Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/N4fV0Jti_BEfnMFCAl_dgvngPok.roa
File: N4fV0Jti_BEfnMFCAl_dgvngPok.roa (raw, json)
Hash identifier: 5smUZDpvrAxDjL/ZxB7t+wjB1x5i2afZB/RJ9dTQyoI=
Subject key identifier: 37:87:D5:D0:9B:62:FC:11:1F:9C:C1:42:02:5F:DD:82:F9:E0:3E:89
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3C83
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/N4fV0Jti_BEfnMFCAl_dgvngPok.roa
Signing time: Tue 09 Apr 2024 06:22:39 +0000
ROA not before: Tue 09 Apr 2024 06:22:39 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15491 (0x3c83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 9 06:22:39 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3787D5D09B62FC111F9CC142025FDD82F9E03E89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b0:8a:f4:53:ae:19:f8:e3:8d:bb:25:a5:1c:
fb:ca:66:d6:d5:19:a2:4e:8a:13:b2:22:fd:50:a9:
cf:ea:a3:16:38:a1:ab:d1:25:3e:c0:eb:43:f5:79:
8c:8e:94:c0:70:18:a1:18:e6:9e:5f:02:f7:38:4b:
18:cb:ae:8c:c8:f9:9b:a4:84:9d:35:6a:a0:9c:d9:
8c:af:40:d0:39:75:ac:60:37:91:b1:f2:38:19:4a:
13:ed:1f:38:d6:1f:07:77:e6:81:8c:a7:9b:ae:be:
d6:e1:95:9c:26:fc:dd:ed:64:4f:18:f8:c1:48:be:
62:eb:82:a4:26:16:44:21:6e:7a:b7:09:bb:14:eb:
37:2c:9e:a9:34:95:df:54:32:bd:b5:e8:a1:db:34:
cf:31:a4:8f:61:71:c1:70:8b:36:50:43:d4:c0:c3:
07:86:79:f8:3d:32:27:be:28:5a:27:f7:e1:af:41:
35:7c:61:03:1b:09:7a:d1:6a:9e:da:cb:72:88:62:
7c:3c:e1:69:0d:de:ff:4a:ef:4b:ab:7e:2d:3b:0f:
f7:20:2c:8f:3c:b8:6a:69:bc:8e:8a:5c:0a:8c:82:
d0:a9:b1:03:c6:6c:52:b4:0b:95:87:d9:a5:1a:dd:
49:21:51:19:97:c9:e9:cf:f3:7a:98:d1:98:9f:3d:
e9:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:87:D5:D0:9B:62:FC:11:1F:9C:C1:42:02:5F:DD:82:F9:E0:3E:89
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/N4fV0Jti_BEfnMFCAl_dgvngPok.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
16:cc:b5:58:2f:3f:38:2e:a2:37:b9:01:42:59:a2:d3:61:ee:
21:67:1c:52:aa:01:74:df:21:1a:a4:cd:73:40:d2:ad:ff:76:
79:24:9d:bc:f3:b8:64:f6:31:52:b2:92:01:38:81:c9:6e:6f:
b5:54:73:b2:81:51:bb:cb:b3:ba:8a:dc:6b:d8:6f:ca:a5:1e:
3d:e1:9c:0b:af:59:92:a2:0f:3d:42:d0:22:a4:dd:87:c5:f9:
e4:cf:44:39:28:80:a3:77:30:1c:16:f4:29:01:80:c6:a6:26:
d3:94:fb:26:d0:5a:ee:82:5a:17:b1:18:9b:86:60:7d:fb:68:
e1:d5:4b:fb:2a:27:3d:f5:07:aa:74:8b:8d:ca:01:12:9d:79:
37:ed:dc:29:98:b4:e9:41:03:0c:2e:47:11:37:af:1d:d0:3c:
94:e8:3d:37:9c:a9:59:dc:f3:3f:81:54:74:39:52:2c:e3:b7:
13:ce:0a:18:df:b6:02:80:80:c3:35:a5:1a:ea:ab:7c:d1:35:
b8:14:97:e5:94:59:65:04:e9:ac:4d:23:fd:60:5f:63:33:42:
e1:74:95:67:1b:8e:6b:2d:e2:8a:33:8a:96:6e:da:5e:c6:45:
01:fa:08:03:3d:5a:ec:3f:23:c7:81:7f:ba:ba:8c:67:35:92:
c4:06:07:6d
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPIMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDkw
NjIyMzlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM3ODdENUQwOUI2MkZD
MTExRjlDQzE0MjAyNUZERDgyRjlFMDNFODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzsIr0U64Z+OONuyWlHPvKZtbVGaJOihOyIv1Qqc/qoxY4oavR
JT7A60P1eYyOlMBwGKEY5p5fAvc4SxjLrozI+ZukhJ01aqCc2YyvQNA5daxgN5Gx
8jgZShPtHzjWHwd35oGMp5uuvtbhlZwm/N3tZE8Y+MFIvmLrgqQmFkQhbnq3CbsU
6zcsnqk0ld9UMr216KHbNM8xpI9hccFwizZQQ9TAwweGefg9Mie+KFon9+GvQTV8
YQMbCXrRap7ay3KIYnw84WkN3v9K70urfi07D/cgLI88uGppvI6KXAqMgtCpsQPG
bFK0C5WH2aUa3UkhURmXyenP83qY0ZifPenzAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUN4fV0Jti/BEfnMFCAl/dgvngPokwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L040ZlYwSnRpX0JFZm5N
RkNBbF9kZ3ZuZ1Bvay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBABbMtVgvPzguoje5AUJZotNh7iFnHFKq
AXTfIRqkzXNA0q3/dnkknbzzuGT2MVKykgE4gclub7VUc7KBUbvLs7qK3GvYb8ql
Hj3hnAuvWZKiDz1C0CKk3YfF+eTPRDkogKN3MBwW9CkBgMamJtOU+ybQWu6CWhex
GJuGYH37aOHVS/sqJz31B6p0i43KARKdeTft3CmYtOlBAwwuRxE3rx3QPJToPTec
qVnc8z+BVHQ5UizjtxPOChjftgKAgMM1pRrqq3zRNbgUl+WUWWUE6axNI/1gX2Mz
QuF0lWcbjmst4oozipZu2l7GRQH6CAM9Wuw/I8eBf7q6jGc1ksQGB20=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:21 2024 by rpki-client on console-fra.rpki-client.org