Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/JA2C2vgu4fVIwifvZphuQxRxj6I.roa
File: JA2C2vgu4fVIwifvZphuQxRxj6I.roa (raw, json)
Hash identifier: vFfxfj/FKQvyrQZg4tbEfbuZhcL6Rt48ZZWGDoPjiM0=
Subject key identifier: 24:0D:82:DA:F8:2E:E1:F5:48:C2:27:EF:66:98:6E:43:14:71:8F:A2
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 396B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/JA2C2vgu4fVIwifvZphuQxRxj6I.roa
Signing time: Fri 05 Apr 2024 03:22:24 +0000
ROA not before: Fri 05 Apr 2024 03:22:24 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14699 (0x396b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 5 03:22:24 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=240D82DAF82EE1F548C227EF66986E4314718FA2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ef:88:66:ca:1c:09:ef:bc:af:55:41:f3:d1:
5e:e2:eb:5a:cd:70:10:ae:18:92:60:d8:c3:47:b1:
ff:d4:a3:36:f1:be:a5:06:de:44:21:b8:e3:3e:83:
a7:51:10:59:e9:4f:ea:b9:03:7e:98:c9:aa:0b:1b:
ab:a0:1b:d2:d3:d0:58:1f:ef:b6:5e:a0:26:0d:3c:
62:37:3d:f3:86:b1:80:35:f7:a4:bb:4d:dd:72:86:
8d:d2:5d:de:84:a1:6b:b3:27:83:65:a6:e5:8d:2c:
da:ad:d9:66:b9:8e:a2:dc:f9:77:84:f5:68:74:ea:
69:34:e5:a7:cb:6c:c4:e8:93:90:75:23:2e:32:65:
de:0f:9b:03:22:76:71:25:2c:ac:a2:6e:14:c7:2e:
8f:4a:46:6a:3a:c7:52:38:3e:e6:3c:8a:92:e1:aa:
72:a7:3e:f5:65:ff:52:83:d9:4d:78:28:77:d0:83:
3a:68:11:81:87:f4:a1:07:f4:b7:47:bb:b5:dd:1a:
75:70:49:ae:3c:c9:53:c8:70:b0:de:c8:63:b6:13:
9f:23:5f:f8:c5:1d:6d:46:40:6b:b8:e7:ee:4d:a6:
25:61:2b:5c:58:e6:40:6d:67:d0:29:a8:08:af:38:
e7:fa:7e:bb:51:c6:3b:aa:d2:91:a4:68:fa:24:0b:
2b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:0D:82:DA:F8:2E:E1:F5:48:C2:27:EF:66:98:6E:43:14:71:8F:A2
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/JA2C2vgu4fVIwifvZphuQxRxj6I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
b2:07:7c:72:12:88:b8:ca:3f:11:5b:3d:af:9d:af:f3:d4:21:
7f:94:7c:08:65:1b:8d:f8:fa:c5:cd:a7:e6:16:10:76:bb:fa:
dd:c7:6b:8c:31:ac:f4:e9:38:d7:21:3d:3e:9a:d8:7e:bb:73:
d7:85:02:92:a8:c3:eb:3e:42:b6:a9:33:ee:0d:04:65:60:4b:
e4:dd:ea:71:61:16:aa:52:e3:c0:30:09:e3:62:75:5b:19:8a:
9d:78:9a:43:7b:82:2b:bc:a8:4e:f6:f2:0e:57:bf:bf:c0:7b:
cf:76:d9:cc:27:92:fb:f1:f2:55:0d:4d:0d:7a:02:03:82:db:
d0:ff:16:1a:7e:7a:60:94:1d:61:02:56:aa:44:7c:65:33:7e:
cf:6d:17:16:ca:54:81:9e:6b:bd:4c:1b:d3:dc:ba:40:51:43:
5c:af:4c:7e:dd:92:9c:80:00:77:2e:b8:e0:d6:a9:3b:9b:84:
4c:8e:79:52:01:5c:69:5c:7c:bf:96:82:5d:49:ef:8d:56:b1:
a1:0b:70:d7:9c:09:d7:b7:de:ce:6c:10:f9:1e:be:43:78:44:
e3:05:5d:3f:c7:c5:70:f1:f2:41:a3:56:29:f3:5c:bb:65:35:
6d:12:6d:4a:b6:c8:db:07:5c:af:28:1b:b7:60:d4:fb:d7:88:
6b:64:83:f1
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICOWswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDUw
MzIyMjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI0MEQ4MkRBRjgyRUUx
RjU0OEMyMjdFRjY2OTg2RTQzMTQ3MThGQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCy74hmyhwJ77yvVUHz0V7i61rNcBCuGJJg2MNHsf/UozbxvqUG
3kQhuOM+g6dREFnpT+q5A36YyaoLG6ugG9LT0Fgf77ZeoCYNPGI3PfOGsYA196S7
Td1yho3SXd6EoWuzJ4NlpuWNLNqt2Wa5jqLc+XeE9Wh06mk05afLbMTok5B1Iy4y
Zd4PmwMidnElLKyibhTHLo9KRmo6x1I4PuY8ipLhqnKnPvVl/1KD2U14KHfQgzpo
EYGH9KEH9LdHu7XdGnVwSa48yVPIcLDeyGO2E58jX/jFHW1GQGu45+5NpiVhK1xY
5kBtZ9ApqAivOOf6frtRxjuq0pGkaPokCyuxAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUJA2C2vgu4fVIwifvZphuQxRxj6IwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0pBMkMydmd1NGZWSXdp
ZnZacGh1UXhSeGo2SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALIHfHISiLjKPxFbPa+dr/PUIX+UfAhl
G434+sXNp+YWEHa7+t3Ha4wxrPTpONchPT6a2H67c9eFApKow+s+QrapM+4NBGVg
S+Td6nFhFqpS48AwCeNidVsZip14mkN7giu8qE728g5Xv7/Ae8922cwnkvvx8lUN
TQ16AgOC29D/Fhp+emCUHWECVqpEfGUzfs9tFxbKVIGea71MG9PcukBRQ1yvTH7d
kpyAAHcuuODWqTubhEyOeVIBXGlcfL+Wgl1J741WsaELcNecCde33s5sEPkevkN4
ROMFXT/HxXDx8kGjVinzXLtlNW0SbUq2yNsHXK8oG7dg1PvXiGtkg/E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:18 2024 by rpki-client on console-fra.rpki-client.org