Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Icfo0TcKMDypgT-O4ezk_DO0-ww.roa
File: Icfo0TcKMDypgT-O4ezk_DO0-ww.roa (raw, json)
Hash identifier: x0x6CDksE7/c9NZ2Rmn/1vNFIJHacYnZivCST9YLX2A=
Subject key identifier: 21:C7:E8:D1:37:0A:30:3C:A9:81:3F:8E:E1:EC:E4:FC:33:B4:FB:0C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 485B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Icfo0TcKMDypgT-O4ezk_DO0-ww.roa
Signing time: Thu 25 Apr 2024 01:23:18 +0000
ROA not before: Thu 25 Apr 2024 01:23:18 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18523 (0x485b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 25 01:23:18 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=21C7E8D1370A303CA9813F8EE1ECE4FC33B4FB0C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:ea:9a:ab:f7:30:99:2b:e6:0d:21:0e:ed:39:
3e:f1:25:ad:7f:d7:3a:64:34:c7:1f:ac:2d:7d:9e:
ef:11:c2:49:e2:83:d2:6e:3f:50:9d:8c:5e:37:ba:
9d:cd:56:41:d1:e0:d9:cf:5d:33:88:3e:39:e5:ac:
9e:b1:d6:80:bc:1b:43:b8:cc:9b:94:4a:79:e8:1e:
97:72:7e:1f:91:06:22:3e:d7:fa:a9:93:26:93:65:
bb:70:ba:ff:08:75:4f:ad:a8:65:74:ab:6d:fe:56:
6d:94:70:78:e0:e7:71:9a:df:0f:96:cd:ff:4e:1d:
e1:91:a6:1c:c5:4d:9d:78:38:c6:7a:45:5d:e1:2f:
76:94:a0:cf:13:2a:ce:02:1f:ee:a4:67:35:d1:79:
aa:75:c7:6b:fc:7e:9d:39:25:31:62:b7:a1:ca:ae:
7e:83:42:73:d8:a1:ae:7c:01:10:36:5d:6b:3a:10:
00:f1:aa:ae:c9:20:28:90:5a:9e:0d:b7:0e:cd:47:
c2:a4:e4:2c:3c:57:91:97:97:f4:d2:67:89:7a:18:
d2:49:ae:4e:00:b2:e9:ff:20:c7:78:24:df:58:9d:
1f:21:ba:de:41:1c:02:20:e1:27:5a:1d:11:ed:be:
e2:8f:1f:16:1f:a8:1b:f1:e8:9c:07:0e:26:c2:8f:
99:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:C7:E8:D1:37:0A:30:3C:A9:81:3F:8E:E1:EC:E4:FC:33:B4:FB:0C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Icfo0TcKMDypgT-O4ezk_DO0-ww.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
3f:4c:dd:1c:d6:24:fc:f1:d8:79:16:9d:67:4b:24:36:c6:6f:
ce:0f:2b:30:84:ff:8a:16:4f:10:be:25:61:11:42:15:32:4e:
23:21:f4:99:63:51:63:08:be:b3:98:7f:b0:8c:3e:eb:04:34:
1a:34:16:cf:a2:71:8a:28:4a:b5:d4:e1:a5:c0:d8:69:9f:d9:
a0:6d:99:5f:1f:d6:e1:0f:f3:50:51:43:3f:15:3a:e0:d3:58:
b2:75:9d:6f:0f:66:22:e6:20:ea:96:21:0d:7c:30:a3:03:c1:
ba:24:81:48:9f:ea:a6:16:e1:fd:5c:59:db:b6:d1:b8:e1:f1:
85:8d:0c:c4:58:57:e4:29:7b:d8:1f:ae:e4:b5:30:df:74:2d:
77:3e:a8:e4:08:3b:eb:57:50:be:56:16:39:87:6c:29:d0:15:
e8:2b:5a:9e:c6:77:72:4b:b5:bb:7c:bf:e6:e3:de:ed:64:9d:
57:a1:a9:9e:a1:83:18:58:3e:9a:46:0b:66:5b:c3:6d:4a:6a:
a0:7a:bf:23:3c:5c:da:04:45:1d:3e:dd:34:07:3f:8e:52:22:
3a:d8:ea:81:7b:2f:4f:65:ae:a3:cb:f9:c3:cf:8f:b0:ae:99:
69:33:1f:63:9b:ee:e8:e9:e9:c6:b4:cd:f2:cd:e8:ac:6b:45:
61:1a:60:26
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICSFswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjUw
MTIzMThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIxQzdFOEQxMzcwQTMw
M0NBOTgxM0Y4RUUxRUNFNEZDMzNCNEZCMEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDr6pqr9zCZK+YNIQ7tOT7xJa1/1zpkNMcfrC19nu8Rwknig9Ju
P1CdjF43up3NVkHR4NnPXTOIPjnlrJ6x1oC8G0O4zJuUSnnoHpdyfh+RBiI+1/qp
kyaTZbtwuv8IdU+tqGV0q23+Vm2UcHjg53Ga3w+Wzf9OHeGRphzFTZ14OMZ6RV3h
L3aUoM8TKs4CH+6kZzXReap1x2v8fp05JTFit6HKrn6DQnPYoa58ARA2XWs6EADx
qq7JICiQWp4Ntw7NR8Kk5Cw8V5GXl/TSZ4l6GNJJrk4Asun/IMd4JN9YnR8hut5B
HAIg4SdaHRHtvuKPHxYfqBvx6JwHDibCj5lRAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUIcfo0TcKMDypgT+O4ezk/DO0+wwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0ljZm8wVGNLTUR5cGdU
LU80ZXprX0RPMC13dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAD9M3RzWJPzx2HkWnWdLJDbGb84PKzCE
/4oWTxC+JWERQhUyTiMh9JljUWMIvrOYf7CMPusENBo0Fs+icYooSrXU4aXA2Gmf
2aBtmV8f1uEP81BRQz8VOuDTWLJ1nW8PZiLmIOqWIQ18MKMDwbokgUif6qYW4f1c
Wdu20bjh8YWNDMRYV+Qpe9gfruS1MN90LXc+qOQIO+tXUL5WFjmHbCnQFegrWp7G
d3JLtbt8v+bj3u1knVehqZ6hgxhYPppGC2Zbw21KaqB6vyM8XNoERR0+3TQHP45S
IjrY6oF7L09lrqPL+cPPj7CumWkzH2Ob7ujp6ca0zfLN6KxrRWEaYCY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:18 2024 by rpki-client on console-fra.rpki-client.org