Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/QhMFW6hq1CI8SMU0IOLm_6vRty0.roa
File: QhMFW6hq1CI8SMU0IOLm_6vRty0.roa (raw, json)
Hash identifier: benLx+yxiGYZ825whQjqZvx/rATfjxRB3pL8/e9VOnc=
Subject key identifier: 42:13:05:5B:A8:6A:D4:22:3C:48:C5:34:20:E2:E6:FF:AB:D1:B7:2D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 44BF
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QhMFW6hq1CI8SMU0IOLm_6vRty0.roa
Signing time: Sat 20 Apr 2024 05:53:05 +0000
ROA not before: Sat 20 Apr 2024 05:53:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17599 (0x44bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 05:53:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4213055BA86AD4223C48C53420E2E6FFABD1B72D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ec:2c:5f:db:91:dd:81:ab:23:c7:39:78:77:
f0:b1:12:d7:04:d9:7d:b1:7e:4e:95:40:69:3e:46:
0c:0b:5c:84:60:f4:f8:14:0d:84:4f:be:7a:b0:88:
10:a9:de:73:e1:93:db:62:7f:75:45:6d:32:13:55:
aa:b7:ac:41:ba:5d:23:1d:95:e1:07:f7:a8:cc:8c:
8c:6c:8a:3c:a7:fe:57:57:26:6b:3a:36:81:85:28:
d4:c8:b6:b1:11:df:17:ef:8a:94:75:a1:47:2a:bb:
fa:67:28:2b:3a:82:3b:e5:dc:1a:c2:d4:0b:c6:54:
20:4c:ce:08:3b:13:26:b8:3c:b8:6a:10:0e:f0:f4:
cc:9c:ce:6d:28:a7:59:af:19:5a:f8:d3:0e:4a:0b:
26:c8:73:47:2c:7c:a4:70:cf:27:d0:e3:f1:8a:6b:
5c:11:d8:3e:43:6d:12:f5:a0:73:ec:ed:bd:4b:54:
8c:86:7d:11:3f:c2:f4:8c:f7:7e:13:9b:3c:de:4d:
58:69:38:3e:a7:22:c6:35:ae:35:cc:ff:63:36:dd:
3b:bc:c7:28:a6:2b:0d:46:e8:b9:4e:06:09:cd:17:
c5:4b:36:94:e6:f0:42:bd:ea:37:51:7d:55:21:26:
d3:94:6e:0a:ac:1c:12:07:73:f6:8f:28:a2:90:a0:
a8:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:13:05:5B:A8:6A:D4:22:3C:48:C5:34:20:E2:E6:FF:AB:D1:B7:2D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QhMFW6hq1CI8SMU0IOLm_6vRty0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
15:a9:32:78:67:6e:af:1e:f4:f4:34:9f:6a:1a:dd:47:a0:03:
af:19:a6:a8:85:73:07:bc:de:18:99:7e:09:c4:47:80:93:93:
cf:c3:03:5b:ea:a7:97:b1:38:5f:f2:d1:22:1c:8b:86:45:0a:
ef:b6:88:68:66:85:de:e6:5f:35:77:53:a6:3f:09:b2:f7:4a:
8e:5c:17:fc:83:68:96:ad:1f:85:f0:df:20:0c:b3:ce:ac:df:
c7:d6:92:31:99:47:ab:bb:5a:5e:6e:98:c4:cb:9c:5e:e9:de:
d0:a9:f9:f4:64:aa:56:ed:ae:45:36:ee:27:45:65:bd:b0:db:
8c:b4:98:cd:65:ea:d7:77:64:0b:8b:fc:8b:b9:a8:bd:1f:db:
4d:87:38:5c:e3:6c:d5:6f:32:da:9c:03:53:f2:b9:7e:13:8b:
07:e1:3a:eb:ca:cc:e0:8c:e0:33:fd:9c:43:77:25:fb:1d:c1:
f8:8b:fe:ce:e2:34:cd:23:19:80:7c:cf:fb:21:04:30:b7:8c:
78:1a:20:da:a2:e9:6b:51:6e:81:d2:b6:88:d1:6c:c2:4f:ea:
4b:79:d6:d4:4b:96:80:6c:d0:3f:87:39:1d:25:ca:4f:ab:a4:
0d:b5:5a:36:a7:92:6f:33:71:d9:0a:ef:65:28:78:39:7d:b1:
4c:81:98:2f
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICRL8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAw
NTUzMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQyMTMwNTVCQTg2QUQ0
MjIzQzQ4QzUzNDIwRTJFNkZGQUJEMUI3MkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDA7Cxf25Hdgasjxzl4d/CxEtcE2X2xfk6VQGk+RgwLXIRg9PgU
DYRPvnqwiBCp3nPhk9tif3VFbTITVaq3rEG6XSMdleEH96jMjIxsijyn/ldXJms6
NoGFKNTItrER3xfvipR1oUcqu/pnKCs6gjvl3BrC1AvGVCBMzgg7Eya4PLhqEA7w
9Myczm0op1mvGVr40w5KCybIc0csfKRwzyfQ4/GKa1wR2D5DbRL1oHPs7b1LVIyG
fRE/wvSM934TmzzeTVhpOD6nIsY1rjXM/2M23Tu8xyimKw1G6LlOBgnNF8VLNpTm
8EK96jdRfVUhJtOUbgqsHBIHc/aPKKKQoKiVAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUQhMFW6hq1CI8SMU0IOLm/6vRty0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1FoTUZXNmhxMUNJOFNN
VTBJT0xtXzZ2UnR5MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBABWpMnhnbq8e9PQ0n2oa3UegA68ZpqiF
cwe83hiZfgnER4CTk8/DA1vqp5exOF/y0SIci4ZFCu+2iGhmhd7mXzV3U6Y/CbL3
So5cF/yDaJatH4Xw3yAMs86s38fWkjGZR6u7Wl5umMTLnF7p3tCp+fRkqlbtrkU2
7idFZb2w24y0mM1l6td3ZAuL/Iu5qL0f202HOFzjbNVvMtqcA1PyuX4TiwfhOuvK
zOCM4DP9nEN3JfsdwfiL/s7iNM0jGYB8z/shBDC3jHgaINqi6WtRboHStojRbMJP
6kt51tRLloBs0D+HOR0lyk+rpA21Wjankm8zcdkK72UoeDl9sUyBmC8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:24 2024 by rpki-client on console-fra.rpki-client.org