Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Mac2rZ0lXHk7PONZo3j4u087AQs.roa
File: Mac2rZ0lXHk7PONZo3j4u087AQs.roa (raw, json)
Hash identifier: Lih6HICiaNv3eD7qDo9nzdMyLhMk05HHsInrQI57oMs=
Subject key identifier: 31:A7:36:AD:9D:25:5C:79:3B:3C:E3:59:A3:78:F8:BB:4F:3B:01:0B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 38C7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Mac2rZ0lXHk7PONZo3j4u087AQs.roa
Signing time: Thu 04 Apr 2024 06:52:21 +0000
ROA not before: Thu 04 Apr 2024 06:52:21 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14535 (0x38c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 4 06:52:21 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=31A736AD9D255C793B3CE359A378F8BB4F3B010B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:29:62:c1:df:14:b6:a4:0f:98:e3:c5:05:e2:
40:f8:a0:b9:4f:7c:2e:c2:f3:b7:ba:0d:6a:30:43:
84:7d:88:8a:96:69:9a:b5:53:a6:6f:d8:e1:36:5e:
b7:17:40:d1:fb:3f:70:a6:e8:ef:cf:5b:eb:bf:ee:
59:80:b7:8b:c9:57:db:2f:de:ac:58:3e:54:b9:c0:
fd:14:e8:01:4f:36:14:2e:30:11:8e:24:4b:14:0c:
8d:78:d3:cc:4d:18:62:c4:67:97:6d:15:04:93:87:
9e:f9:57:44:ec:e3:0f:a3:5c:18:92:90:23:a1:42:
8c:ef:00:5e:6d:0a:dd:f7:6f:c5:ab:92:41:ba:98:
53:2d:03:47:3c:a1:cf:40:ad:4c:6c:05:74:c3:bf:
74:7a:96:41:5e:2e:22:fc:36:19:34:89:18:6f:2c:
23:c8:84:63:e3:6e:59:20:60:19:fe:b7:ef:51:e0:
db:c5:c4:e7:d4:54:f0:bb:16:88:c9:b1:bd:11:c6:
02:02:73:19:25:29:a2:b7:1b:d0:02:f5:4c:a2:ed:
f8:ed:e7:ab:e1:3f:c4:62:a5:a6:0a:f1:89:29:a3:
37:cd:a5:58:4a:32:2f:3b:03:05:d7:78:f7:1c:26:
1b:8e:76:73:0c:46:35:e6:45:f2:f7:3a:b8:51:df:
9c:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:A7:36:AD:9D:25:5C:79:3B:3C:E3:59:A3:78:F8:BB:4F:3B:01:0B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Mac2rZ0lXHk7PONZo3j4u087AQs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
aa:14:c8:2b:4d:71:8a:67:1d:19:3f:37:9b:0c:1e:ef:db:28:
3f:3b:3d:82:9b:09:9b:42:a4:78:69:45:71:53:9b:e4:2d:38:
4e:cf:fc:00:a2:dd:e8:40:09:af:04:a5:22:dd:21:5c:9e:cb:
35:ad:36:8a:f4:de:bb:5d:c4:d7:60:72:60:8d:a4:59:21:8f:
25:f2:ee:63:c6:2a:e1:8f:6c:31:ba:63:fa:19:94:f5:15:09:
2e:95:47:ec:cc:7c:ed:43:93:19:4e:01:e8:9a:17:57:8e:9d:
dd:3c:0e:e0:31:68:b6:e3:8b:5b:ef:cc:0b:dd:f2:36:aa:10:
c6:23:a8:15:1a:d4:e1:1f:93:0a:59:43:d8:d6:5b:cb:2a:fa:
fe:69:d7:ca:11:8f:2c:98:f3:0b:5e:dc:53:dc:0b:76:cc:b7:
c6:40:71:8d:4c:4c:4c:5c:ce:77:b8:45:fd:ba:a4:91:27:40:
12:ef:99:fd:30:3d:05:60:e2:9a:01:72:a0:38:67:a1:70:d2:
71:84:2e:f0:50:d7:5d:32:7e:e3:50:c8:5e:5a:18:50:2d:e9:
d7:38:f9:60:d5:33:4c:76:01:17:05:2a:05:0a:46:d0:12:66:
27:7a:a1:c8:fe:93:7f:3a:73:54:2c:75:29:88:36:f1:52:27:
f3:5f:f8:28
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICOMcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDQw
NjUyMjFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDMxQTczNkFEOUQyNTVD
NzkzQjNDRTM1OUEzNzhGOEJCNEYzQjAxMEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9KWLB3xS2pA+Y48UF4kD4oLlPfC7C87e6DWowQ4R9iIqWaZq1
U6Zv2OE2XrcXQNH7P3Cm6O/PW+u/7lmAt4vJV9sv3qxYPlS5wP0U6AFPNhQuMBGO
JEsUDI1408xNGGLEZ5dtFQSTh575V0Ts4w+jXBiSkCOhQozvAF5tCt33b8WrkkG6
mFMtA0c8oc9ArUxsBXTDv3R6lkFeLiL8Nhk0iRhvLCPIhGPjblkgYBn+t+9R4NvF
xOfUVPC7FojJsb0RxgICcxklKaK3G9AC9Uyi7fjt56vhP8RipaYK8YkpozfNpVhK
Mi87AwXXePccJhuOdnMMRjXmRfL3OrhR35zXAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUMac2rZ0lXHk7PONZo3j4u087AQswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L01hYzJyWjBsWEhrN1BP
TlpvM2o0dTA4N0FRcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAKoUyCtNcYpnHRk/N5sMHu/bKD87PYKb
CZtCpHhpRXFTm+QtOE7P/ACi3ehACa8EpSLdIVyeyzWtNor03rtdxNdgcmCNpFkh
jyXy7mPGKuGPbDG6Y/oZlPUVCS6VR+zMfO1DkxlOAeiaF1eOnd08DuAxaLbji1vv
zAvd8jaqEMYjqBUa1OEfkwpZQ9jWW8sq+v5p18oRjyyY8wte3FPcC3bMt8ZAcY1M
TExczne4Rf26pJEnQBLvmf0wPQVg4poBcqA4Z6Fw0nGELvBQ110yfuNQyF5aGFAt
6dc4+WDVM0x2ARcFKgUKRtASZid6ocj+k386c1QsdSmINvFSJ/Nf+Cg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:21 2024 by rpki-client on console-fra.rpki-client.org