Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/IIheYPoWKLPRdL2veJWixP-D8M4.roa
File: IIheYPoWKLPRdL2veJWixP-D8M4.roa (raw, json)
Hash identifier: 8nAyJ5JOZiXQTV5Kim3sBHaBgFMTx9Mf2n3DJCE5kjk=
Subject key identifier: 20:88:5E:60:FA:16:28:B3:D1:74:BD:AF:78:95:A2:C4:FF:83:F0:CE
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 35DB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/IIheYPoWKLPRdL2veJWixP-D8M4.roa
Signing time: Sun 31 Mar 2024 09:22:10 +0000
ROA not before: Sun 31 Mar 2024 09:22:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13787 (0x35db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 09:22:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=20885E60FA1628B3D174BDAF7895A2C4FF83F0CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:36:e2:70:d5:26:b0:0d:56:e9:1b:22:f7:aa:
94:c5:e8:53:4b:b0:9f:60:a3:87:7a:f3:80:df:10:
9d:b8:cd:46:fe:7a:b9:0b:34:04:e6:37:c8:a7:6c:
85:27:c5:ab:d4:47:f5:a9:51:f0:a9:77:15:36:9f:
0b:b8:74:1c:6f:f6:31:75:66:cd:11:58:9e:59:17:
6a:61:ba:bb:0a:86:6f:33:9d:c3:cc:b6:b0:2d:d4:
08:90:ea:01:fa:b2:b4:90:df:5c:12:32:f1:dd:a0:
8e:bb:7e:e1:d6:86:9d:13:a7:8b:dd:4b:4b:f0:f1:
98:2f:25:2c:ec:c9:fe:7a:6a:3f:d1:f2:de:ac:61:
18:35:a0:47:55:45:c7:45:48:7b:4c:d1:e1:0f:44:
ca:26:ba:de:f9:46:87:9c:70:92:19:ff:d9:2f:c9:
30:58:3d:a4:b0:97:65:a2:d8:37:03:68:07:fc:02:
4c:07:24:f1:98:34:87:ff:e7:23:2e:a1:45:a6:14:
cd:dd:fe:5e:8e:f6:3e:48:c5:2a:9d:28:6d:d0:3b:
78:86:59:07:e0:56:d0:65:ec:7a:8c:23:3c:b3:b3:
35:20:8a:64:02:c2:46:a7:17:a8:6a:0b:ee:1d:53:
eb:43:32:da:13:78:6a:ff:de:82:77:8d:83:24:90:
3c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:88:5E:60:FA:16:28:B3:D1:74:BD:AF:78:95:A2:C4:FF:83:F0:CE
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/IIheYPoWKLPRdL2veJWixP-D8M4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
b4:d5:45:a1:62:4b:6c:bd:85:a3:5b:d5:27:d7:cf:cd:e4:74:
3c:59:29:b1:31:f2:50:de:73:a9:18:79:68:fb:35:f2:42:de:
9a:0b:6a:62:1c:d5:f3:d3:5e:40:07:0d:cc:80:85:2e:d5:d3:
a1:df:de:5a:7e:e9:a3:ae:36:2d:37:14:30:ec:22:84:80:81:
f8:1c:14:b7:6f:30:97:a9:60:c8:52:71:5d:16:d8:aa:0c:5d:
d7:8c:bd:a8:d7:86:a7:c0:2c:37:61:6e:45:3e:b6:c0:58:02:
31:3f:03:2f:a5:0f:11:a1:bf:3d:92:2b:f3:7d:d8:f1:ec:cf:
c7:f6:e4:9a:14:db:e7:1a:1f:23:28:c8:db:5d:ce:da:b4:72:
fb:66:8b:10:38:b6:28:25:9b:e7:42:46:01:bc:33:c0:e8:49:
37:2e:f1:c6:09:3a:9b:ac:52:2b:b9:e5:b6:44:db:e2:38:ef:
07:1e:64:f1:55:d1:3d:7f:78:19:59:eb:14:f7:5c:f7:71:1e:
6c:1c:09:9b:3a:0c:32:21:21:2a:d1:68:c3:44:61:a7:d9:ba:
f7:6f:b0:e0:6c:c8:8e:98:c5:17:03:55:0a:8f:a3:6d:7a:37:
a8:9d:1f:6f:15:5c:92:af:5a:fa:d6:56:97:77:d7:5e:a2:50:
f9:99:8c:92
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNdswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEw
OTIyMTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIwODg1RTYwRkExNjI4
QjNEMTc0QkRBRjc4OTVBMkM0RkY4M0YwQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdNuJw1SawDVbpGyL3qpTF6FNLsJ9go4d684DfEJ24zUb+erkL
NATmN8inbIUnxavUR/WpUfCpdxU2nwu4dBxv9jF1Zs0RWJ5ZF2phursKhm8zncPM
trAt1AiQ6gH6srSQ31wSMvHdoI67fuHWhp0Tp4vdS0vw8ZgvJSzsyf56aj/R8t6s
YRg1oEdVRcdFSHtM0eEPRMomut75RoeccJIZ/9kvyTBYPaSwl2Wi2DcDaAf8AkwH
JPGYNIf/5yMuoUWmFM3d/l6O9j5IxSqdKG3QO3iGWQfgVtBl7HqMIzyzszUgimQC
wkanF6hqC+4dU+tDMtoTeGr/3oJ3jYMkkDz/AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUIIheYPoWKLPRdL2veJWixP+D8M4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0lJaGVZUG9XS0xQUmRM
MnZlSldpeFAtRDhNNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALTVRaFiS2y9haNb1SfXz83kdDxZKbEx
8lDec6kYeWj7NfJC3poLamIc1fPTXkAHDcyAhS7V06Hf3lp+6aOuNi03FDDsIoSA
gfgcFLdvMJepYMhScV0W2KoMXdeMvajXhqfALDdhbkU+tsBYAjE/Ay+lDxGhvz2S
K/N92PHsz8f25JoU2+caHyMoyNtdztq0cvtmixA4tiglm+dCRgG8M8DoSTcu8cYJ
OpusUiu55bZE2+I47wceZPFV0T1/eBlZ6xT3XPdxHmwcCZs6DDIhISrRaMNEYafZ
uvdvsOBsyI6YxRcDVQqPo216N6idH28VXJKvWvrWVpd3116iUPmZjJI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:29 2024 by rpki-client on console-ams.rpki-client.org