Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/MSMk6uvTmwDsWOUshtLuxMqaFSA.roa
File: MSMk6uvTmwDsWOUshtLuxMqaFSA.roa (raw, json)
Hash identifier: Y45u6GSzQhwfzpXdkhTbm7ZsFIuINlG6pYPnhfWUZIo=
Subject key identifier: 31:23:24:EA:EB:D3:9B:00:EC:58:E5:2C:86:D2:EE:C4:CA:9A:15:20
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 556B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/MSMk6uvTmwDsWOUshtLuxMqaFSA.roa
Signing time: Sun 12 May 2024 11:24:05 +0000
ROA not before: Sun 12 May 2024 11:24:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21867 (0x556b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 12 11:24:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=312324EAEBD39B00EC58E52C86D2EEC4CA9A1520
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:04:dd:68:55:e6:48:aa:de:21:1c:7f:5a:63:
b4:5f:56:12:51:eb:93:bf:f3:a9:64:5e:42:38:a6:
36:9b:ae:64:91:ee:19:11:1f:a1:68:22:9b:2e:c2:
26:18:bd:49:76:be:f2:94:fe:b6:7a:03:29:63:92:
a4:a6:57:9b:a3:9a:03:19:5a:f6:1d:a4:af:7f:bc:
1a:90:68:88:9b:99:5a:0e:d3:ff:7b:6f:12:cb:bd:
7f:e3:b5:9a:cd:88:e9:04:c5:2a:4d:76:ac:46:07:
5e:af:14:c3:61:fe:a4:e0:f9:12:c9:7b:87:cf:59:
4b:2e:96:f5:ca:b7:c9:d4:6a:82:1c:d0:2e:d4:f9:
c6:bd:ff:9b:97:24:e2:d7:89:db:ac:dc:f8:fe:a9:
7f:b7:9b:c4:46:89:c9:a3:60:ad:e9:a2:5b:44:ec:
1c:49:0f:32:13:a9:4e:92:30:68:89:bf:71:44:57:
11:a7:92:2b:de:5a:a4:09:80:ad:8b:04:38:31:a1:
47:ff:89:f3:2e:70:39:f3:fe:51:57:cf:c2:21:76:
6f:6e:f2:b1:98:5c:03:5f:7d:18:a2:6f:66:16:f5:
1b:5a:34:a7:b2:1b:33:10:cc:48:66:67:19:8a:1a:
c1:6f:73:e1:60:8d:32:b1:a8:35:a3:04:c9:b7:4f:
ad:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:23:24:EA:EB:D3:9B:00:EC:58:E5:2C:86:D2:EE:C4:CA:9A:15:20
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/MSMk6uvTmwDsWOUshtLuxMqaFSA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
7b:dc:a0:5d:45:09:b3:50:b2:9a:d8:dc:9f:d8:6a:bf:72:bd:
1c:5f:2d:f1:b4:d9:3a:78:4e:67:a4:69:42:fe:13:1b:23:87:
5b:e1:2c:cb:02:0b:e9:75:13:91:cc:57:f1:b1:f7:75:f4:d1:
96:8f:0f:64:e7:48:be:c7:1e:30:f4:59:f3:b9:b2:45:ab:b9:
dd:3f:35:d4:82:54:9c:21:31:2c:c2:e7:82:e7:0e:fa:26:60:
4c:83:7a:1b:d4:a0:ee:7d:ec:c1:94:a0:7b:ed:80:f2:30:3b:
2c:62:a3:a3:c2:b8:d2:d5:1d:98:17:70:f9:11:5a:85:93:b7:
3f:45:fb:c3:96:d6:49:74:d0:b9:63:5d:cf:83:48:e5:a9:57:
1d:de:3b:67:d3:2f:8f:cb:b4:b4:90:95:d7:4d:2c:f4:7a:29:
a8:17:38:ac:52:fa:61:7f:38:aa:35:e1:97:eb:eb:2f:a2:ef:
70:d9:d6:a1:c1:76:2f:1d:0b:13:d5:88:ed:43:29:69:c3:d0:
f9:a1:45:35:27:f3:07:d1:17:a8:56:5b:c2:82:d0:70:e5:70:
65:41:41:3f:f1:48:a8:ed:6f:cc:45:52:8d:80:ab:dd:4e:a4:
ab:69:be:43:7b:cd:bf:e7:52:44:47:23:47:12:09:ee:b3:7b:
6a:37:0d:0e
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICVWswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTIx
MTI0MDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDMxMjMyNEVBRUJEMzlC
MDBFQzU4RTUyQzg2RDJFRUM0Q0E5QTE1MjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDyBN1oVeZIqt4hHH9aY7RfVhJR65O/86lkXkI4pjabrmSR7hkR
H6FoIpsuwiYYvUl2vvKU/rZ6AyljkqSmV5ujmgMZWvYdpK9/vBqQaIibmVoO0/97
bxLLvX/jtZrNiOkExSpNdqxGB16vFMNh/qTg+RLJe4fPWUsulvXKt8nUaoIc0C7U
+ca9/5uXJOLXidus3Pj+qX+3m8RGicmjYK3poltE7BxJDzITqU6SMGiJv3FEVxGn
kiveWqQJgK2LBDgxoUf/ifMucDnz/lFXz8Ihdm9u8rGYXANffRiib2YW9RtaNKey
GzMQzEhmZxmKGsFvc+FgjTKxqDWjBMm3T63HAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUMSMk6uvTmwDsWOUshtLuxMqaFSAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L01TTWs2dXZUbXdEc1dP
VXNodEx1eE1xYUZTQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAHvcoF1FCbNQsprY3J/Yar9yvRxfLfG0
2Tp4TmekaUL+Exsjh1vhLMsCC+l1E5HMV/Gx93X00ZaPD2TnSL7HHjD0WfO5skWr
ud0/NdSCVJwhMSzC54LnDvomYEyDehvUoO597MGUoHvtgPIwOyxio6PCuNLVHZgX
cPkRWoWTtz9F+8OW1kl00LljXc+DSOWpVx3eO2fTL4/LtLSQlddNLPR6KagXOKxS
+mF/OKo14Zfr6y+i73DZ1qHBdi8dCxPViO1DKWnD0PmhRTUn8wfRF6hWW8KC0HDl
cGVBQT/xSKjtb8xFUo2Aq91OpKtpvkN7zb/nUkRHI0cSCe6ze2o3DQ4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:21 2024 by rpki-client on console-fra.rpki-client.org