Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/SH-8cW64lDmVcUw1ybzNTrV3oEI.roa
File: SH-8cW64lDmVcUw1ybzNTrV3oEI.roa (raw, json)
Hash identifier: yYd7TIFJR1GNRFaBuYeBTc7Ui1YWU2Hoi4cTvMenQcw=
Subject key identifier: 48:7F:BC:71:6E:B8:94:39:95:71:4C:35:C9:BC:CD:4E:B5:77:A0:42
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3D43
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/SH-8cW64lDmVcUw1ybzNTrV3oEI.roa
Signing time: Wed 10 Apr 2024 06:22:38 +0000
ROA not before: Wed 10 Apr 2024 06:22:38 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15683 (0x3d43)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 10 06:22:38 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=487FBC716EB8943995714C35C9BCCD4EB577A042
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:78:f8:34:16:f8:f3:6d:ec:90:e2:5e:99:45:
d2:bb:51:61:5f:af:52:18:12:28:9c:1b:5b:d3:3e:
61:77:44:5f:82:0f:be:3e:81:45:59:cd:92:95:4f:
f1:13:fb:51:d3:1f:c2:8e:33:c9:ad:2f:89:ca:01:
5a:cf:5b:6b:7c:26:9e:75:b3:b4:38:6e:a7:8a:a0:
d1:58:3a:e8:2c:34:58:c6:23:15:4f:ed:25:17:b3:
95:ec:51:3e:c6:7d:70:43:17:fd:05:79:73:aa:14:
73:82:bd:b4:0b:43:c6:91:b9:3f:59:2e:de:9b:e6:
31:95:58:6b:c0:ff:0d:a7:eb:36:de:1f:24:7f:aa:
e9:1a:ef:df:3a:78:47:8f:11:c1:8b:34:f5:02:9d:
1c:a4:18:98:3e:a3:d2:91:b7:0c:de:5b:17:3c:4b:
43:0b:3a:3d:9c:91:e5:5c:39:cd:04:9e:19:43:74:
79:e4:02:30:cf:5c:30:8e:6a:ce:11:b1:2d:01:8a:
f4:4e:07:88:d0:86:54:43:bf:9e:bd:ad:44:0d:cb:
f4:51:37:a5:af:71:8d:27:d6:d6:e9:a4:ff:11:94:
a0:48:1e:85:c9:cd:40:a5:c0:30:a7:42:3a:7f:52:
0e:df:c8:71:3a:f9:7e:51:bb:99:65:fb:ab:d9:12:
33:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:7F:BC:71:6E:B8:94:39:95:71:4C:35:C9:BC:CD:4E:B5:77:A0:42
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/SH-8cW64lDmVcUw1ybzNTrV3oEI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
56:a3:52:f8:eb:d8:11:cb:51:ea:d9:d9:4d:21:cc:a2:61:6f:
0e:33:2c:05:f7:ef:a7:ab:5f:a3:8f:14:e1:da:9b:5b:9f:b3:
f9:24:e4:3f:3a:63:e0:fe:5d:d8:cb:60:b7:42:17:c8:f1:aa:
f8:38:5b:14:ff:d0:ac:39:87:ba:69:bd:57:04:5e:90:32:3b:
1f:89:03:4f:38:8e:a5:96:03:f0:c6:e0:f8:88:04:dd:48:7c:
6e:29:12:a9:9c:d4:db:7b:a3:75:72:8e:b5:cb:64:56:83:37:
d4:f2:8a:29:5a:32:7a:36:3b:b3:a6:6d:77:db:e3:98:b7:06:
25:62:31:de:66:80:f9:5b:57:ec:fb:46:38:e8:aa:2c:53:60:
a4:2a:f9:51:0e:53:e5:ef:df:41:a1:78:37:4a:b5:ae:9e:40:
ea:cd:15:cc:e5:74:65:9a:05:68:df:07:d6:2a:31:d9:95:e5:
54:b9:71:b5:fb:c7:53:c3:3d:0a:22:ae:8b:bf:38:cf:96:8d:
1e:28:33:d7:48:d3:78:7e:ac:8e:8b:74:b8:e7:1e:e0:51:44:
50:44:db:9c:7b:fb:5a:c0:e3:bf:91:45:55:11:a5:2b:e1:16:
33:ff:34:1b:d6:5f:34:80:88:21:8f:16:90:e1:05:18:c1:79:
a8:32:53:93
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPUMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTAw
NjIyMzhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ4N0ZCQzcxNkVCODk0
Mzk5NTcxNEMzNUM5QkNDRDRFQjU3N0EwNDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkePg0FvjzbeyQ4l6ZRdK7UWFfr1IYEiicG1vTPmF3RF+CD74+
gUVZzZKVT/ET+1HTH8KOM8mtL4nKAVrPW2t8Jp51s7Q4bqeKoNFYOugsNFjGIxVP
7SUXs5XsUT7GfXBDF/0FeXOqFHOCvbQLQ8aRuT9ZLt6b5jGVWGvA/w2n6zbeHyR/
quka7986eEePEcGLNPUCnRykGJg+o9KRtwzeWxc8S0MLOj2ckeVcOc0EnhlDdHnk
AjDPXDCOas4RsS0BivROB4jQhlRDv569rUQNy/RRN6WvcY0n1tbppP8RlKBIHoXJ
zUClwDCnQjp/Ug7fyHE6+X5Ru5ll+6vZEjOrAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUSH+8cW64lDmVcUw1ybzNTrV3oEIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1NILThjVzY0bERtVmNV
dzF5YnpOVHJWM29FSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFajUvjr2BHLUerZ2U0hzKJhbw4zLAX3
76erX6OPFOHam1ufs/kk5D86Y+D+XdjLYLdCF8jxqvg4WxT/0Kw5h7ppvVcEXpAy
Ox+JA084jqWWA/DG4PiIBN1IfG4pEqmc1Nt7o3VyjrXLZFaDN9TyiilaMno2O7Om
bXfb45i3BiViMd5mgPlbV+z7RjjoqixTYKQq+VEOU+Xv30GheDdKta6eQOrNFczl
dGWaBWjfB9YqMdmV5VS5cbX7x1PDPQoirou/OM+WjR4oM9dI03h+rI6LdLjnHuBR
RFBE25x7+1rA47+RRVURpSvhFjP/NBvWXzSAiCGPFpDhBRjBeagyU5M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:42 2024 by rpki-client on console-ams.rpki-client.org