Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/TzfUAvALcL8toFpomyeA1HYftEA.roa
File: TzfUAvALcL8toFpomyeA1HYftEA.roa (raw, json)
Hash identifier: /kZO3n93bw6F0B6X0WRpADjsXBMiqOvVufdiohJ8mnI=
Subject key identifier: 4F:37:D4:02:F0:0B:70:BF:2D:A0:5A:68:9B:27:80:D4:76:1F:B4:40
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4857
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/TzfUAvALcL8toFpomyeA1HYftEA.roa
Signing time: Thu 25 Apr 2024 00:53:17 +0000
ROA not before: Thu 25 Apr 2024 00:53:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18519 (0x4857)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 25 00:53:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4F37D402F00B70BF2DA05A689B2780D4761FB440
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ec:55:2b:c0:88:e0:23:c2:6a:39:92:6c:0b:
ab:9f:f3:b0:d1:f7:6e:d6:ca:62:76:94:de:68:7a:
ef:ce:15:2f:b0:ea:59:c5:bd:c8:96:3c:98:d1:55:
ce:c4:fe:c4:8a:60:30:6d:7f:e0:5b:19:40:3c:6b:
a1:52:85:8c:da:eb:4b:47:3b:f7:bb:76:c3:64:6c:
7b:3f:ad:01:99:cf:33:e1:88:73:65:3b:cb:71:2c:
c1:08:d2:6f:7b:6f:57:08:a3:f4:04:83:19:75:0e:
a5:8b:b3:17:1c:7f:90:8e:62:9a:15:1f:3d:0c:a4:
e7:bf:dd:d3:d2:05:a1:9e:49:e5:de:3b:dd:f7:69:
72:05:91:f4:aa:28:57:cd:56:0c:40:cf:d5:d0:a7:
0d:49:bf:e0:07:f3:6e:4b:3f:71:13:77:70:5a:3f:
e7:4d:87:20:5f:59:ea:3d:a6:6e:fd:7d:fe:7b:08:
5c:8b:3c:18:66:ab:9a:c0:18:fa:8c:6f:14:37:30:
ce:ae:88:30:aa:f8:48:fd:73:bd:cb:a0:e8:7f:ee:
0d:55:df:7d:01:cc:a1:02:03:58:0b:22:a7:82:6b:
17:d2:b2:78:f2:07:c3:4f:eb:7b:c3:62:51:00:b9:
a3:22:dc:b6:68:60:0f:6f:bc:74:a9:7a:15:58:85:
39:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:37:D4:02:F0:0B:70:BF:2D:A0:5A:68:9B:27:80:D4:76:1F:B4:40
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/TzfUAvALcL8toFpomyeA1HYftEA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
3a:f2:08:b4:25:75:63:4e:df:6e:da:78:2f:ed:28:0c:76:79:
f4:21:46:b8:a8:6c:ff:14:6b:26:c3:98:bb:01:70:5b:16:49:
27:cd:ce:8b:5b:57:5e:4e:7e:59:d7:0e:6a:6d:73:51:82:39:
0b:0d:db:bb:27:49:1d:57:17:a3:8d:d4:4d:f4:92:b8:ee:f5:
d8:4a:59:c4:10:f3:50:33:d9:f8:f4:63:96:56:b7:6b:c9:9e:
27:24:30:2d:ca:ad:ef:dd:bd:1c:f1:04:b7:83:16:92:90:7d:
6a:61:db:f7:b0:14:9e:26:72:68:9f:3b:f4:eb:9c:3e:f2:1b:
94:1a:19:a7:35:61:c6:9c:cc:0d:dc:b3:80:ff:47:79:0d:fc:
2e:ae:c0:a6:57:6a:87:d0:20:5f:89:f1:63:10:42:3b:84:91:
1b:45:71:0a:c9:c0:f4:fe:81:55:59:1e:fd:41:79:d1:0c:98:
9c:e7:32:fc:a6:29:34:48:17:fa:c3:d5:6b:d7:62:f8:1c:e8:
27:21:13:4d:06:4c:7e:2d:e8:b8:86:58:b4:ce:fa:f5:fd:e7:
3e:ab:36:34:4c:f1:a1:34:16:b5:27:cb:aa:be:ad:2c:9c:ce:
c4:fd:e0:02:12:28:e8:ef:27:6d:36:38:00:b7:f6:1b:3a:07:
22:06:2f:fc
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICSFcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjUw
MDUzMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRGMzdENDAyRjAwQjcw
QkYyREEwNUE2ODlCMjc4MEQ0NzYxRkI0NDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDU7FUrwIjgI8JqOZJsC6uf87DR927WymJ2lN5oeu/OFS+w6lnF
vciWPJjRVc7E/sSKYDBtf+BbGUA8a6FShYza60tHO/e7dsNkbHs/rQGZzzPhiHNl
O8txLMEI0m97b1cIo/QEgxl1DqWLsxccf5COYpoVHz0MpOe/3dPSBaGeSeXeO933
aXIFkfSqKFfNVgxAz9XQpw1Jv+AH825LP3ETd3BaP+dNhyBfWeo9pm79ff57CFyL
PBhmq5rAGPqMbxQ3MM6uiDCq+Ej9c73LoOh/7g1V330BzKECA1gLIqeCaxfSsnjy
B8NP63vDYlEAuaMi3LZoYA9vvHSpehVYhTk9AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUTzfUAvALcL8toFpomyeA1HYftEAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1R6ZlVBdkFMY0w4dG9G
cG9teWVBMUhZZnRFQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBADryCLQldWNO327aeC/tKAx2efQhRrio
bP8UaybDmLsBcFsWSSfNzotbV15OflnXDmptc1GCOQsN27snSR1XF6ON1E30krju
9dhKWcQQ81Az2fj0Y5ZWt2vJnickMC3Kre/dvRzxBLeDFpKQfWph2/ewFJ4mcmif
O/TrnD7yG5QaGac1YcaczA3cs4D/R3kN/C6uwKZXaofQIF+J8WMQQjuEkRtFcQrJ
wPT+gVVZHv1BedEMmJznMvymKTRIF/rD1WvXYvgc6CchE00GTH4t6LiGWLTO+vX9
5z6rNjRM8aE0FrUny6q+rSyczsT94AISKOjvJ202OAC39hs6ByIGL/w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:27 2024 by rpki-client on console-fra.rpki-client.org