHzH71lTNOgjbNIpmqkK+3xg
2badB5+bHn2i6zxIB+ixvpFHJRrCTzlA8toYba1CHNXGfmZaZ+iJO/7/ajwGEn/6
a/aSWvhgZufVQIwuPgirMI9VjMwywSnkfZ8QJg8gs93mK9ehDLAerkvgRW82YH5T
HXCxuNqYv1rJ1oBJo/mS/H7OL79ADpiVZUfChWQJTBVsAYckJu7iJ/u44NSRe1FT
scR4c6b1RkkNN4WrSMf+2eQSWkzwTgrCwd6fAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUHKOY+pFqTqX5nQk4cM/MzD6pB1gwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0hLT1ktcEZxVHFYNW5R
azRjTV9NekQ2cEIxZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAC5H+w3K5uDoTa8RRSRmciz6MtUvZfMz
mWq+0HSG1RJSyjcI1LpoRYRpvTbB0jMxGJcN6YSrZ9wp8VutQRjt3ySO3KHf7JOq
qbdzj/1fDnRJu09DBjOg0hKSh+vYQZqBZxYrzM9fMlCWvw7ARA+p7B32bbjNkgUW
B5g3SjwDaClNv+j3Mv6smwY8nGiKKAbIIjSxoN8xxUJ0a2oTVV1A4YNMQWfrJqbn
/IQ29zSN9HY8eAHnAbXGYI3UAaGcipV7RHhfNDWKhcVAbjVp2n+Z2MI0EZOJ2GyN
zqZvMrq84MohvLVN4k8MKhwFVaWAJJmU8b2NGoc+FCFAkVD+X5Lysyk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:17 2024 by rpki-client on console-fra.rpki-client.org