Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/JdrKxowq1j1qsCB9E4dNM6beFIs.roa
File: JdrKxowq1j1qsCB9E4dNM6beFIs.roa (raw, json)
Hash identifier: VTX//AcEgWu4rY0sLJJJqLoqU0dFxtVD6nY2MCyDK/A=
Subject key identifier: 25:DA:CA:C6:8C:2A:D6:3D:6A:B0:20:7D:13:87:4D:33:A6:DE:14:8B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 53B3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/JdrKxowq1j1qsCB9E4dNM6beFIs.roa
Signing time: Fri 10 May 2024 04:24:01 +0000
ROA not before: Fri 10 May 2024 04:24:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21427 (0x53b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 10 04:24:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=25DACAC68C2AD63D6AB0207D13874D33A6DE148B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:11:ee:8c:c4:cd:70:8d:f7:d9:73:b5:48:a7:
1e:14:60:cd:40:30:95:0d:14:64:57:9f:9f:57:7b:
b2:e2:55:3a:15:3a:99:35:be:0b:09:0d:7b:06:b2:
f8:0b:67:4e:36:31:9b:a0:e4:78:8a:df:21:f4:93:
ba:17:76:ed:c0:f2:17:df:37:36:04:84:d7:3c:7e:
40:b1:dc:3b:7b:b4:23:1c:d3:ed:de:b9:c4:70:5d:
db:23:dd:55:51:7d:37:2c:44:50:04:72:0c:d7:0d:
2f:f6:8e:ab:08:ee:c9:b7:41:78:cb:1e:07:d3:5e:
33:c0:9f:65:42:f3:1c:82:f0:9e:f8:01:22:31:78:
62:ed:fd:ed:38:bc:ae:a7:33:4b:4b:7c:7a:e5:de:
82:33:e4:99:a6:91:df:87:84:d9:60:26:a0:5c:49:
9f:6a:e7:27:22:ba:20:42:bb:d3:15:c8:23:ba:74:
d8:da:7c:55:6a:77:03:f2:74:92:28:dd:40:df:e7:
99:3e:22:2a:25:c1:1d:99:2f:59:ed:fa:b1:aa:76:
a7:66:98:79:59:05:78:af:14:5d:e2:5b:0b:51:da:
b6:c6:43:58:58:66:40:e6:d0:72:b0:cc:ab:05:29:
c0:cf:d5:15:a5:b0:4c:1e:da:f3:36:fe:b2:59:f3:
d8:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:DA:CA:C6:8C:2A:D6:3D:6A:B0:20:7D:13:87:4D:33:A6:DE:14:8B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/JdrKxowq1j1qsCB9E4dNM6beFIs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
66:5e:39:c8:64:8e:33:24:c7:b0:1e:9b:20:46:9a:0d:72:70:
2a:84:86:18:fb:70:7e:88:5f:c6:ed:5b:55:df:6a:a0:d4:ab:
80:60:27:ea:18:99:b6:b8:38:f9:f5:e4:99:fe:b0:27:f4:87:
f9:a5:91:09:55:9b:8a:00:06:16:0a:39:6f:83:2e:6d:ed:9a:
d3:9a:bd:d6:31:de:36:50:b5:f8:d7:2c:30:23:2b:2f:4c:49:
5c:fd:a9:ef:b7:43:be:08:48:81:4b:47:78:bd:7a:63:bd:3e:
47:a1:52:3d:b5:67:e2:2a:d9:fc:36:d3:f2:ae:13:c1:48:4c:
0f:10:50:ff:66:87:3d:dc:fa:54:e1:50:ec:ce:db:5a:69:a2:
2b:c6:ea:1f:01:a7:63:44:9c:fc:e5:9a:b2:e2:09:2b:f6:e4:
8c:c9:72:13:df:49:2e:c9:4b:7c:b9:d9:b3:37:ea:14:c5:8f:
94:3a:40:f3:60:3f:8a:04:37:e3:d7:49:db:15:a7:4b:a7:fb:
83:fe:76:12:f5:99:8b:7c:1d:e7:2c:b1:7c:f1:22:82:9f:75:
2d:be:b9:c3:8e:7b:ed:d8:34:cc:93:ce:df:0c:87:49:5e:c5:
48:30:71:4a:d7:f3:b1:c5:65:57:3d:62:b9:62:e8:75:ba:06:
a3:99:c7:9f
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICU7MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTAw
NDI0MDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI1REFDQUM2OEMyQUQ2
M0Q2QUIwMjA3RDEzODc0RDMzQTZERTE0OEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDREe6MxM1wjffZc7VIpx4UYM1AMJUNFGRXn59Xe7LiVToVOpk1
vgsJDXsGsvgLZ042MZug5HiK3yH0k7oXdu3A8hffNzYEhNc8fkCx3Dt7tCMc0+3e
ucRwXdsj3VVRfTcsRFAEcgzXDS/2jqsI7sm3QXjLHgfTXjPAn2VC8xyC8J74ASIx
eGLt/e04vK6nM0tLfHrl3oIz5Jmmkd+HhNlgJqBcSZ9q5yciuiBCu9MVyCO6dNja
fFVqdwPydJIo3UDf55k+IiolwR2ZL1nt+rGqdqdmmHlZBXivFF3iWwtR2rbGQ1hY
ZkDm0HKwzKsFKcDP1RWlsEwe2vM2/rJZ89j1AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUJdrKxowq1j1qsCB9E4dNM6beFIswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0pkckt4b3dxMWoxcXND
QjlFNGROTTZiZUZJcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAGZeOchkjjMkx7AemyBGmg1ycCqEhhj7
cH6IX8btW1XfaqDUq4BgJ+oYmba4OPn15Jn+sCf0h/mlkQlVm4oABhYKOW+DLm3t
mtOavdYx3jZQtfjXLDAjKy9MSVz9qe+3Q74ISIFLR3i9emO9PkehUj21Z+Iq2fw2
0/KuE8FITA8QUP9mhz3c+lThUOzO21ppoivG6h8Bp2NEnPzlmrLiCSv25IzJchPf
SS7JS3y52bM36hTFj5Q6QPNgP4oEN+PXSdsVp0un+4P+dhL1mYt8HecssXzxIoKf
dS2+ucOOe+3YNMyTzt8Mh0lexUgwcUrX87HFZVc9Yrli6HW6BqOZx58=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:19 2024 by rpki-client on console-fra.rpki-client.org