Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/T50FfTjGBZvE1BLwDZ8BKkjpp0M.roa
File: T50FfTjGBZvE1BLwDZ8BKkjpp0M.roa (raw, json)
Hash identifier: E6jHMFDN4i0sQRf9uUUUDYSQVrDzU9UrFfHOAOUNkOE=
Subject key identifier: 4F:9D:05:7D:38:C6:05:9B:C4:D4:12:F0:0D:9F:01:2A:48:E9:A7:43
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 436B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/T50FfTjGBZvE1BLwDZ8BKkjpp0M.roa
Signing time: Thu 18 Apr 2024 11:23:11 +0000
ROA not before: Thu 18 Apr 2024 11:23:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17259 (0x436b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 18 11:23:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4F9D057D38C6059BC4D412F00D9F012A48E9A743
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:41:46:de:8e:f3:53:46:81:30:36:35:74:77:
9d:34:23:8f:85:81:7f:29:1a:68:aa:1d:81:63:31:
29:05:80:e7:18:2e:92:ac:50:31:16:19:a3:26:d6:
85:33:e1:70:b1:69:9f:a3:09:e1:88:1a:df:14:b1:
b7:fc:39:3f:2a:da:5f:11:5e:6d:40:99:37:cc:bb:
64:b4:ad:78:a0:24:48:43:49:3d:54:79:99:ba:b4:
88:3f:dd:f4:25:23:b3:ba:a0:4e:16:06:9d:e2:66:
46:c4:0f:16:d8:7a:62:80:41:e8:0a:87:83:6f:86:
1f:3e:14:59:03:d5:e6:70:8b:ee:72:ab:6c:dc:61:
df:ae:38:63:d1:bf:99:d2:21:db:1c:86:3d:d1:5a:
44:53:e7:57:a6:9c:22:ba:15:28:77:b3:8f:77:50:
86:f6:cf:c1:11:0d:c4:90:9b:19:42:2f:ff:69:1a:
5a:6a:1f:42:26:d3:86:ed:a5:c4:e1:f0:09:c8:9d:
ba:11:d1:71:23:b2:92:6b:13:ae:85:94:e6:e9:29:
fc:57:62:3c:80:80:a5:74:2b:11:e8:e3:82:9a:64:
5d:c4:4f:66:d5:80:4b:c3:2a:fa:48:03:06:44:e0:
46:eb:35:58:3c:7e:5e:b8:f1:4b:71:7d:2f:77:de:
ae:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:9D:05:7D:38:C6:05:9B:C4:D4:12:F0:0D:9F:01:2A:48:E9:A7:43
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/T50FfTjGBZvE1BLwDZ8BKkjpp0M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
75:b0:9f:b6:d6:da:2f:68:ce:b3:99:3f:c2:1f:0a:8f:b6:42:
05:69:3c:ee:40:2d:cd:eb:bf:43:b8:ea:02:0c:17:00:bf:22:
a6:ec:8c:96:19:b4:f4:46:55:9e:49:09:c0:98:94:a5:99:38:
1a:78:9d:99:af:56:bc:e0:b7:4c:8e:b2:f2:ce:f8:0a:0a:21:
02:e6:d1:0c:7f:20:67:b6:fd:a6:3f:09:77:bd:b6:16:0b:a7:
dd:1c:8e:9b:2e:55:92:76:05:f3:11:c7:2d:bc:86:72:1a:71:
a7:38:b2:e3:4d:19:15:27:b4:41:78:35:c1:5e:9c:a6:16:0f:
52:f6:cc:f1:b0:f8:02:66:9c:89:d0:a6:f1:2b:b2:08:d7:e3:
39:4f:e9:41:1f:03:0f:b9:00:a4:14:10:58:7e:6a:0b:13:47:
e3:1e:4a:35:9e:d1:62:3e:4b:54:e1:7e:b6:5e:97:9d:8e:5e:
45:2e:93:13:43:df:9d:9f:21:30:7f:79:b6:35:ba:7d:82:7b:
53:c1:b3:89:97:af:55:8e:3f:15:44:e7:16:f8:b1:3d:d6:25:
52:a8:33:4c:32:38:65:eb:b6:07:05:d3:eb:93:9f:8b:fa:1f:
3f:2e:b3:0e:70:6d:e3:49:0a:2b:0a:de:60:c8:b0:d8:f7:40:
77:85:d0:d2
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQ2swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTgx
MTIzMTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRGOUQwNTdEMzhDNjA1
OUJDNEQ0MTJGMDBEOUYwMTJBNDhFOUE3NDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCdQUbejvNTRoEwNjV0d500I4+FgX8pGmiqHYFjMSkFgOcYLpKs
UDEWGaMm1oUz4XCxaZ+jCeGIGt8Usbf8OT8q2l8RXm1AmTfMu2S0rXigJEhDST1U
eZm6tIg/3fQlI7O6oE4WBp3iZkbEDxbYemKAQegKh4Nvhh8+FFkD1eZwi+5yq2zc
Yd+uOGPRv5nSIdschj3RWkRT51emnCK6FSh3s493UIb2z8ERDcSQmxlCL/9pGlpq
H0Im04btpcTh8AnInboR0XEjspJrE66FlObpKfxXYjyAgKV0KxHo44KaZF3ET2bV
gEvDKvpIAwZE4EbrNVg8fl648UtxfS933q4lAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUT50FfTjGBZvE1BLwDZ8BKkjpp0MwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1Q1MEZmVGpHQlp2RTFC
THdEWjhCS2tqcHAwTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAHWwn7bW2i9ozrOZP8IfCo+2QgVpPO5A
Lc3rv0O46gIMFwC/IqbsjJYZtPRGVZ5JCcCYlKWZOBp4nZmvVrzgt0yOsvLO+AoK
IQLm0Qx/IGe2/aY/CXe9thYLp90cjpsuVZJ2BfMRxy28hnIacac4suNNGRUntEF4
NcFenKYWD1L2zPGw+AJmnInQpvErsgjX4zlP6UEfAw+5AKQUEFh+agsTR+MeSjWe
0WI+S1ThfrZel52OXkUukxND352fITB/ebY1un2Ce1PBs4mXr1WOPxVE5xb4sT3W
JVKoM0wyOGXrtgcF0+uTn4v6Hz8usw5wbeNJCisK3mDIsNj3QHeF0NI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:26 2024 by rpki-client on console-fra.rpki-client.org