Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/JMttcXp_6yvDJfVo4j4Ge5FAmvs.roa
File: JMttcXp_6yvDJfVo4j4Ge5FAmvs.roa (raw, json)
Hash identifier: PwGccaUNvRQTU3PmkF7HaqiiRbKpvlMoklPFD5aza78=
Subject key identifier: 24:CB:6D:71:7A:7F:EB:2B:C3:25:F5:68:E2:3E:06:7B:91:40:9A:FB
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3847
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/JMttcXp_6yvDJfVo4j4Ge5FAmvs.roa
Signing time: Wed 03 Apr 2024 14:52:19 +0000
ROA not before: Wed 03 Apr 2024 14:52:19 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14407 (0x3847)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 3 14:52:19 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=24CB6D717A7FEB2BC325F568E23E067B91409AFB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e5:a0:74:2c:f2:8d:94:c3:6f:02:cf:ff:e3:
f9:dc:dd:d3:4e:3f:44:06:d2:cc:cb:e8:46:fb:0e:
f0:23:68:b6:7c:22:db:0c:36:80:3c:12:88:e9:54:
df:b1:9a:c4:d7:3f:91:75:91:8f:3b:4c:ce:c1:d0:
91:4a:0b:fd:40:8f:97:4f:db:3e:1e:3b:12:d7:7a:
de:04:90:bb:3b:b6:ca:bb:b1:a4:11:e3:fa:91:0a:
0e:e5:0c:34:1e:dd:be:1e:ce:95:9b:f4:81:16:c8:
2c:b1:85:47:f5:f8:5a:e7:ad:81:91:59:a0:b5:58:
06:df:2e:73:51:61:cf:93:2c:52:80:90:16:9e:22:
d9:6b:93:e4:61:de:cf:62:d3:d3:8b:8a:e5:8a:b5:
a0:66:45:2c:9b:c3:8c:b3:db:79:3e:c4:62:84:20:
e2:71:9d:b9:f5:16:fc:24:35:d5:75:b2:4d:7b:cb:
b3:85:f6:04:1b:9d:2b:4d:45:4d:59:9e:42:81:a7:
8d:ac:25:b0:62:a0:95:9c:ca:7d:5b:5f:c0:bb:dc:
79:b1:20:ef:6e:f7:df:f7:4f:b0:e4:8f:14:6f:de:
10:d4:27:c5:04:49:94:d7:28:aa:cb:d8:6a:0d:f6:
6c:c7:bc:03:0d:21:b1:c3:57:1e:f8:85:36:17:13:
cc:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:CB:6D:71:7A:7F:EB:2B:C3:25:F5:68:E2:3E:06:7B:91:40:9A:FB
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/JMttcXp_6yvDJfVo4j4Ge5FAmvs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
4a:fe:07:0f:90:81:34:b7:08:a9:2f:d1:61:95:bf:b5:11:db:
2e:12:08:36:34:aa:3a:46:ff:74:eb:b9:73:04:f3:a3:a9:20:
4b:45:6e:f5:b5:e0:2c:84:5f:16:2c:89:6f:b8:f8:f1:7d:0b:
03:da:b0:8c:69:74:c3:a7:d5:1b:50:0b:63:6c:a9:43:57:78:
eb:ed:67:68:a9:1e:30:ca:23:54:5c:73:2c:b0:dd:98:0e:ad:
fc:f0:8a:e6:f5:fe:dd:a5:07:a4:76:69:65:34:1a:5f:ac:9c:
ad:b1:5c:c9:d0:12:b3:c1:40:7d:9f:09:b0:7c:ad:25:84:43:
1d:95:aa:e0:dd:ce:00:b8:3f:c4:64:ab:7c:74:cb:8b:02:4c:
85:e1:e5:c2:46:bb:5e:f8:86:9c:57:f8:5c:e3:ee:65:8c:e9:
9c:44:9c:e4:6b:59:07:1e:be:c2:06:82:c6:17:e0:14:c1:8d:
4e:eb:09:6f:9e:65:37:69:ca:1f:3d:a3:7f:03:1a:7b:09:de:
41:c7:40:82:56:d7:01:cc:30:19:fb:6b:0a:43:ef:ce:11:4b:
74:f0:26:3a:3f:a4:f5:e0:e1:36:48:23:ea:78:49:31:46:b8:
ff:2a:0a:8e:f2:9e:17:fb:c6:e2:f9:2e:55:85:8b:df:4c:ca:
0d:74:22:c9
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICOEcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDMx
NDUyMTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI0Q0I2RDcxN0E3RkVC
MkJDMzI1RjU2OEUyM0UwNjdCOTE0MDlBRkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDP5aB0LPKNlMNvAs//4/nc3dNOP0QG0szL6Eb7DvAjaLZ8ItsM
NoA8EojpVN+xmsTXP5F1kY87TM7B0JFKC/1Aj5dP2z4eOxLXet4EkLs7tsq7saQR
4/qRCg7lDDQe3b4ezpWb9IEWyCyxhUf1+FrnrYGRWaC1WAbfLnNRYc+TLFKAkBae
Itlrk+Rh3s9i09OLiuWKtaBmRSybw4yz23k+xGKEIOJxnbn1FvwkNdV1sk17y7OF
9gQbnStNRU1ZnkKBp42sJbBioJWcyn1bX8C73HmxIO9u99/3T7DkjxRv3hDUJ8UE
SZTXKKrL2GoN9mzHvAMNIbHDVx74hTYXE8zLAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUJMttcXp/6yvDJfVo4j4Ge5FAmvswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0pNdHRjWHBfNnl2REpm
Vm80ajRHZTVGQW12cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAEr+Bw+QgTS3CKkv0WGVv7UR2y4SCDY0
qjpG/3TruXME86OpIEtFbvW14CyEXxYsiW+4+PF9CwPasIxpdMOn1RtQC2NsqUNX
eOvtZ2ipHjDKI1Rccyyw3ZgOrfzwiub1/t2lB6R2aWU0Gl+snK2xXMnQErPBQH2f
CbB8rSWEQx2VquDdzgC4P8Rkq3x0y4sCTIXh5cJGu174hpxX+Fzj7mWM6ZxEnORr
WQcevsIGgsYX4BTBjU7rCW+eZTdpyh89o38DGnsJ3kHHQIJW1wHMMBn7awpD784R
S3TwJjo/pPXg4TZII+p4STFGuP8qCo7ynhf7xuL5LlWFi99Myg10Isk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:18 2024 by rpki-client on console-fra.rpki-client.org