Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/NnhqdsIIsB8LM2ftzxEof0NCaOo.roa
File: NnhqdsIIsB8LM2ftzxEof0NCaOo.roa (raw, json)
Hash identifier: m166yN1MTWcQGwXQfwehD6+Jt12D5bZJWGRPVUaJlJ4=
Subject key identifier: 36:78:6A:76:C2:08:B0:1F:0B:33:67:ED:CF:11:28:7F:43:42:68:EA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3EDF
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/NnhqdsIIsB8LM2ftzxEof0NCaOo.roa
Signing time: Fri 12 Apr 2024 09:52:51 +0000
ROA not before: Fri 12 Apr 2024 09:52:51 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16095 (0x3edf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 12 09:52:51 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=36786A76C208B01F0B3367EDCF11287F434268EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:31:46:5c:a2:b4:74:36:e8:99:03:1d:b3:72:
38:7f:a9:1b:33:94:bb:5b:b7:fb:fc:47:0e:c1:ef:
5d:0a:a5:2c:4b:da:19:20:70:c0:ff:71:d7:b6:63:
d5:8a:ad:b0:cf:69:3e:a1:ad:2c:2f:df:32:fb:ba:
a3:d3:7d:cc:dc:3b:66:19:f5:b6:9f:c4:53:c5:5e:
16:25:02:96:dc:39:08:d4:b6:16:df:8a:80:51:26:
6e:07:7b:57:46:79:00:08:2f:96:81:94:2b:7e:a6:
76:c2:3b:82:15:04:7d:76:48:1b:33:ca:26:51:25:
9d:06:82:ce:3e:3a:96:e5:26:bb:9e:79:07:e6:84:
de:29:73:0c:cd:8a:82:74:ea:6d:4b:4a:dd:8c:e6:
77:49:06:ff:ca:e2:af:7c:40:ef:50:2a:28:a7:e2:
cc:a6:99:ff:32:9e:11:55:7c:e6:f4:e4:a9:2a:34:
4f:22:e9:35:f6:99:52:69:49:92:6d:41:64:8f:1e:
ea:ea:43:fc:ca:5c:91:52:e2:48:4d:a4:f9:d8:ba:
9c:b3:a1:e2:19:a4:be:f9:4a:75:e7:05:e5:0e:88:
14:4b:8f:8c:c9:6d:09:ab:71:9f:89:16:e4:2d:38:
ce:1f:58:76:f9:c9:48:bf:d5:32:78:24:f8:ff:b5:
b7:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:78:6A:76:C2:08:B0:1F:0B:33:67:ED:CF:11:28:7F:43:42:68:EA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/NnhqdsIIsB8LM2ftzxEof0NCaOo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
22:9f:d9:c1:74:bb:f1:60:9c:5d:63:4d:0f:08:34:d3:14:6c:
03:68:a7:38:8b:c8:71:e8:0c:5f:bc:c0:0d:da:0e:81:72:85:
90:5d:58:9d:36:4d:ab:29:ef:d7:f1:5a:8a:bf:21:18:17:9e:
be:53:c8:1c:a6:f5:b7:81:86:14:f4:2c:e1:c1:f7:a2:a9:c9:
c6:58:d4:87:1d:86:d0:bd:df:33:99:28:78:45:fb:64:60:bc:
6e:3e:8e:ad:08:d9:17:3b:0c:1b:d0:ca:3c:2b:01:7e:e2:66:
b4:f4:fb:d1:2b:7e:4b:01:87:d5:e4:9a:ae:dc:84:6d:43:52:
30:b1:ed:7e:2b:06:8a:45:85:91:c7:09:c6:f7:e2:8d:a7:17:
25:4b:ad:b8:45:3e:dc:d6:fe:77:d3:c4:7e:41:a3:d2:04:72:
53:c2:6c:63:c9:9d:33:9d:92:24:24:51:76:37:73:ac:23:7b:
9e:b6:2d:9d:c8:ba:35:d1:13:08:75:1d:e7:df:46:90:ef:6f:
73:0a:93:64:c0:5e:1a:63:53:d8:3c:1a:6a:01:1b:35:c0:53:
05:ba:6f:07:46:a8:df:67:48:8c:b7:29:d8:a8:2c:28:5f:13:
35:dd:5d:b4:26:e8:40:53:fe:3a:af:82:4c:2d:5e:9d:84:c7:
85:c0:f9:8b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPt8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTIw
OTUyNTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM2Nzg2QTc2QzIwOEIw
MUYwQjMzNjdFRENGMTEyODdGNDM0MjY4RUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5MUZcorR0NuiZAx2zcjh/qRszlLtbt/v8Rw7B710KpSxL2hkg
cMD/cde2Y9WKrbDPaT6hrSwv3zL7uqPTfczcO2YZ9bafxFPFXhYlApbcOQjUthbf
ioBRJm4He1dGeQAIL5aBlCt+pnbCO4IVBH12SBszyiZRJZ0Ggs4+OpblJrueeQfm
hN4pcwzNioJ06m1LSt2M5ndJBv/K4q98QO9QKiin4symmf8ynhFVfOb05KkqNE8i
6TX2mVJpSZJtQWSPHurqQ/zKXJFS4khNpPnYupyzoeIZpL75SnXnBeUOiBRLj4zJ
bQmrcZ+JFuQtOM4fWHb5yUi/1TJ4JPj/tbcpAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUNnhqdsIIsB8LM2ftzxEof0NCaOowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L05uaHFkc0lJc0I4TE0y
ZnR6eEVvZjBOQ2FPby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBACKf2cF0u/FgnF1jTQ8INNMUbANopziL
yHHoDF+8wA3aDoFyhZBdWJ02Tasp79fxWoq/IRgXnr5TyBym9beBhhT0LOHB96Kp
ycZY1IcdhtC93zOZKHhF+2RgvG4+jq0I2Rc7DBvQyjwrAX7iZrT0+9ErfksBh9Xk
mq7chG1DUjCx7X4rBopFhZHHCcb34o2nFyVLrbhFPtzW/nfTxH5Bo9IEclPCbGPJ
nTOdkiQkUXY3c6wje562LZ3IujXREwh1HeffRpDvb3MKk2TAXhpjU9g8GmoBGzXA
UwW6bwdGqN9nSIy3KdioLChfEzXdXbQm6EBT/jqvgkwtXp2Ex4XA+Ys=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:22 2024 by rpki-client on console-fra.rpki-client.org