Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Q9He3ACDHEqFX8clgSRQLxJau7Y.roa
File: Q9He3ACDHEqFX8clgSRQLxJau7Y.roa (raw, json)
Hash identifier: nCF4fSLvnX4jE4ziMp5SuIX4NDhYbjOl3JE6sWOlSwk=
Subject key identifier: 43:D1:DE:DC:00:83:1C:4A:85:5F:C7:25:81:24:50:2F:12:5A:BB:B6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 453F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Q9He3ACDHEqFX8clgSRQLxJau7Y.roa
Signing time: Sat 20 Apr 2024 21:53:12 +0000
ROA not before: Sat 20 Apr 2024 21:53:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17727 (0x453f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 21:53:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=43D1DEDC00831C4A855FC7258124502F125ABBB6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:78:7e:22:8e:a1:16:e3:07:41:0d:69:20:3c:
e1:b7:67:83:d6:ee:7d:b1:fd:48:4e:66:dc:1e:d4:
38:1b:1e:57:61:c5:c7:74:7b:a8:21:fe:a1:a7:38:
79:81:13:73:d3:3d:12:b7:2a:07:5b:67:b6:0f:5d:
d0:94:32:da:79:34:6e:08:3c:4a:da:81:b5:37:ae:
88:d8:a2:73:8a:60:8d:d1:95:27:51:06:c3:fb:ab:
a5:11:0d:94:53:b2:ee:b0:25:86:09:48:c3:63:15:
e4:d6:d8:41:37:c7:56:31:de:20:bd:59:e6:72:8e:
cd:46:17:9c:5e:49:3d:47:b1:bb:59:6a:2a:28:23:
cb:5c:9d:82:f5:13:1f:f5:e2:98:3e:b0:9b:91:9a:
f3:26:c1:29:31:a1:ec:94:41:b5:53:46:2a:24:87:
c6:c3:7d:f7:21:17:dc:64:67:8d:bd:a9:b9:5f:aa:
d6:7c:65:94:be:a5:d3:87:2c:55:aa:2a:13:96:40:
35:3e:70:c8:db:64:4b:e1:7a:b8:6a:86:28:e2:4e:
47:1c:30:f5:a6:f5:3f:97:fb:d7:ab:e2:ad:40:93:
65:7d:56:45:1d:f4:e9:f3:49:6a:81:e6:4d:34:8a:
8f:64:73:73:62:f7:09:99:0f:96:ab:e4:df:f4:2d:
f7:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:D1:DE:DC:00:83:1C:4A:85:5F:C7:25:81:24:50:2F:12:5A:BB:B6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Q9He3ACDHEqFX8clgSRQLxJau7Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
ad:c2:d4:cd:2e:d9:9c:bf:0c:0e:0d:bc:2c:cd:dc:b2:a8:7f:
c7:09:1d:92:b3:74:af:9d:41:a2:23:37:33:f2:ea:e1:9e:43:
9b:80:7e:55:65:1e:59:25:40:e6:a2:47:b8:e7:4d:d3:8e:c1:
7d:3b:62:19:79:74:5d:61:80:28:ac:b7:f6:33:38:c6:ad:79:
06:08:8d:10:b8:46:7d:dc:8f:1b:c3:72:19:b3:fa:35:72:91:
2b:60:6e:4d:f2:74:24:91:85:7f:03:22:2e:fa:0b:ec:ce:20:
8d:c8:18:8d:b8:ee:c6:8e:ae:39:4d:4c:16:23:9b:ef:d6:4e:
cd:23:c8:59:c3:89:d1:9c:cb:cb:40:92:65:86:e3:55:a3:f7:
89:63:18:e4:c9:4e:f0:bc:8f:d2:e4:d6:3b:35:b7:d4:c4:5a:
0d:7a:10:16:36:c7:a8:05:56:e6:7d:2e:71:da:8f:c8:d8:40:
f4:c1:ea:af:30:15:3a:75:1c:6b:b3:49:e5:76:65:1b:1a:ee:
d1:35:7d:4d:5b:15:d6:8b:2b:fe:24:e4:0f:56:96:cb:6b:d2:
49:97:63:15:16:0d:25:49:a9:64:46:ce:e1:33:4e:14:d8:75:
cc:35:ce:bd:f9:03:6d:ea:c5:3c:02:1f:bc:97:79:e7:31:46:
c7:1b:3c:4d
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICRT8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAy
MTUzMTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQzRDFERURDMDA4MzFD
NEE4NTVGQzcyNTgxMjQ1MDJGMTI1QUJCQjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDqeH4ijqEW4wdBDWkgPOG3Z4PW7n2x/UhOZtwe1DgbHldhxcd0
e6gh/qGnOHmBE3PTPRK3KgdbZ7YPXdCUMtp5NG4IPEragbU3rojYonOKYI3RlSdR
BsP7q6URDZRTsu6wJYYJSMNjFeTW2EE3x1Yx3iC9WeZyjs1GF5xeST1HsbtZaioo
I8tcnYL1Ex/14pg+sJuRmvMmwSkxoeyUQbVTRiokh8bDffchF9xkZ429qblfqtZ8
ZZS+pdOHLFWqKhOWQDU+cMjbZEvherhqhijiTkccMPWm9T+X+9er4q1Ak2V9VkUd
9OnzSWqB5k00io9kc3Ni9wmZD5ar5N/0Lfd9AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUQ9He3ACDHEqFX8clgSRQLxJau7YwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1E5SGUzQUNESEVxRlg4
Y2xnU1JRTHhKYXU3WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAK3C1M0u2Zy/DA4NvCzN3LKof8cJHZKz
dK+dQaIjNzPy6uGeQ5uAflVlHlklQOaiR7jnTdOOwX07Yhl5dF1hgCist/YzOMat
eQYIjRC4Rn3cjxvDchmz+jVykStgbk3ydCSRhX8DIi76C+zOII3IGI247saOrjlN
TBYjm+/WTs0jyFnDidGcy8tAkmWG41Wj94ljGOTJTvC8j9Lk1js1t9TEWg16EBY2
x6gFVuZ9LnHaj8jYQPTB6q8wFTp1HGuzSeV2ZRsa7tE1fU1bFdaLK/4k5A9Wlstr
0kmXYxUWDSVJqWRGzuEzThTYdcw1zr35A23qxTwCH7yXeecxRscbPE0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:24 2024 by rpki-client on console-fra.rpki-client.org