Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/KtlsOPNrZlK1GPMBDmd0mnj20Qg.roa
File: KtlsOPNrZlK1GPMBDmd0mnj20Qg.roa (raw, json)
Hash identifier: OSEH6saaDegXcN9JTxxuTD5VC0xrn+MhxPUomzh28F4=
Subject key identifier: 2A:D9:6C:38:F3:6B:66:52:B5:18:F3:01:0E:67:74:9A:78:F6:D1:08
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3A2B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KtlsOPNrZlK1GPMBDmd0mnj20Qg.roa
Signing time: Sat 06 Apr 2024 03:22:26 +0000
ROA not before: Sat 06 Apr 2024 03:22:26 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14891 (0x3a2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 6 03:22:26 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2AD96C38F36B6652B518F3010E67749A78F6D108
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d6:c3:b8:72:f3:ec:af:a4:e4:fb:db:40:28:
57:bd:4f:00:5b:cf:34:dc:0a:4a:8a:6d:2b:17:d4:
da:b8:af:d7:9e:86:9b:02:71:f4:a1:67:18:bd:86:
87:79:bd:cd:e6:fc:13:cd:1b:25:aa:dc:4c:28:02:
88:8c:18:b5:11:0f:1d:4f:b5:42:a2:e4:10:56:41:
f7:78:62:4b:d2:7d:c1:e5:58:ae:c6:c7:21:45:8b:
97:99:81:50:53:f2:b0:f5:58:76:e5:fd:32:ea:bf:
9f:9f:cc:25:3f:f1:35:e7:05:43:da:59:ef:1f:41:
53:9a:72:38:58:66:f5:6e:3e:7e:ff:1d:fc:1d:75:
2f:d2:5b:96:d5:5d:f4:c1:33:33:22:e5:05:45:8e:
6e:94:f6:cb:ec:3c:c8:4b:45:d9:d4:9c:86:63:74:
de:d4:b6:e1:dc:d7:dd:a6:78:1e:9c:46:69:01:4d:
14:36:74:00:e9:a8:23:71:8e:c6:fb:e7:18:03:d1:
fe:73:51:ee:9d:e5:c1:d5:53:b9:72:a4:72:0b:8d:
68:3b:a5:f6:2b:6d:90:1e:52:33:31:f8:bc:8f:67:
5c:01:36:a1:3e:02:0c:02:02:33:27:0f:63:0b:d2:
b5:72:ed:67:52:25:b1:58:56:d6:ce:e1:77:40:f5:
04:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:D9:6C:38:F3:6B:66:52:B5:18:F3:01:0E:67:74:9A:78:F6:D1:08
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KtlsOPNrZlK1GPMBDmd0mnj20Qg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
b6:0a:bc:0a:e7:60:6f:65:e8:d6:29:a1:a8:1c:93:c0:1f:0d:
3a:fe:ad:26:57:fb:45:52:cf:e4:4a:fd:3b:65:65:b8:a7:4d:
ca:23:8f:06:78:c2:7d:04:ad:17:55:b0:f7:07:eb:12:12:96:
5a:e9:16:2b:ee:a4:f9:b9:86:5a:0d:cf:a2:1a:00:0c:71:fe:
5c:04:ab:a9:14:aa:d0:a5:a8:c4:13:f4:0e:44:b9:d0:79:e5:
bc:fe:f4:cb:62:27:d2:b7:bc:57:46:fd:c8:80:0a:03:0b:b7:
74:b4:41:64:8a:cd:c6:e8:f2:19:b3:8e:f3:92:8f:3d:9f:20:
5c:0a:94:3b:4f:10:d5:60:7e:3e:02:e2:a4:07:db:d9:ec:f1:
91:4a:e1:74:74:e0:9c:24:a7:ea:b8:a7:5a:84:90:96:1c:0b:
ca:23:a0:18:40:a0:52:2c:bc:41:8f:39:9e:ef:ce:c5:60:5e:
79:90:ba:5a:ea:c2:98:ad:8b:72:d9:42:c2:85:fb:a7:5d:de:
2f:50:ef:82:5c:e3:27:e5:f2:c7:40:b3:91:e5:25:6b:a8:f8:
91:bf:65:6d:e1:8d:a0:0c:a0:e3:30:01:dd:fd:60:2d:5d:9b:
9c:ae:d2:cf:47:c8:56:4a:0e:6d:e1:d8:d9:15:ed:27:96:17:
22:95:ce:c2
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICOiswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDYw
MzIyMjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJBRDk2QzM4RjM2QjY2
NTJCNTE4RjMwMTBFNjc3NDlBNzhGNkQxMDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCu1sO4cvPsr6Tk+9tAKFe9TwBbzzTcCkqKbSsX1Nq4r9eehpsC
cfShZxi9hod5vc3m/BPNGyWq3EwoAoiMGLURDx1PtUKi5BBWQfd4YkvSfcHlWK7G
xyFFi5eZgVBT8rD1WHbl/TLqv5+fzCU/8TXnBUPaWe8fQVOacjhYZvVuPn7/Hfwd
dS/SW5bVXfTBMzMi5QVFjm6U9svsPMhLRdnUnIZjdN7UtuHc192meB6cRmkBTRQ2
dADpqCNxjsb75xgD0f5zUe6d5cHVU7lypHILjWg7pfYrbZAeUjMx+LyPZ1wBNqE+
AgwCAjMnD2ML0rVy7WdSJbFYVtbO4XdA9QTHAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUKtlsOPNrZlK1GPMBDmd0mnj20QgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0t0bHNPUE5yWmxLMUdQ
TUJEbWQwbW5qMjBRZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALYKvArnYG9l6NYpoagck8AfDTr+rSZX
+0VSz+RK/TtlZbinTcojjwZ4wn0ErRdVsPcH6xISllrpFivupPm5hloNz6IaAAxx
/lwEq6kUqtClqMQT9A5EudB55bz+9MtiJ9K3vFdG/ciACgMLt3S0QWSKzcbo8hmz
jvOSjz2fIFwKlDtPENVgfj4C4qQH29ns8ZFK4XR04Jwkp+q4p1qEkJYcC8ojoBhA
oFIsvEGPOZ7vzsVgXnmQulrqwpiti3LZQsKF+6dd3i9Q74Jc4yfl8sdAs5HlJWuo
+JG/ZW3hjaAMoOMwAd39YC1dm5yu0s9HyFZKDm3h2NkV7SeWFyKVzsI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:19 2024 by rpki-client on console-fra.rpki-client.org