Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/JPpq34KADjPgJSwZnuuq6ZjlaUQ.roa
File: JPpq34KADjPgJSwZnuuq6ZjlaUQ.roa (raw, json)
Hash identifier: UIeGm4nSTptYXiUb7bUf75Bz48so0AURxvpd5zHVzGE=
Subject key identifier: 24:FA:6A:DF:82:80:0E:33:E0:25:2C:19:9E:EB:AA:E9:98:E5:69:44
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 43E3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/JPpq34KADjPgJSwZnuuq6ZjlaUQ.roa
Signing time: Fri 19 Apr 2024 02:23:00 +0000
ROA not before: Fri 19 Apr 2024 02:23:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17379 (0x43e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 19 02:23:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=24FA6ADF82800E33E0252C199EEBAAE998E56944
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:7e:dd:1d:89:87:43:4c:1a:6a:4c:fe:87:7b:
d6:a9:fc:09:f2:be:7e:93:f5:ef:23:44:7e:df:dc:
2e:4d:c0:19:4c:4e:f5:56:fd:5b:68:cc:b7:82:90:
cc:d7:f3:52:70:48:0b:6f:80:3a:31:9b:e8:f5:13:
62:3f:25:3b:b7:13:c4:08:6f:98:a3:34:c1:16:24:
ad:62:be:87:43:fc:27:f9:87:50:54:d2:d1:1b:0b:
18:29:57:7d:5c:7d:92:cd:94:a9:e4:fa:c3:6c:7e:
16:6f:7c:08:92:47:13:79:33:2f:00:e2:29:05:ec:
f4:eb:0a:9f:44:8b:18:a8:42:ff:55:10:6a:79:24:
e3:7b:b2:a3:7c:9f:49:14:c5:5a:e2:10:a8:b2:5a:
1c:4d:3c:f3:9e:cd:0a:fc:7f:04:21:7e:32:7a:e5:
25:bb:68:79:83:dc:1c:d3:c6:32:3e:c2:53:49:b1:
79:28:bf:fb:22:ca:5b:83:d2:16:cb:e7:1b:3a:cc:
fd:af:04:bc:68:cd:6c:db:bd:33:be:06:b7:84:43:
fa:89:7f:12:26:65:45:ca:28:04:69:a3:57:ec:06:
08:49:1f:dd:0c:b4:0b:0f:41:51:65:f2:7b:d3:3a:
60:45:5c:f0:b6:12:7d:e1:c2:f7:c5:aa:f2:36:82:
e4:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:FA:6A:DF:82:80:0E:33:E0:25:2C:19:9E:EB:AA:E9:98:E5:69:44
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/JPpq34KADjPgJSwZnuuq6ZjlaUQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
8d:0b:ad:60:be:1f:e0:82:3e:2d:2f:b5:c9:7c:19:cd:d7:d2:
8b:71:9e:70:01:15:60:59:11:a2:76:ec:1a:4a:11:30:74:92:
25:67:b0:b9:64:aa:5a:ae:4c:15:8f:2b:c2:ce:73:5b:e5:83:
ea:ee:00:dd:89:a0:d4:25:48:24:77:67:f8:9b:4f:17:c2:71:
eb:de:13:df:0b:da:5a:2e:58:d2:31:19:ee:58:4a:e5:72:26:
de:4d:96:24:45:f0:79:42:cc:3c:80:58:ef:06:2a:11:e9:f7:
72:33:f9:88:9f:11:fe:89:34:1e:9f:b9:0b:1a:1c:53:1d:e0:
d5:3c:d7:12:13:a6:ec:c4:c3:68:22:27:6e:b1:ad:b5:c9:a3:
bd:c7:e5:ce:d8:cd:a0:55:90:01:26:e7:d7:f1:31:9e:cb:4d:
1b:88:7e:9b:d2:d8:4f:1e:5b:37:35:7e:54:9e:8c:7a:2e:c1:
57:6f:05:af:4e:6e:04:d6:ff:8f:eb:45:2d:27:38:22:f8:bd:
61:2d:65:ea:37:cf:69:31:aa:18:17:ff:d2:37:66:4a:8c:86:
d7:0f:03:5d:46:6f:5f:f4:02:aa:0d:fa:ac:f1:f6:08:0e:a5:
cf:ea:75:ca:54:68:3c:dd:61:a3:0e:59:d7:55:23:f3:06:17:
9c:0e:90:46
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQ+MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTkw
MjIzMDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI0RkE2QURGODI4MDBF
MzNFMDI1MkMxOTlFRUJBQUU5OThFNTY5NDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbft0diYdDTBpqTP6He9ap/Anyvn6T9e8jRH7f3C5NwBlMTvVW
/VtozLeCkMzX81JwSAtvgDoxm+j1E2I/JTu3E8QIb5ijNMEWJK1ivodD/Cf5h1BU
0tEbCxgpV31cfZLNlKnk+sNsfhZvfAiSRxN5My8A4ikF7PTrCp9EixioQv9VEGp5
JON7sqN8n0kUxVriEKiyWhxNPPOezQr8fwQhfjJ65SW7aHmD3BzTxjI+wlNJsXko
v/siyluD0hbL5xs6zP2vBLxozWzbvTO+BreEQ/qJfxImZUXKKARpo1fsBghJH90M
tAsPQVFl8nvTOmBFXPC2En3hwvfFqvI2guSvAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUJPpq34KADjPgJSwZnuuq6ZjlaUQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0pQcHEzNEtBRGpQZ0pT
d1pudXVxNlpqbGFVUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAI0LrWC+H+CCPi0vtcl8Gc3X0otxnnAB
FWBZEaJ27BpKETB0kiVnsLlkqlquTBWPK8LOc1vlg+ruAN2JoNQlSCR3Z/ibTxfC
ceveE98L2louWNIxGe5YSuVyJt5NliRF8HlCzDyAWO8GKhHp93Iz+YifEf6JNB6f
uQsaHFMd4NU81xITpuzEw2giJ26xrbXJo73H5c7YzaBVkAEm59fxMZ7LTRuIfpvS
2E8eWzc1flSejHouwVdvBa9ObgTW/4/rRS0nOCL4vWEtZeo3z2kxqhgX/9I3ZkqM
htcPA11Gb1/0AqoN+qzx9ggOpc/qdcpUaDzdYaMOWddVI/MGF5wOkEY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:18 2024 by rpki-client on console-fra.rpki-client.org