Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/PziC18pm8XIK28ztB9EQS7Mcmig.roa
File: PziC18pm8XIK28ztB9EQS7Mcmig.roa (raw, json)
Hash identifier: 6PNE90is6NCHK5iqyHRlfCCA4PYRYo6+j3RyxabCmvM=
Subject key identifier: 3F:38:82:D7:CA:66:F1:72:0A:DB:CC:ED:07:D1:10:4B:B3:1C:9A:28
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 43D7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/PziC18pm8XIK28ztB9EQS7Mcmig.roa
Signing time: Fri 19 Apr 2024 00:53:01 +0000
ROA not before: Fri 19 Apr 2024 00:53:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17367 (0x43d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 19 00:53:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3F3882D7CA66F1720ADBCCED07D1104BB31C9A28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:79:1c:76:59:6b:86:2e:3c:04:0f:a4:41:22:
7a:ed:31:56:6c:e0:15:c2:24:73:90:64:39:83:5c:
89:a1:e6:60:39:a6:c5:82:c2:53:23:4a:79:94:dc:
60:01:77:da:61:39:42:90:25:ff:09:f2:40:fe:ff:
73:fc:9e:d2:5d:b7:11:52:ad:25:ef:cf:a6:c0:e1:
07:a6:96:08:f6:79:72:8f:83:57:f1:b4:18:f4:90:
83:9f:0d:ec:11:bc:b7:21:a9:b0:d6:8e:41:62:77:
e7:ef:6d:60:61:12:27:7b:7b:48:34:55:20:df:cf:
1f:2d:5f:0c:90:87:5c:cf:46:44:6c:82:38:f3:6b:
5c:27:b0:9f:db:db:3f:fa:db:9b:88:6d:c4:b6:8b:
d7:cb:97:26:35:34:15:d1:01:b0:76:1d:3f:87:72:
30:9c:d6:a3:5d:fa:fa:94:d0:48:e0:a1:df:6b:24:
76:d6:a4:2d:3d:fa:c5:9b:40:cc:42:17:ec:12:48:
7c:87:98:90:6f:d3:13:27:65:3f:31:03:78:e9:7b:
0b:34:86:38:dd:d8:b4:1e:8c:bf:ef:29:93:3d:ee:
a0:12:cb:6d:53:3d:59:90:59:ac:4c:5c:bd:88:f5:
e4:ad:e9:60:37:50:ec:11:b1:23:30:bb:3a:6b:44:
98:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:38:82:D7:CA:66:F1:72:0A:DB:CC:ED:07:D1:10:4B:B3:1C:9A:28
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/PziC18pm8XIK28ztB9EQS7Mcmig.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
4f:40:9e:00:d4:09:99:02:3b:64:85:42:8a:7f:ee:8f:f1:94:
04:59:ef:10:84:9b:b3:5e:3b:02:d1:d4:b0:c7:04:ec:52:84:
1f:f1:f6:9c:1a:2e:30:ce:55:72:fc:47:68:89:3e:a3:ad:f8:
30:51:a0:b7:7a:dd:f7:e8:e5:f5:7d:de:03:eb:3e:58:41:83:
b8:be:f2:91:25:36:13:74:7d:f0:80:22:84:f7:84:cc:ce:94:
c2:87:78:89:da:d3:96:0d:ea:c0:ec:76:c3:63:79:f1:20:f7:
80:32:72:65:b5:32:8c:15:08:ae:83:e4:f8:38:a3:f9:0a:c2:
f7:aa:b7:62:0f:b0:7d:9e:ea:c4:da:c8:39:10:ff:12:81:8a:
0d:0f:df:4a:33:63:c7:0c:a3:eb:7e:19:73:22:62:73:31:02:
2d:b4:96:9c:ea:dc:34:83:b3:4f:12:4d:2c:96:e3:ed:c5:86:
e7:fb:fb:bd:68:8c:f7:f4:44:41:f1:7d:0e:44:07:10:bf:c0:
43:29:1e:eb:27:91:2d:98:eb:5a:ee:80:71:23:fd:c2:de:d5:
5e:4c:9d:19:ed:57:d6:9e:f3:0d:ff:59:1a:02:76:15:f4:88:
be:ea:11:30:06:c3:76:b7:92:df:70:ea:03:d7:d9:6e:31:87:
59:6c:06:32
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQ9cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTkw
MDUzMDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNGMzg4MkQ3Q0E2NkYx
NzIwQURCQ0NFRDA3RDExMDRCQjMxQzlBMjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTeRx2WWuGLjwED6RBInrtMVZs4BXCJHOQZDmDXImh5mA5psWC
wlMjSnmU3GABd9phOUKQJf8J8kD+/3P8ntJdtxFSrSXvz6bA4Qemlgj2eXKPg1fx
tBj0kIOfDewRvLchqbDWjkFid+fvbWBhEid7e0g0VSDfzx8tXwyQh1zPRkRsgjjz
a1wnsJ/b2z/625uIbcS2i9fLlyY1NBXRAbB2HT+HcjCc1qNd+vqU0Ejgod9rJHbW
pC09+sWbQMxCF+wSSHyHmJBv0xMnZT8xA3jpews0hjjd2LQejL/vKZM97qASy21T
PVmQWaxMXL2I9eSt6WA3UOwRsSMwuzprRJjRAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUPziC18pm8XIK28ztB9EQS7McmigwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1B6aUMxOHBtOFhJSzI4
enRCOUVRUzdNY21pZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAE9AngDUCZkCO2SFQop/7o/xlARZ7xCE
m7NeOwLR1LDHBOxShB/x9pwaLjDOVXL8R2iJPqOt+DBRoLd63ffo5fV93gPrPlhB
g7i+8pElNhN0ffCAIoT3hMzOlMKHeIna05YN6sDsdsNjefEg94AycmW1MowVCK6D
5Pg4o/kKwveqt2IPsH2e6sTayDkQ/xKBig0P30ozY8cMo+t+GXMiYnMxAi20lpzq
3DSDs08STSyW4+3Fhuf7+71ojPf0REHxfQ5EBxC/wEMpHusnkS2Y61rugHEj/cLe
1V5MnRntV9ae8w3/WRoCdhX0iL7qETAGw3a3kt9w6gPX2W4xh1lsBjI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:39 2024 by rpki-client on console-ams.rpki-client.org