Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/QvLfrYYB6JVtiv3SrmAWaWuQuwY.roa
File: QvLfrYYB6JVtiv3SrmAWaWuQuwY.roa (raw, json)
Hash identifier: sTqC3I9qHAn1yM1O5mZqgZk3qr5HnOhMXYHPBQBdqKk=
Subject key identifier: 42:F2:DF:AD:86:01:E8:95:6D:8A:FD:D2:AE:60:16:69:6B:90:BB:06
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 43BB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QvLfrYYB6JVtiv3SrmAWaWuQuwY.roa
Signing time: Thu 18 Apr 2024 21:23:09 +0000
ROA not before: Thu 18 Apr 2024 21:23:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17339 (0x43bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 18 21:23:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=42F2DFAD8601E8956D8AFDD2AE6016696B90BB06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:4a:33:a3:2c:b1:b5:6d:34:54:35:c6:9c:c3:
f1:a9:37:40:e3:18:13:e4:2c:4c:c1:c6:d1:2a:c1:
4e:77:e7:73:60:c7:6e:75:7c:eb:16:a5:e7:05:0c:
cc:db:92:fe:e5:97:73:be:b3:12:ca:de:c2:f0:62:
e8:da:32:4e:ff:22:9b:67:1b:9b:30:0e:0f:44:4c:
16:06:2b:16:26:d6:e8:24:2e:ea:51:21:b0:5a:80:
67:df:10:28:55:95:f0:2f:72:5a:95:de:f0:29:38:
48:00:ed:82:ee:d7:02:89:54:be:54:1b:ad:df:03:
3c:ea:fe:51:58:12:b7:17:20:bc:1a:df:cd:06:52:
1b:d4:cc:0f:b5:53:03:15:99:ae:28:f6:b9:d8:2e:
f1:bb:8f:16:e9:64:e1:ee:3c:2d:ee:e2:9b:e3:88:
89:ec:aa:2c:39:ac:78:d7:92:68:d4:a9:40:15:76:
f5:22:8f:73:a1:79:f6:e8:51:86:11:ad:8a:0c:92:
15:97:4a:36:49:f8:82:4b:0f:a4:8c:e4:dc:b7:0f:
6b:8c:b8:a7:c1:a6:3f:17:09:ef:ab:53:00:51:c7:
c2:39:d9:13:4b:07:d2:cd:fb:f2:c3:09:14:a5:16:
a4:6a:87:09:27:b3:6a:83:c9:99:b2:9f:55:9f:c9:
c3:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:F2:DF:AD:86:01:E8:95:6D:8A:FD:D2:AE:60:16:69:6B:90:BB:06
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QvLfrYYB6JVtiv3SrmAWaWuQuwY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
22:2e:e7:57:db:d1:6f:2b:d7:07:04:66:30:65:30:69:f2:8b:
c4:e6:6a:b1:b7:ae:c9:05:0d:2b:93:18:c3:4c:54:80:de:28:
10:db:1d:ac:d1:50:e2:8f:41:9e:dd:22:ea:ca:fe:95:59:57:
4d:4b:cb:01:2d:41:fb:19:e1:e0:29:3b:30:60:4a:af:13:71:
65:df:13:f0:43:53:0b:68:17:50:b4:4c:29:c6:5f:8a:2a:8f:
5c:91:09:8f:f1:84:6a:57:e7:15:dc:1f:44:a5:f4:3e:52:34:
d7:76:63:a1:f0:6f:43:49:ad:d6:70:e4:5d:33:f7:35:12:80:
de:1a:15:a8:ad:3c:f3:89:aa:a2:d7:50:0e:e1:a6:e8:18:1a:
76:02:d5:81:e3:28:b4:3c:d1:a6:a6:f6:fa:60:d4:d7:3e:c6:
b3:fc:c1:0d:eb:14:39:3c:5e:f7:0b:37:e0:5d:1b:f9:84:0c:
59:2a:a9:39:c0:37:59:36:d2:47:7e:72:11:04:67:78:4e:13:
0b:6c:21:2e:86:53:74:f7:d1:de:8d:be:36:63:ed:10:b4:57:
80:c7:ad:d3:e3:7b:f3:3a:4f:ec:ea:16:a8:31:ba:12:13:be:
ba:0d:69:3e:72:1c:48:d7:76:46:d8:9a:aa:0d:13:3a:5d:bf:
67:f9:f6:26
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQ7swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTgy
MTIzMDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQyRjJERkFEODYwMUU4
OTU2RDhBRkREMkFFNjAxNjY5NkI5MEJCMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRSjOjLLG1bTRUNcacw/GpN0DjGBPkLEzBxtEqwU5353Ngx251
fOsWpecFDMzbkv7ll3O+sxLK3sLwYujaMk7/IptnG5swDg9ETBYGKxYm1ugkLupR
IbBagGffEChVlfAvclqV3vApOEgA7YLu1wKJVL5UG63fAzzq/lFYErcXILwa380G
UhvUzA+1UwMVma4o9rnYLvG7jxbpZOHuPC3u4pvjiInsqiw5rHjXkmjUqUAVdvUi
j3OhefboUYYRrYoMkhWXSjZJ+IJLD6SM5Ny3D2uMuKfBpj8XCe+rUwBRx8I52RNL
B9LN+/LDCRSlFqRqhwkns2qDyZmyn1WfycNFAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUQvLfrYYB6JVtiv3SrmAWaWuQuwYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1F2TGZyWVlCNkpWdGl2
M1NybUFXYVd1UXV3WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBACIu51fb0W8r1wcEZjBlMGnyi8TmarG3
rskFDSuTGMNMVIDeKBDbHazRUOKPQZ7dIurK/pVZV01LywEtQfsZ4eApOzBgSq8T
cWXfE/BDUwtoF1C0TCnGX4oqj1yRCY/xhGpX5xXcH0Sl9D5SNNd2Y6Hwb0NJrdZw
5F0z9zUSgN4aFaitPPOJqqLXUA7hpugYGnYC1YHjKLQ80aam9vpg1Nc+xrP8wQ3r
FDk8XvcLN+BdG/mEDFkqqTnAN1k20kd+chEEZ3hOEwtsIS6GU3T30d6NvjZj7RC0
V4DHrdPje/M6T+zqFqgxuhITvroNaT5yHEjXdkbYmqoNEzpdv2f59iY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:25 2024 by rpki-client on console-fra.rpki-client.org