Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/QkWpIiTsBr65n6c4wIDTu51SWYs.roa
File: QkWpIiTsBr65n6c4wIDTu51SWYs.roa (raw, json)
Hash identifier: eH8iPJ+v7PZo2ePh4KyRUChlvVMGTQaFAaRe5roFOzI=
Subject key identifier: 42:45:A9:22:24:EC:06:BE:B9:9F:A7:38:C0:80:D3:BB:9D:52:59:8B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4F3F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QkWpIiTsBr65n6c4wIDTu51SWYs.roa
Signing time: Sat 04 May 2024 05:53:57 +0000
ROA not before: Sat 04 May 2024 05:53:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20287 (0x4f3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 4 05:53:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4245A92224EC06BEB99FA738C080D3BB9D52598B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:25:59:db:71:3b:9b:c1:45:c7:f0:1f:2a:56:
08:3b:aa:5a:e2:b4:6d:20:c7:e4:56:83:e0:67:f1:
37:11:55:31:8d:e9:9c:ab:5b:3b:6e:17:17:ad:72:
c2:c1:94:c0:5f:28:bd:df:fa:ef:0d:82:2d:57:37:
2e:ef:70:e2:a1:e7:27:95:b3:d4:e8:c2:82:63:16:
c2:e3:d2:ac:77:33:ff:fa:99:03:0a:ad:87:2b:c3:
ba:b3:2e:87:3f:6a:28:d8:9f:32:02:9b:b7:e7:26:
53:83:fd:5f:f2:af:c0:5c:4e:4e:3a:18:e1:61:f5:
6c:8b:3f:ca:83:64:f7:64:43:14:b4:5c:9f:d8:e5:
b7:17:b5:c3:44:53:68:d3:92:5b:ee:6a:83:bc:03:
13:62:30:da:65:4c:68:6f:78:b0:66:ce:63:c7:20:
2c:0d:34:2a:b2:a4:9b:8d:1c:dd:8e:68:31:47:9a:
69:40:24:79:fd:55:28:0e:8c:4a:86:41:e4:59:91:
bb:e8:6b:97:00:96:0b:11:00:0e:5c:6c:7c:74:96:
64:90:ea:18:3d:22:26:9e:c5:90:56:f9:a8:c5:20:
6d:d6:37:98:c7:97:22:ab:b6:72:cc:c0:20:ab:9b:
62:45:95:14:c5:6a:c4:24:24:94:ee:bf:48:44:6e:
0f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:45:A9:22:24:EC:06:BE:B9:9F:A7:38:C0:80:D3:BB:9D:52:59:8B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QkWpIiTsBr65n6c4wIDTu51SWYs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
58:e0:93:95:b6:45:94:ec:97:4e:fd:68:0c:cc:bc:0c:3c:bd:
c7:96:11:8b:cc:08:39:e9:7f:f6:56:ae:dd:2c:4c:15:0c:64:
f9:48:07:81:4a:e8:a4:a6:56:4b:60:06:e8:f1:96:a3:be:62:
2e:3d:62:af:d3:0f:ad:16:89:9d:5b:35:4b:af:97:9b:49:87:
8e:e2:b0:d2:f1:0f:8f:d1:59:85:a8:36:7d:fa:9b:b0:54:05:
53:89:41:01:74:c2:82:c3:79:3e:01:84:0c:f5:c3:f4:8d:2d:
83:8c:38:62:b0:1c:e6:e0:f7:1c:aa:8a:49:d3:f2:fd:03:83:
f5:d7:d3:2a:7b:a2:6d:3b:30:1a:13:ff:71:d7:2b:09:4e:bb:
36:95:0f:4d:69:31:1f:3b:0e:56:41:f8:cd:b9:b8:e0:61:74:
46:36:e2:bf:cf:34:a4:c1:63:8b:d5:c2:1b:d0:a5:8c:94:a6:
86:1b:9a:58:9d:dd:df:b5:50:e0:d2:81:ae:fe:c3:56:e0:c6:
e3:68:df:e3:61:6c:05:64:6e:0e:55:bb:72:17:e0:66:e7:ab:
83:e8:0f:a0:c0:79:ad:9b:fd:7f:d2:18:32:06:4d:a0:56:0e:
d9:fe:d7:0d:65:cf:f3:94:b4:ae:fc:c6:b5:d6:4d:7a:be:e0:
77:59:77:6c
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTz8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDQw
NTUzNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQyNDVBOTIyMjRFQzA2
QkVCOTlGQTczOEMwODBEM0JCOUQ1MjU5OEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDoJVnbcTubwUXH8B8qVgg7qlritG0gx+RWg+Bn8TcRVTGN6Zyr
WztuFxetcsLBlMBfKL3f+u8Ngi1XNy7vcOKh5yeVs9TowoJjFsLj0qx3M//6mQMK
rYcrw7qzLoc/aijYnzICm7fnJlOD/V/yr8BcTk46GOFh9WyLP8qDZPdkQxS0XJ/Y
5bcXtcNEU2jTklvuaoO8AxNiMNplTGhveLBmzmPHICwNNCqypJuNHN2OaDFHmmlA
JHn9VSgOjEqGQeRZkbvoa5cAlgsRAA5cbHx0lmSQ6hg9IiaexZBW+ajFIG3WN5jH
lyKrtnLMwCCrm2JFlRTFasQkJJTuv0hEbg8tAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUQkWpIiTsBr65n6c4wIDTu51SWYswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1FrV3BJaVRzQnI2NW42
YzR3SURUdTUxU1dZcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFjgk5W2RZTsl079aAzMvAw8vceWEYvM
CDnpf/ZWrt0sTBUMZPlIB4FK6KSmVktgBujxlqO+Yi49Yq/TD60WiZ1bNUuvl5tJ
h47isNLxD4/RWYWoNn36m7BUBVOJQQF0woLDeT4BhAz1w/SNLYOMOGKwHObg9xyq
iknT8v0Dg/XX0yp7om07MBoT/3HXKwlOuzaVD01pMR87DlZB+M25uOBhdEY24r/P
NKTBY4vVwhvQpYyUpoYbmlid3d+1UODSga7+w1bgxuNo3+NhbAVkbg5Vu3IX4Gbn
q4PoD6DAea2b/X/SGDIGTaBWDtn+1w1lz/OUtK78xrXWTXq+4HdZd2w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:25 2024 by rpki-client on console-fra.rpki-client.org