Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/QxhZnG4IbmWo3nZkRXIZzFTRSeY.roa
File: QxhZnG4IbmWo3nZkRXIZzFTRSeY.roa (raw, json)
Hash identifier: 4pUcCFPg6/2Q2OChGEWPLtIX6D5JfkoBmXmBh8/KpyQ=
Subject key identifier: 43:18:59:9C:6E:08:6E:65:A8:DE:76:64:45:72:19:CC:54:D1:49:E6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3A43
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QxhZnG4IbmWo3nZkRXIZzFTRSeY.roa
Signing time: Sat 06 Apr 2024 06:22:27 +0000
ROA not before: Sat 06 Apr 2024 06:22:27 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14915 (0x3a43)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 6 06:22:27 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4318599C6E086E65A8DE7664457219CC54D149E6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0a:48:28:3c:54:15:6a:99:9f:2c:d0:c6:7c:
99:11:07:38:f9:78:59:92:45:1e:9c:ac:83:fa:48:
d7:1f:33:ad:92:e5:66:bc:dd:fe:19:41:ef:8d:70:
da:4c:3e:c9:58:e2:59:15:01:e5:07:07:75:0b:2a:
95:e1:e2:42:68:41:eb:98:8a:4f:3d:e9:0f:71:f9:
1b:d6:6d:0e:cc:4e:e7:78:dc:73:a9:24:93:2c:ef:
0f:07:c7:da:8e:5e:ff:6b:bc:2c:0e:45:1c:99:1f:
1a:35:56:8b:78:bf:58:ed:2a:43:14:19:ce:69:9e:
4b:97:ad:60:3a:20:39:62:21:44:0a:07:b1:32:65:
a9:9b:24:52:2f:1e:75:68:fa:94:00:d1:bf:f9:b0:
29:fc:e4:cd:c8:11:e2:43:c2:fe:85:c2:ce:85:67:
00:ae:97:87:36:2d:88:45:75:00:ca:8f:d7:c5:64:
df:0d:32:48:6f:ba:0b:5a:82:6b:c6:93:07:9e:cb:
4c:e5:de:69:79:39:90:dc:de:de:8e:9c:d3:98:9a:
90:fb:99:61:23:05:ce:4b:0d:de:d9:0e:dd:dd:cf:
2a:9a:e3:11:f2:ce:1b:c1:ac:66:4b:ed:5e:aa:12:
79:23:89:1b:ce:cd:51:1d:f4:04:4d:df:9f:01:f8:
b4:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:18:59:9C:6E:08:6E:65:A8:DE:76:64:45:72:19:CC:54:D1:49:E6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/QxhZnG4IbmWo3nZkRXIZzFTRSeY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
78:98:15:29:ba:41:d6:6d:1e:05:af:fc:40:ae:eb:12:30:d4:
04:99:7d:ce:19:4a:bc:32:aa:5d:ef:52:cf:e1:69:db:3c:4f:
b6:4e:13:b4:92:aa:ca:a5:46:de:a4:63:fc:c6:22:a7:7b:1f:
a5:32:8f:eb:27:9a:3e:39:82:07:0b:a6:df:aa:39:ab:a1:af:
94:9f:d1:cf:0c:54:da:21:91:3f:b5:75:d6:df:dd:b3:60:a2:
f3:f5:9e:1e:e9:f6:da:45:ac:ff:bf:33:ec:8f:bd:6f:2d:97:
db:c3:61:c5:08:2d:ea:b7:a8:60:a3:d3:6c:44:15:b1:d8:07:
48:38:16:c2:54:9a:7a:e8:2f:2c:8e:40:89:de:40:c5:4d:f6:
06:87:06:59:89:53:b0:ca:72:83:c5:ef:b4:5c:aa:2d:4f:72:
4e:64:84:37:96:d6:83:07:37:41:28:d6:79:84:d3:14:89:d0:
eb:89:db:85:7a:6e:0d:07:c6:3e:f0:40:f6:80:b5:e5:53:c9:
5c:f4:33:ec:13:34:2b:0a:cc:88:6a:d6:af:0b:65:6b:d1:57:
20:98:7c:6c:11:f1:cf:35:10:3d:26:16:c8:a9:f8:0f:f9:1c:
5a:f2:64:bc:ab:eb:df:75:9a:2a:6d:95:8a:3d:4b:fb:94:70:
1a:d8:61:c2
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICOkMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDYw
NjIyMjdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQzMTg1OTlDNkUwODZF
NjVBOERFNzY2NDQ1NzIxOUNDNTREMTQ5RTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5CkgoPFQVapmfLNDGfJkRBzj5eFmSRR6crIP6SNcfM62S5Wa8
3f4ZQe+NcNpMPslY4lkVAeUHB3ULKpXh4kJoQeuYik896Q9x+RvWbQ7MTud43HOp
JJMs7w8Hx9qOXv9rvCwORRyZHxo1Vot4v1jtKkMUGc5pnkuXrWA6IDliIUQKB7Ey
ZambJFIvHnVo+pQA0b/5sCn85M3IEeJDwv6Fws6FZwCul4c2LYhFdQDKj9fFZN8N
MkhvugtagmvGkweey0zl3ml5OZDc3t6OnNOYmpD7mWEjBc5LDd7ZDt3dzyqa4xHy
zhvBrGZL7V6qEnkjiRvOzVEd9ARN358B+LQBAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUQxhZnG4IbmWo3nZkRXIZzFTRSeYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1F4aFpuRzRJYm1XbzNu
WmtSWElaekZUUlNlWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAHiYFSm6QdZtHgWv/ECu6xIw1ASZfc4Z
Srwyql3vUs/hads8T7ZOE7SSqsqlRt6kY/zGIqd7H6Uyj+snmj45ggcLpt+qOauh
r5Sf0c8MVNohkT+1ddbf3bNgovP1nh7p9tpFrP+/M+yPvW8tl9vDYcUILeq3qGCj
02xEFbHYB0g4FsJUmnroLyyOQIneQMVN9gaHBlmJU7DKcoPF77Rcqi1Pck5khDeW
1oMHN0Eo1nmE0xSJ0OuJ24V6bg0Hxj7wQPaAteVTyVz0M+wTNCsKzIhq1q8LZWvR
VyCYfGwR8c81ED0mFsip+A/5HFryZLyr6991miptlYo9S/uUcBrYYcI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:41 2024 by rpki-client on console-ams.rpki-client.org