Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/IdsH5wK6sqw-aZZfbP871OqcOJU.roa
File: IdsH5wK6sqw-aZZfbP871OqcOJU.roa (raw, json)
Hash identifier: OcVSMQXvrNNFsB3lBzYKMnCtLHDL3KsnN3lGEB5Jcbg=
Subject key identifier: 21:DB:07:E7:02:BA:B2:AC:3E:69:96:5F:6C:FF:3B:D4:EA:9C:38:95
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5183
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/IdsH5wK6sqw-aZZfbP871OqcOJU.roa
Signing time: Tue 07 May 2024 06:24:09 +0000
ROA not before: Tue 07 May 2024 06:24:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20867 (0x5183)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 7 06:24:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=21DB07E702BAB2AC3E69965F6CFF3BD4EA9C3895
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:fb:b8:28:04:8b:66:8a:65:e7:3c:fd:7e:c6:
f2:3c:ab:be:43:b1:b0:c9:1d:70:8a:0d:d8:a2:e3:
12:c6:3f:07:79:13:61:60:9d:b3:6b:7c:3a:5e:b1:
b3:89:ec:3e:75:9a:1d:96:9e:e4:0e:03:3b:af:7d:
68:7d:d2:86:e9:92:1e:6e:b9:94:ac:8a:0e:ad:55:
39:10:46:69:9c:22:0c:7b:0f:0c:4e:ce:2f:31:c5:
82:fd:e1:2a:32:7e:1c:a4:16:3e:c4:46:78:25:17:
8a:5e:61:46:70:df:83:bc:fb:c8:c2:82:41:29:cc:
92:d2:4b:55:49:a5:44:44:fd:2b:81:15:1c:96:eb:
d5:c4:f0:39:11:42:55:42:7f:b8:06:29:e0:a1:2e:
34:0f:76:7f:5f:e3:72:10:f9:b3:08:39:8b:10:8d:
93:8f:d6:da:45:16:76:d0:20:59:e2:bc:36:f1:10:
ea:9b:24:17:a8:a4:19:f3:ea:c7:09:24:3d:66:0b:
be:6b:14:ba:57:99:58:f5:83:f8:19:12:76:cc:f1:
94:5e:db:d0:85:7f:81:08:ff:d5:5f:44:91:23:3c:
d2:e6:cc:31:95:62:b2:fe:65:ad:a0:7e:f4:8b:10:
f3:9d:88:17:c8:61:30:6a:11:e6:4d:73:fd:4a:88:
f0:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:DB:07:E7:02:BA:B2:AC:3E:69:96:5F:6C:FF:3B:D4:EA:9C:38:95
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/IdsH5wK6sqw-aZZfbP871OqcOJU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
4a:c3:b4:19:35:44:09:fc:b4:9b:d6:ac:30:1c:6e:c7:93:99:
6d:dc:00:19:69:87:60:8a:ff:51:ef:b3:0c:a7:5b:55:7a:93:
02:4d:97:b2:99:bb:3e:0d:e2:8f:26:ed:aa:50:59:23:14:1d:
f0:67:b9:5a:33:0a:92:f0:9c:95:90:8a:37:39:26:e7:ea:62:
4c:8c:3b:80:a9:ee:2c:93:08:fb:65:ab:94:68:33:de:24:5c:
e9:87:c8:04:ad:a4:15:32:90:33:b9:c3:77:1b:9e:0b:41:ac:
be:55:16:85:12:05:c8:41:62:08:dc:a8:d0:6c:05:41:cf:d5:
b3:73:3e:8e:6f:ea:b7:b3:1c:2a:4a:98:48:4e:15:0c:83:11:
ca:d3:6a:d1:85:b6:19:29:58:55:f7:4e:ec:1d:a9:7f:8d:40:
55:03:13:76:93:0d:93:65:a7:bd:6d:bf:16:27:b7:a3:13:c1:
99:35:6a:99:0e:db:88:e3:53:0f:a3:94:fa:7c:60:e7:b9:f8:
85:41:4e:5f:a9:d2:48:23:54:f4:6d:4a:62:29:7b:cc:cc:0f:
6f:a7:a5:b1:0f:9f:71:64:46:04:b9:ac:df:ff:d9:28:b9:6d:
84:ac:7a:e1:6f:c6:b9:e5:bb:cc:85:0c:b3:67:83:40:f6:34:
2a:b7:90:21
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICUYMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDcw
NjI0MDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIxREIwN0U3MDJCQUIy
QUMzRTY5OTY1RjZDRkYzQkQ0RUE5QzM4OTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDg+7goBItmimXnPP1+xvI8q75DsbDJHXCKDdii4xLGPwd5E2Fg
nbNrfDpesbOJ7D51mh2WnuQOAzuvfWh90obpkh5uuZSsig6tVTkQRmmcIgx7DwxO
zi8xxYL94SoyfhykFj7ERnglF4peYUZw34O8+8jCgkEpzJLSS1VJpURE/SuBFRyW
69XE8DkRQlVCf7gGKeChLjQPdn9f43IQ+bMIOYsQjZOP1tpFFnbQIFnivDbxEOqb
JBeopBnz6scJJD1mC75rFLpXmVj1g/gZEnbM8ZRe29CFf4EI/9VfRJEjPNLmzDGV
YrL+Za2gfvSLEPOdiBfIYTBqEeZNc/1KiPBlAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUIdsH5wK6sqw+aZZfbP871OqcOJUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0lkc0g1d0s2c3F3LWFa
WmZiUDg3MU9xY09KVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAErDtBk1RAn8tJvWrDAcbseTmW3cABlp
h2CK/1HvswynW1V6kwJNl7KZuz4N4o8m7apQWSMUHfBnuVozCpLwnJWQijc5Jufq
YkyMO4Cp7iyTCPtlq5RoM94kXOmHyAStpBUykDO5w3cbngtBrL5VFoUSBchBYgjc
qNBsBUHP1bNzPo5v6rezHCpKmEhOFQyDEcrTatGFthkpWFX3TuwdqX+NQFUDE3aT
DZNlp71tvxYnt6MTwZk1apkO24jjUw+jlPp8YOe5+IVBTl+p0kgjVPRtSmIpe8zM
D2+npbEPn3FkRgS5rN//2Si5bYSseuFvxrnlu8yFDLNng0D2NCq3kCE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:18 2024 by rpki-client on console-fra.rpki-client.org