Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Mwtfrkr5PXHjMHDnXavNwsIhjoY.roa
File: Mwtfrkr5PXHjMHDnXavNwsIhjoY.roa (raw, json)
Hash identifier: UpwCRanpy8oI/01rWt4F2mUAxPl7uIjN8jGdzr8wEkI=
Subject key identifier: 33:0B:5F:AE:4A:F9:3D:71:E3:30:70:E7:5D:AB:CD:C2:C2:21:8E:86
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 422F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Mwtfrkr5PXHjMHDnXavNwsIhjoY.roa
Signing time: Tue 16 Apr 2024 19:53:04 +0000
ROA not before: Tue 16 Apr 2024 19:53:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16943 (0x422f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 16 19:53:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=330B5FAE4AF93D71E33070E75DABCDC2C2218E86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c8:f7:60:c9:7f:60:de:44:fe:51:46:0c:1b:
0b:9d:94:7b:ae:60:78:43:c3:cc:17:39:8c:55:b0:
33:31:44:ca:8f:27:15:67:cd:b0:60:5b:7a:6b:99:
b7:52:d5:73:ea:27:7c:f4:15:d6:a4:c1:65:6f:92:
a3:92:e7:2b:49:27:63:a3:0b:1d:cf:24:32:42:0d:
8d:5b:d9:b6:8d:c1:27:d4:49:8b:b5:2f:61:17:04:
b0:56:b7:9d:be:af:96:42:4e:6d:7a:6e:78:3f:6d:
ef:03:18:2e:21:56:16:c7:4b:ed:b0:3f:64:3c:ad:
c9:25:b1:a1:5e:91:cb:1b:58:f3:0b:cc:66:13:12:
b3:9e:15:52:46:69:22:c8:e0:80:a5:33:71:77:44:
89:ef:3c:44:e5:dd:0d:bb:cc:3b:ec:79:bf:92:a3:
bd:0b:36:5f:8c:59:97:4d:c8:eb:ba:05:d4:4d:7a:
e8:7c:4a:dc:9b:9e:56:aa:3d:59:da:c4:e5:3a:00:
ce:b7:cd:cb:e5:2d:1a:27:ca:f7:3a:c6:d4:63:88:
ae:8e:be:24:77:55:a2:46:8e:1b:8b:d1:eb:ec:51:
66:88:10:39:4d:3a:0a:96:87:d8:77:a3:44:42:38:
13:57:14:1d:02:c2:bd:41:a7:02:f6:c3:af:47:a2:
b0:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:0B:5F:AE:4A:F9:3D:71:E3:30:70:E7:5D:AB:CD:C2:C2:21:8E:86
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Mwtfrkr5PXHjMHDnXavNwsIhjoY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
85:6d:95:67:ee:f6:50:e0:89:a5:4b:25:00:4a:d7:e8:d9:35:
ff:1c:1e:28:b1:c7:cf:f4:b1:75:de:63:29:99:01:53:ce:5a:
a9:3a:49:35:96:f3:9d:55:56:6a:23:dd:eb:84:35:b3:6f:42:
5b:48:16:b1:2e:e8:55:0f:05:2e:67:6b:e5:ec:2c:4e:8f:20:
1b:44:9a:9c:43:4c:55:54:c6:cc:ca:ba:6a:d1:e5:87:cd:97:
84:62:ec:28:5f:81:f4:67:86:4c:1f:c3:08:6e:f7:5c:ad:ad:
f0:90:01:ba:34:bb:c3:48:ab:da:4d:bd:e3:7e:e5:2f:49:74:
bf:75:47:43:90:58:07:2a:e8:56:4a:b5:a0:67:66:2a:80:6b:
2b:5d:e8:b0:49:b5:b4:00:90:ae:49:a0:80:78:84:1e:db:4d:
73:02:be:d7:94:7b:42:c0:82:cb:5f:0d:8d:b3:8c:f8:f0:4e:
d7:f9:20:29:bc:73:73:05:b5:dd:ea:3b:eb:a5:dd:59:3a:de:
41:a0:9c:c3:da:46:74:3e:4c:31:00:9d:73:33:c1:b5:11:cf:
c7:fb:23:10:06:e5:e4:93:31:fd:4f:b4:36:9f:ec:bb:f2:38:
0a:2c:39:2a:c7:0b:1a:43:e5:7c:83:a9:08:af:f9:d6:53:80:
9a:cd:25:2e
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQi8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTYx
OTUzMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDMzMEI1RkFFNEFGOTNE
NzFFMzMwNzBFNzVEQUJDREMyQzIyMThFODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCyPdgyX9g3kT+UUYMGwudlHuuYHhDw8wXOYxVsDMxRMqPJxVn
zbBgW3prmbdS1XPqJ3z0FdakwWVvkqOS5ytJJ2OjCx3PJDJCDY1b2baNwSfUSYu1
L2EXBLBWt52+r5ZCTm16bng/be8DGC4hVhbHS+2wP2Q8rcklsaFekcsbWPMLzGYT
ErOeFVJGaSLI4IClM3F3RInvPETl3Q27zDvseb+So70LNl+MWZdNyOu6BdRNeuh8
StybnlaqPVnaxOU6AM63zcvlLRonyvc6xtRjiK6OviR3VaJGjhuL0evsUWaIEDlN
OgqWh9h3o0RCOBNXFB0Cwr1BpwL2w69HorA9AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUMwtfrkr5PXHjMHDnXavNwsIhjoYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L013dGZya3I1UFhIak1I
RG5YYXZOd3NJaGpvWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAIVtlWfu9lDgiaVLJQBK1+jZNf8cHiix
x8/0sXXeYymZAVPOWqk6STWW851VVmoj3euENbNvQltIFrEu6FUPBS5na+XsLE6P
IBtEmpxDTFVUxszKumrR5YfNl4Ri7ChfgfRnhkwfwwhu91ytrfCQAbo0u8NIq9pN
veN+5S9JdL91R0OQWAcq6FZKtaBnZiqAaytd6LBJtbQAkK5JoIB4hB7bTXMCvteU
e0LAgstfDY2zjPjwTtf5ICm8c3MFtd3qO+ul3Vk63kGgnMPaRnQ+TDEAnXMzwbUR
z8f7IxAG5eSTMf1PtDaf7LvyOAosOSrHCxpD5XyDqQiv+dZTgJrNJS4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:21 2024 by rpki-client on console-fra.rpki-client.org