Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Kty7DwrbHlaAk9V1JPaPk35A0mE.roa
File: Kty7DwrbHlaAk9V1JPaPk35A0mE.roa (raw, json)
Hash identifier: BSoWUaVmYPgK94I6bHAj3wa7XXGQft7rhaAHf+MoHCw=
Subject key identifier: 2A:DC:BB:0F:0A:DB:1E:56:80:93:D5:75:24:F6:8F:93:7E:40:D2:61
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 576F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Kty7DwrbHlaAk9V1JPaPk35A0mE.roa
Signing time: Wed 15 May 2024 03:54:11 +0000
ROA not before: Wed 15 May 2024 03:54:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22383 (0x576f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 15 03:54:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2ADCBB0F0ADB1E568093D57524F68F937E40D261
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:5c:d0:91:4c:b0:47:27:a8:2d:8b:e9:ce:09:
a3:81:bd:01:c7:04:88:1b:13:db:de:c5:b1:03:46:
33:10:01:52:05:cd:32:a1:f5:ff:e9:2e:f7:5a:05:
bf:e3:72:02:3b:36:56:34:2a:81:d5:58:12:84:a5:
f5:93:d9:5e:24:94:5a:73:2c:41:3a:6b:b3:2b:dd:
2b:09:51:fa:a2:78:e1:81:27:53:fc:cb:56:71:e0:
94:af:01:5b:9c:a0:9e:d2:ea:24:62:85:04:9a:3a:
8d:d1:9f:90:f3:50:46:dd:9f:b6:ed:48:69:02:37:
b2:da:8a:3f:9d:ac:d4:af:53:a1:7c:67:3b:85:69:
79:1a:50:f5:3e:86:03:95:1f:f0:e1:2e:01:e1:81:
13:bf:78:34:a5:40:d8:85:14:73:9b:b2:60:84:bb:
62:ea:32:dd:f8:58:bb:95:de:bd:62:03:55:13:83:
e2:ec:79:ba:1e:d7:dc:db:2e:ef:fb:26:d6:67:83:
38:79:dc:64:02:87:ee:b3:cb:e1:86:12:2c:85:40:
29:2d:53:47:1c:cc:d3:07:b4:e9:ab:8e:7e:ef:85:
45:ba:b5:4a:bd:9d:e4:4f:b3:b5:3d:62:0a:1f:0e:
86:42:dd:dd:69:33:86:a8:b2:12:51:2f:b3:eb:2d:
45:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:DC:BB:0F:0A:DB:1E:56:80:93:D5:75:24:F6:8F:93:7E:40:D2:61
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Kty7DwrbHlaAk9V1JPaPk35A0mE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
70:b4:1c:a4:c3:3a:13:ed:49:45:83:5c:15:53:0d:44:a2:1f:
2e:bb:03:6e:dc:bc:7d:01:1c:ed:2a:cc:39:5c:92:2e:92:3c:
26:7b:ef:1c:fe:83:51:8d:41:4c:0b:d3:b3:f9:6d:b7:5b:a3:
34:2e:58:d9:94:ac:b5:72:25:00:cf:47:ec:61:23:f9:3b:9d:
b8:a0:74:b5:92:3b:e1:f1:74:44:3b:a8:b6:66:1e:e9:bd:8f:
f2:82:54:a0:48:74:d2:a1:8d:c4:38:2a:82:c7:6f:d9:9a:c6:
e3:7a:92:6e:24:1a:3a:0c:56:ce:8e:0b:9d:f3:45:20:57:ef:
22:4f:82:4b:1b:66:9f:27:96:5c:11:45:6f:94:13:5d:97:70:
a3:80:a3:b7:37:1d:22:56:a5:41:e5:d6:98:f3:b1:07:b9:92:
1b:84:7e:bc:a7:c2:36:69:62:ec:6a:90:50:c2:ac:03:3f:ce:
88:26:e1:e4:85:60:f9:52:70:f9:9a:f2:07:c4:db:97:de:cb:
4d:78:ca:95:ee:63:b9:e5:96:d8:c3:f1:bc:af:ac:30:7f:ea:
3e:f6:d5:b7:c7:25:2f:d5:61:d2:cc:4c:44:09:97:fd:ca:d5:
8f:78:96:e9:71:81:27:1c:19:d8:61:d7:54:46:9b:ab:fb:2a:
24:0f:5d:9c
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICV28wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTUw
MzU0MTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJBRENCQjBGMEFEQjFF
NTY4MDkzRDU3NTI0RjY4RjkzN0U0MEQyNjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKXNCRTLBHJ6gti+nOCaOBvQHHBIgbE9vexbEDRjMQAVIFzTKh
9f/pLvdaBb/jcgI7NlY0KoHVWBKEpfWT2V4klFpzLEE6a7Mr3SsJUfqieOGBJ1P8
y1Zx4JSvAVucoJ7S6iRihQSaOo3Rn5DzUEbdn7btSGkCN7Laij+drNSvU6F8ZzuF
aXkaUPU+hgOVH/DhLgHhgRO/eDSlQNiFFHObsmCEu2LqMt34WLuV3r1iA1UTg+Ls
eboe19zbLu/7JtZngzh53GQCh+6zy+GGEiyFQCktU0cczNMHtOmrjn7vhUW6tUq9
neRPs7U9YgofDoZC3d1pM4aoshJRL7PrLUW9AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUKty7DwrbHlaAk9V1JPaPk35A0mEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0t0eTdEd3JiSGxhQWs5
VjFKUGFQazM1QTBtRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAHC0HKTDOhPtSUWDXBVTDUSiHy67A27c
vH0BHO0qzDlcki6SPCZ77xz+g1GNQUwL07P5bbdbozQuWNmUrLVyJQDPR+xhI/k7
nbigdLWSO+HxdEQ7qLZmHum9j/KCVKBIdNKhjcQ4KoLHb9maxuN6km4kGjoMVs6O
C53zRSBX7yJPgksbZp8nllwRRW+UE12XcKOAo7c3HSJWpUHl1pjzsQe5khuEfryn
wjZpYuxqkFDCrAM/zogm4eSFYPlScPma8gfE25fey014ypXuY7nlltjD8byvrDB/
6j721bfHJS/VYdLMTEQJl/3K1Y94lulxgSccGdhh11RGm6v7KiQPXZw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:32 2024 by rpki-client on console-ams.rpki-client.org