Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/JVOaiuxILSddecHd7tRWc9BDd4M.roa
File: JVOaiuxILSddecHd7tRWc9BDd4M.roa (raw, json)
Hash identifier: zeIU5jzVHjFU9QSZFcXS0OxfU8KmkzQUqrJwUx2Zo8g=
Subject key identifier: 25:53:9A:8A:EC:48:2D:27:5D:79:C1:DD:EE:D4:56:73:D0:43:77:83
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 36DF
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/JVOaiuxILSddecHd7tRWc9BDd4M.roa
Signing time: Mon 01 Apr 2024 17:52:12 +0000
ROA not before: Mon 01 Apr 2024 17:52:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14047 (0x36df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 1 17:52:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=25539A8AEC482D275D79C1DDEED45673D0437783
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:29:51:ab:7c:31:64:cc:60:59:95:b5:5c:c7:
cd:4f:d0:d2:a6:9d:90:38:82:eb:09:43:ac:fa:02:
e7:94:46:f4:ec:aa:2e:c1:77:c2:94:bc:22:47:a4:
4d:c6:3f:cd:c9:7f:5a:68:47:8e:2c:00:1a:bf:87:
b3:ea:18:35:6d:d3:1f:f8:dc:21:63:f0:00:2a:da:
43:2c:b6:6c:b8:22:a5:c9:f3:9a:94:03:1b:4c:cb:
ac:81:52:a8:a2:a8:21:71:58:7d:77:ab:0b:09:d4:
75:9d:09:94:69:3c:9d:89:9c:50:31:25:3c:57:08:
72:58:1b:03:87:28:57:aa:8c:37:d0:d7:f6:ba:bf:
2a:3c:02:19:ef:0b:b5:8f:5e:0e:7b:a6:80:2c:8c:
e7:8d:e6:ca:c7:5b:b0:82:2f:9f:c1:55:21:7c:0a:
ea:b5:ff:c6:87:21:93:fd:97:7e:33:b0:ac:f0:c0:
4e:16:40:f9:85:5b:65:c3:16:c3:2c:45:16:29:ac:
57:4a:d0:54:f1:de:29:05:25:0b:67:f2:cc:f5:f3:
a0:29:bf:28:3e:05:ac:98:8e:2f:d4:67:71:de:78:
d8:de:78:0c:51:a7:97:cf:d7:f4:cf:c1:14:1c:96:
ff:f9:4c:37:30:5f:6c:f7:b1:3d:b2:d5:eb:d0:03:
c9:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:53:9A:8A:EC:48:2D:27:5D:79:C1:DD:EE:D4:56:73:D0:43:77:83
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/JVOaiuxILSddecHd7tRWc9BDd4M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
20:90:20:6f:0f:a4:f1:9d:11:ba:aa:a9:d9:4c:62:fe:7b:88:
ea:9b:bf:de:12:fc:08:80:af:b6:b3:1f:78:a8:83:d7:f0:31:
f0:4e:6e:93:7e:36:ea:df:a7:97:73:2b:3a:cf:6d:b0:c4:dc:
1c:ac:05:b7:25:38:10:fa:61:d0:a9:c1:9b:27:ed:a6:5b:1a:
2f:4a:3b:cb:ac:29:1b:b9:93:0e:c0:7d:e5:21:10:56:94:a8:
5e:a6:5a:34:d5:9c:a2:15:84:06:db:52:3b:8c:83:21:9e:4c:
40:b1:85:85:7d:fa:9c:db:09:25:27:05:9d:85:7f:9a:69:7b:
8f:b2:14:1b:23:df:04:f1:18:61:ee:38:c4:c0:c8:78:17:64:
31:f3:79:f5:17:d2:0f:4b:47:11:a4:56:0b:d8:13:4f:35:93:
6f:31:4f:ba:1f:f0:4c:b2:2c:5f:4d:41:67:27:99:68:7b:ea:
e7:da:66:fe:d9:79:0a:40:25:a4:26:7d:10:86:9b:18:b4:ba:
af:5e:e2:e9:95:6a:79:9f:f7:f8:a0:6f:c1:11:22:4f:dd:be:
4f:80:48:e7:fb:81:0a:01:53:07:39:7c:4c:f6:ef:0d:9c:67:
72:61:74:3b:b0:37:5a:7d:6d:94:5a:e6:d0:3a:f9:7a:7a:71:
bb:a2:51:43
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNt8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDEx
NzUyMTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI1NTM5QThBRUM0ODJE
Mjc1RDc5QzFEREVFRDQ1NjczRDA0Mzc3ODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAKVGrfDFkzGBZlbVcx81P0NKmnZA4gusJQ6z6AueURvTsqi7B
d8KUvCJHpE3GP83Jf1poR44sABq/h7PqGDVt0x/43CFj8AAq2kMstmy4IqXJ85qU
AxtMy6yBUqiiqCFxWH13qwsJ1HWdCZRpPJ2JnFAxJTxXCHJYGwOHKFeqjDfQ1/a6
vyo8AhnvC7WPXg57poAsjOeN5srHW7CCL5/BVSF8Cuq1/8aHIZP9l34zsKzwwE4W
QPmFW2XDFsMsRRYprFdK0FTx3ikFJQtn8sz186Apvyg+BayYji/UZ3HeeNjeeAxR
p5fP1/TPwRQclv/5TDcwX2z3sT2y1evQA8k/AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUJVOaiuxILSddecHd7tRWc9BDd4MwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0pWT2FpdXhJTFNkZGVj
SGQ3dFJXYzlCRGQ0TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBACCQIG8PpPGdEbqqqdlMYv57iOqbv94S
/AiAr7azH3iog9fwMfBObpN+Nurfp5dzKzrPbbDE3BysBbclOBD6YdCpwZsn7aZb
Gi9KO8usKRu5kw7AfeUhEFaUqF6mWjTVnKIVhAbbUjuMgyGeTECxhYV9+pzbCSUn
BZ2Ff5ppe4+yFBsj3wTxGGHuOMTAyHgXZDHzefUX0g9LRxGkVgvYE081k28xT7of
8EyyLF9NQWcnmWh76ufaZv7ZeQpAJaQmfRCGmxi0uq9e4umVanmf9/igb8ERIk/d
vk+ASOf7gQoBUwc5fEz27w2cZ3JhdDuwN1p9bZRa5tA6+Xp6cbuiUUM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:31 2024 by rpki-client on console-ams.rpki-client.org