Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/KXDETBl2OKn90__k6Cb9Js5_mFA.roa
File: KXDETBl2OKn90__k6Cb9Js5_mFA.roa (raw, json)
Hash identifier: 9sAGlOiu/A2tYQval53JDLXan0UMwlAfRP/+T5p/hxw=
Subject key identifier: 29:70:C4:4C:19:76:38:A9:FD:D3:FF:E4:E8:26:FD:26:CE:7F:98:50
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3A97
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KXDETBl2OKn90__k6Cb9Js5_mFA.roa
Signing time: Sat 06 Apr 2024 16:52:33 +0000
ROA not before: Sat 06 Apr 2024 16:52:33 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14999 (0x3a97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 6 16:52:33 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2970C44C197638A9FDD3FFE4E826FD26CE7F9850
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:b6:a6:c6:9c:99:07:e8:49:22:6e:7c:6f:70:
62:89:33:4c:64:6a:c4:04:1b:7f:d6:5e:d0:ba:0c:
cb:8b:74:08:4e:60:56:2e:14:c3:87:e0:23:b7:1a:
f9:77:02:16:c7:07:48:55:75:05:67:39:3b:e4:dd:
95:bf:03:9f:7b:43:3a:05:dd:58:0f:b8:f9:83:a8:
2b:63:ec:5f:1a:fa:ef:c4:be:89:95:12:d6:68:59:
9f:31:56:b7:34:16:09:38:e2:56:a1:ab:09:02:02:
a8:cb:04:bc:4a:2d:2c:b3:b8:46:64:a0:5c:4e:4d:
77:c3:3a:bd:3b:f1:64:08:0c:a2:95:62:2a:50:5c:
da:cc:e9:b3:88:60:f0:10:af:6e:16:b6:79:3e:12:
29:49:0c:2f:28:26:4b:2a:81:16:5f:79:2b:96:cc:
05:e4:db:d1:53:df:fb:9a:27:ae:78:6a:5d:9e:5c:
1a:52:fe:0f:6e:55:74:3e:3c:e8:8f:57:11:bc:2b:
9e:e6:80:52:c4:6f:c9:94:2d:77:41:db:06:4c:a2:
bc:3b:28:2f:3c:72:14:64:de:b3:94:4f:e2:25:3d:
8a:67:0f:eb:ba:cc:8d:df:1f:dd:e4:a1:24:b8:b6:
22:f0:ca:1e:b6:9f:3f:b4:f9:29:e5:f4:b9:cf:bc:
20:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:70:C4:4C:19:76:38:A9:FD:D3:FF:E4:E8:26:FD:26:CE:7F:98:50
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KXDETBl2OKn90__k6Cb9Js5_mFA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
5f:cf:d5:7b:f3:7a:db:e9:cb:e7:21:21:55:d8:5a:33:00:a1:
78:3f:12:06:3d:8f:72:9b:83:71:dc:45:0a:98:94:66:de:af:
6b:87:a1:67:14:d2:b7:38:f8:5b:21:e0:0c:8c:98:b0:3f:69:
67:4e:ca:62:ac:fb:75:50:20:3f:86:6a:7a:51:21:a4:49:44:
90:f9:3e:d8:a5:b8:4c:b6:45:51:88:d2:67:23:d5:ad:ff:b3:
8b:1a:53:60:99:4e:7d:56:04:5d:22:12:e1:41:f8:76:39:b4:
b2:bc:e1:e5:b1:12:6f:65:ad:ce:b1:b8:2b:59:c1:cd:5e:3f:
62:c4:c1:24:8c:6e:69:40:a3:8e:48:fa:0c:84:8f:33:5a:a0:
e4:50:a0:6c:5b:79:ab:91:e7:b3:9d:79:f0:d3:9e:e4:10:ba:
48:aa:ef:99:88:1d:33:75:be:57:83:1f:fb:b1:b1:bd:e9:60:
c0:d1:7d:aa:f7:90:94:60:7e:4f:eb:47:57:75:1e:81:9c:0f:
97:8a:08:07:c1:50:e0:de:9f:5d:f9:99:3f:22:2b:82:86:13:
27:03:54:6f:db:e6:61:7a:a4:5d:30:b2:a7:92:7e:fa:f0:34:
51:e1:1d:16:ac:fa:3f:dd:96:3f:2e:cd:2f:1f:b9:47:6f:7b:
76:ed:3b:ce
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICOpcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDYx
NjUyMzNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI5NzBDNDRDMTk3NjM4
QTlGREQzRkZFNEU4MjZGRDI2Q0U3Rjk4NTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUtqbGnJkH6EkibnxvcGKJM0xkasQEG3/WXtC6DMuLdAhOYFYu
FMOH4CO3Gvl3AhbHB0hVdQVnOTvk3ZW/A597QzoF3VgPuPmDqCtj7F8a+u/EvomV
EtZoWZ8xVrc0Fgk44lahqwkCAqjLBLxKLSyzuEZkoFxOTXfDOr078WQIDKKVYipQ
XNrM6bOIYPAQr24Wtnk+EilJDC8oJksqgRZfeSuWzAXk29FT3/uaJ654al2eXBpS
/g9uVXQ+POiPVxG8K57mgFLEb8mULXdB2wZMorw7KC88chRk3rOUT+IlPYpnD+u6
zI3fH93koSS4tiLwyh62nz+0+Snl9LnPvCBDAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUKXDETBl2OKn90//k6Cb9Js5/mFAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0tYREVUQmwyT0tuOTBf
X2s2Q2I5SnM1X21GQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAF/P1Xvzetvpy+chIVXYWjMAoXg/EgY9
j3Kbg3HcRQqYlGber2uHoWcU0rc4+Fsh4AyMmLA/aWdOymKs+3VQID+GanpRIaRJ
RJD5PtiluEy2RVGI0mcj1a3/s4saU2CZTn1WBF0iEuFB+HY5tLK84eWxEm9lrc6x
uCtZwc1eP2LEwSSMbmlAo45I+gyEjzNaoORQoGxbeauR57OdefDTnuQQukiq75mI
HTN1vleDH/uxsb3pYMDRfar3kJRgfk/rR1d1HoGcD5eKCAfBUODen135mT8iK4KG
EycDVG/b5mF6pF0wsqeSfvrwNFHhHRas+j/dlj8uzS8fuUdve3btO84=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:19 2024 by rpki-client on console-fra.rpki-client.org