Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/HjXI7NWRVu4fsMKInHbDmXpImM8.roa
File: HjXI7NWRVu4fsMKInHbDmXpImM8.roa (raw, json)
Hash identifier: rZo9D3IzqqPBzJOQ2A4SNoc7+64m7TNT6FqniiPThgc=
Subject key identifier: 1E:35:C8:EC:D5:91:56:EE:1F:B0:C2:88:9C:76:C3:99:7A:48:98:CF
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 550F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/HjXI7NWRVu4fsMKInHbDmXpImM8.roa
Signing time: Sat 11 May 2024 23:54:09 +0000
ROA not before: Sat 11 May 2024 23:54:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21775 (0x550f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 11 23:54:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1E35C8ECD59156EE1FB0C2889C76C3997A4898CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f4:5d:26:d4:b1:f9:04:59:98:48:9e:99:9a:
17:bc:aa:f9:11:2b:45:79:5f:ba:cf:c7:7b:58:7d:
db:44:d5:e0:48:26:9f:b5:12:ee:c4:1f:21:23:7a:
1b:9a:f1:3d:c6:0a:43:ea:6c:82:cc:fa:33:1c:99:
27:36:da:b9:08:f0:9b:e9:66:81:c1:e4:e1:42:01:
3b:bf:2f:cb:4e:ba:4a:3d:74:92:79:ab:7f:85:c8:
fb:62:3e:96:f8:b9:08:9e:b2:c2:39:72:1a:0d:5d:
cb:2a:e7:48:27:2f:30:c6:40:57:4a:3f:1b:7e:6c:
47:0b:eb:e5:67:fe:40:fb:33:d7:f4:5c:c6:9c:a6:
46:4a:e8:10:41:1d:33:4a:65:74:1a:31:c0:88:42:
fb:18:07:80:ed:a6:5f:aa:cd:06:4c:05:17:c9:fc:
e6:4c:ec:2c:2e:5d:b2:82:05:73:8c:4f:69:f1:15:
38:aa:a2:04:a3:ac:00:32:15:7e:d5:e4:4b:9b:2c:
5d:3c:8b:8e:2b:a3:d9:d8:fb:6d:cc:dc:b4:e5:43:
7c:13:b6:b5:52:70:ac:54:f2:b2:a5:1d:3f:6f:22:
9e:0c:6a:ce:21:2d:81:46:cd:61:57:7f:68:69:30:
54:40:b8:d2:8c:70:da:dc:6c:c6:e2:b5:24:ee:dc:
e8:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:35:C8:EC:D5:91:56:EE:1F:B0:C2:88:9C:76:C3:99:7A:48:98:CF
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/HjXI7NWRVu4fsMKInHbDmXpImM8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
1c:24:4f:cc:27:bb:64:fd:e4:0e:cc:d6:41:90:bb:5e:06:56:
23:71:4e:3c:aa:a5:a6:a1:bb:0d:8b:67:db:18:58:83:85:dd:
eb:20:2d:6f:d5:4f:c7:15:7e:52:db:3a:ac:c7:a4:9d:04:7c:
a7:c7:6e:02:6a:dc:21:fa:3e:70:75:64:f2:57:63:fd:58:9b:
df:b4:02:e1:b6:64:a3:17:f8:85:0a:9d:b5:71:81:35:ab:2f:
7a:ea:bc:70:5b:62:ad:fd:97:60:40:d9:64:95:ef:d3:d6:b3:
a3:50:0f:eb:b1:6e:7b:5f:44:02:b2:62:6a:73:35:5f:80:fb:
9b:1d:d4:f4:f4:59:e8:0f:10:c8:8d:66:1a:cd:3f:a9:23:a0:
d7:ea:80:f6:72:f6:f6:df:a7:06:af:5b:02:1b:71:d3:71:35:
f7:8c:f5:cc:c2:49:ee:de:cc:3a:1c:5b:85:3c:1a:82:31:c8:
59:49:cc:eb:25:c2:92:82:2a:7f:71:25:6f:20:cc:b9:88:97:
fc:ce:20:4a:bd:c8:8d:86:c1:0a:16:7d:05:09:22:18:64:85:
a7:e0:a4:47:1d:98:8d:7c:21:16:18:67:d9:19:d9:04:81:9d:
a9:2a:a5:76:b6:62:fa:8a:a4:4c:45:14:72:bc:f8:4f:c0:ed:
79:45:38:f4
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICVQ8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTEy
MzU0MDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFFMzVDOEVDRDU5MTU2
RUUxRkIwQzI4ODlDNzZDMzk5N0E0ODk4Q0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDF9F0m1LH5BFmYSJ6Zmhe8qvkRK0V5X7rPx3tYfdtE1eBIJp+1
Eu7EHyEjehua8T3GCkPqbILM+jMcmSc22rkI8JvpZoHB5OFCATu/L8tOuko9dJJ5
q3+FyPtiPpb4uQiessI5choNXcsq50gnLzDGQFdKPxt+bEcL6+Vn/kD7M9f0XMac
pkZK6BBBHTNKZXQaMcCIQvsYB4Dtpl+qzQZMBRfJ/OZM7CwuXbKCBXOMT2nxFTiq
ogSjrAAyFX7V5EubLF08i44ro9nY+23M3LTlQ3wTtrVScKxU8rKlHT9vIp4Mas4h
LYFGzWFXf2hpMFRAuNKMcNrcbMbitSTu3OjVAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUHjXI7NWRVu4fsMKInHbDmXpImM8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0hqWEk3TldSVnU0ZnNN
S0luSGJEbVhwSW1NOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBABwkT8wnu2T95A7M1kGQu14GViNxTjyq
paahuw2LZ9sYWIOF3esgLW/VT8cVflLbOqzHpJ0EfKfHbgJq3CH6PnB1ZPJXY/1Y
m9+0AuG2ZKMX+IUKnbVxgTWrL3rqvHBbYq39l2BA2WSV79PWs6NQD+uxbntfRAKy
YmpzNV+A+5sd1PT0WegPEMiNZhrNP6kjoNfqgPZy9vbfpwavWwIbcdNxNfeM9czC
Se7ezDocW4U8GoIxyFlJzOslwpKCKn9xJW8gzLmIl/zOIEq9yI2GwQoWfQUJIhhk
hafgpEcdmI18IRYYZ9kZ2QSBnakqpXa2YvqKpExFFHK8+E/A7XlFOPQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:17 2024 by rpki-client on console-fra.rpki-client.org