Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/QJpjHAqRd4GSLp-BWuR0NbU1S3s.roa
File: QJpjHAqRd4GSLp-BWuR0NbU1S3s.roa (raw, json)
Hash identifier: HDDp9CAQHn4R59P5o4H69Th063QiPmwNZUOR36hlu9M=
Subject key identifier: 40:9A:63:1C:0A:91:77:81:92:2E:9F:81:5A:E4:74:35:B5:35:4B:7B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4067
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QJpjHAqRd4GSLp-BWuR0NbU1S3s.roa
Signing time: Sun 14 Apr 2024 10:53:24 +0000
ROA not before: Sun 14 Apr 2024 10:53:24 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16487 (0x4067)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 10:53:24 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=409A631C0A917781922E9F815AE47435B5354B7B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:41:2f:e0:8e:04:19:05:91:03:b8:79:b1:1b:
06:0b:d6:4d:17:24:53:cf:2b:1d:d3:7e:4d:48:c9:
31:fe:8d:12:c1:8b:3c:2b:b8:25:f5:01:3b:75:06:
e7:4a:ae:ee:f5:e4:4f:4a:21:73:6c:d2:a1:b7:20:
f2:e9:8f:b9:74:0b:fb:2d:6e:bf:59:6b:87:37:03:
bb:6c:9a:9c:87:26:d3:35:1a:cc:0b:fd:61:b6:84:
39:b5:9f:1e:ea:72:0e:11:40:e4:64:d5:3e:c1:83:
12:d2:03:64:96:9e:9a:dd:94:32:34:bb:31:81:f2:
0c:e7:4d:8b:d2:fb:47:a4:a2:93:9f:62:7d:c6:e9:
e7:ee:81:38:04:97:83:57:dc:f5:75:83:ff:bd:08:
20:86:24:13:50:42:69:0d:6d:67:6c:6e:bf:e3:05:
40:18:a8:1a:df:90:28:08:bf:78:f5:cd:ec:40:07:
47:d4:63:ec:33:ea:e3:41:56:ed:1c:40:2c:1c:ed:
eb:65:00:d6:0b:17:24:ba:c9:d4:49:e2:91:3a:cc:
f4:d1:1d:04:f7:04:4a:14:4e:ba:54:e9:16:f1:da:
a4:fb:3f:0f:6d:6b:41:24:bb:a6:dd:c8:e6:74:1a:
1e:87:dc:35:9b:e8:34:0a:13:e5:57:df:0a:c1:ba:
db:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:9A:63:1C:0A:91:77:81:92:2E:9F:81:5A:E4:74:35:B5:35:4B:7B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QJpjHAqRd4GSLp-BWuR0NbU1S3s.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
34:12:e2:fc:10:06:fc:4f:61:8e:39:9c:64:cf:95:6e:58:04:
b1:4c:b5:80:d4:6a:2b:a2:1b:10:c7:75:3d:1e:57:15:32:28:
0f:f2:b7:af:3b:c6:b4:f9:f3:f4:2b:64:ec:eb:b9:c8:b8:ce:
aa:06:a6:6d:16:0d:19:31:a8:a6:d9:21:2d:95:57:86:a8:01:
48:74:96:f3:86:cb:94:fb:ac:24:f0:fb:45:08:5e:ab:a7:93:
1d:66:fd:51:3b:47:26:4a:2e:8c:ad:aa:34:6b:73:37:87:49:
15:f2:ce:95:75:d2:f9:93:bf:b0:7e:bc:88:c0:8e:9b:97:ea:
12:2c:5d:e6:6e:8b:0c:04:0e:00:7a:0a:b3:b6:b9:ef:55:86:
dd:73:c4:f9:a8:bb:e2:5a:9b:50:4b:74:c0:82:cf:23:83:eb:
6d:67:d1:34:d4:9b:43:a6:75:14:ef:7b:34:b2:cf:15:f1:fc:
c6:41:e4:eb:b8:42:8e:52:f1:75:7e:3b:79:8b:5b:48:b4:75:
9e:f7:5e:15:21:73:68:94:21:65:e1:fe:7e:71:9f:4a:09:ec:
b1:fa:78:03:11:2a:ca:eb:11:b5:fa:61:70:52:41:b7:ae:58:
a6:cd:2e:e3:fc:a0:2f:a2:84:20:56:4c:c5:66:f7:2b:18:51:
24:70:32:44
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQGcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQx
MDUzMjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQwOUE2MzFDMEE5MTc3
ODE5MjJFOUY4MTVBRTQ3NDM1QjUzNTRCN0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZQS/gjgQZBZEDuHmxGwYL1k0XJFPPKx3Tfk1IyTH+jRLBizwr
uCX1ATt1BudKru715E9KIXNs0qG3IPLpj7l0C/stbr9Za4c3A7tsmpyHJtM1GswL
/WG2hDm1nx7qcg4RQORk1T7BgxLSA2SWnprdlDI0uzGB8gznTYvS+0ekopOfYn3G
6efugTgEl4NX3PV1g/+9CCCGJBNQQmkNbWdsbr/jBUAYqBrfkCgIv3j1zexAB0fU
Y+wz6uNBVu0cQCwc7etlANYLFyS6ydRJ4pE6zPTRHQT3BEoUTrpU6Rbx2qT7Pw9t
a0Eku6bdyOZ0Gh6H3DWb6DQKE+VX3wrButspAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUQJpjHAqRd4GSLp+BWuR0NbU1S3swHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1FKcGpIQXFSZDRHU0xw
LUJXdVIwTmJVMVMzcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBADQS4vwQBvxPYY45nGTPlW5YBLFMtYDU
aiuiGxDHdT0eVxUyKA/yt687xrT58/QrZOzruci4zqoGpm0WDRkxqKbZIS2VV4ao
AUh0lvOGy5T7rCTw+0UIXqunkx1m/VE7RyZKLoytqjRrczeHSRXyzpV10vmTv7B+
vIjAjpuX6hIsXeZuiwwEDgB6CrO2ue9Vht1zxPmou+Jam1BLdMCCzyOD621n0TTU
m0OmdRTvezSyzxXx/MZB5Ou4Qo5S8XV+O3mLW0i0dZ73XhUhc2iUIWXh/n5xn0oJ
7LH6eAMRKsrrEbX6YXBSQbeuWKbNLuP8oC+ihCBWTMVm9ysYUSRwMkQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:24 2024 by rpki-client on console-fra.rpki-client.org