Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/KdYTT81TCoRYapeHMHBICYmxk9A.roa
File: KdYTT81TCoRYapeHMHBICYmxk9A.roa (raw, json)
Hash identifier: HOlSVf5HKF6JGNfb66oRmxh+VEJuydv/o+n3AOUVk34=
Subject key identifier: 29:D6:13:4F:CD:53:0A:84:58:6A:97:87:30:70:48:09:89:B1:93:D0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 559F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KdYTT81TCoRYapeHMHBICYmxk9A.roa
Signing time: Sun 12 May 2024 17:54:09 +0000
ROA not before: Sun 12 May 2024 17:54:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21919 (0x559f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 12 17:54:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=29D6134FCD530A84586A97873070480989B193D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:39:12:db:44:9d:07:0f:79:8e:98:00:c7:08:
12:01:8e:f8:84:ea:f8:de:e8:dc:9f:c1:6a:a2:32:
c4:c9:b3:86:c3:dd:3e:80:fa:dc:a4:fa:35:97:a0:
c8:71:cf:09:e5:d6:24:82:a1:0d:53:d8:4a:91:97:
d0:18:44:b8:ef:fb:f0:43:f3:e7:5f:68:bf:74:7b:
f5:5b:da:2a:cf:ca:3a:16:7a:9c:c1:e0:07:5c:90:
4d:33:45:0d:e5:2a:12:9d:77:89:fc:3f:4d:2b:01:
f9:bf:79:9d:62:da:5b:41:99:78:c8:ab:9e:dd:30:
f5:bf:9d:85:c4:af:69:b6:8d:f0:89:ca:1e:12:e5:
8b:26:3c:50:87:e4:e0:1d:27:b2:88:f8:8f:9c:12:
e3:7d:4f:25:80:1a:3b:20:fc:d7:e0:cd:50:c3:48:
ce:b0:f6:d9:54:43:7c:c2:d8:3c:18:fe:2b:bd:58:
60:62:9c:de:6c:10:63:27:8e:6a:61:11:b2:f4:b9:
2b:e5:f8:7f:db:5c:cf:e0:9c:8a:dd:0f:fd:df:0f:
a4:39:e2:f6:58:b4:ce:df:7f:1d:94:6d:b8:27:05:
69:ba:62:2a:4b:c4:e8:10:58:7f:80:98:82:fc:18:
b6:10:c4:3c:88:3b:c4:81:fa:06:3d:90:c5:6c:44:
3e:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:D6:13:4F:CD:53:0A:84:58:6A:97:87:30:70:48:09:89:B1:93:D0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KdYTT81TCoRYapeHMHBICYmxk9A.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
11:97:e1:a9:41:a5:df:1c:24:f2:42:51:15:22:00:c6:92:76:
31:9c:9a:0a:06:55:65:33:ba:cd:dd:65:b3:c2:3b:7d:cf:e7:
24:cc:6e:cf:06:0d:37:7f:2c:96:b5:d7:0c:ec:40:a5:51:8f:
0e:5a:4b:79:f0:0c:9f:63:c6:41:22:81:2a:3a:a9:c2:56:c6:
6b:d3:ef:5e:33:65:b6:4f:92:58:21:ae:fe:08:80:df:27:53:
36:ad:ca:ea:03:ce:1e:94:17:bb:a5:a1:64:c1:a4:03:90:b4:
78:06:aa:1e:dd:bc:4b:e7:71:2d:69:d1:1f:ce:1b:fb:5d:9b:
4a:26:61:76:0e:fe:26:94:79:a9:0a:fd:9f:4f:bb:96:d9:7e:
3d:f7:81:1d:56:44:07:af:12:f2:2d:6f:c9:d5:a6:9d:90:a0:
34:56:62:63:0d:2b:c5:13:29:9a:80:5b:4e:0e:5c:7b:23:ed:
2f:a9:d2:c7:ba:f6:e1:c3:99:a8:62:ed:74:37:87:2b:94:ab:
b3:e9:25:fd:b8:5d:5a:35:89:d1:2b:d8:d1:fd:91:66:0a:4c:
5b:c9:db:eb:fb:5c:b6:b9:77:1a:4d:f3:52:e2:e9:95:4d:9a:
a7:18:aa:c8:16:fa:7e:9a:5f:9c:cc:cd:08:07:36:a6:b0:ab:
d9:a5:b9:01
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICVZ8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTIx
NzU0MDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI5RDYxMzRGQ0Q1MzBB
ODQ1ODZBOTc4NzMwNzA0ODA5ODlCMTkzRDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMORLbRJ0HD3mOmADHCBIBjviE6vje6NyfwWqiMsTJs4bD3T6A
+tyk+jWXoMhxzwnl1iSCoQ1T2EqRl9AYRLjv+/BD8+dfaL90e/Vb2irPyjoWepzB
4AdckE0zRQ3lKhKdd4n8P00rAfm/eZ1i2ltBmXjIq57dMPW/nYXEr2m2jfCJyh4S
5YsmPFCH5OAdJ7KI+I+cEuN9TyWAGjsg/NfgzVDDSM6w9tlUQ3zC2DwY/iu9WGBi
nN5sEGMnjmphEbL0uSvl+H/bXM/gnIrdD/3fD6Q54vZYtM7ffx2UbbgnBWm6YipL
xOgQWH+AmIL8GLYQxDyIO8SB+gY9kMVsRD7/AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUKdYTT81TCoRYapeHMHBICYmxk9AwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0tkWVRUODFUQ29SWWFw
ZUhNSEJJQ1lteGs5QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBABGX4alBpd8cJPJCURUiAMaSdjGcmgoG
VWUzus3dZbPCO33P5yTMbs8GDTd/LJa11wzsQKVRjw5aS3nwDJ9jxkEigSo6qcJW
xmvT714zZbZPklghrv4IgN8nUzatyuoDzh6UF7uloWTBpAOQtHgGqh7dvEvncS1p
0R/OG/tdm0omYXYO/iaUeakK/Z9Pu5bZfj33gR1WRAevEvItb8nVpp2QoDRWYmMN
K8UTKZqAW04OXHsj7S+p0se69uHDmahi7XQ3hyuUq7PpJf24XVo1idEr2NH9kWYK
TFvJ2+v7XLa5dxpN81Li6ZVNmqcYqsgW+n6aX5zMzQgHNqawq9mluQE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:19 2024 by rpki-client on console-fra.rpki-client.org