Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/UNrjAnY03OVg2zfIqLr6616xWW0.roa
File: UNrjAnY03OVg2zfIqLr6616xWW0.roa (raw, json)
Hash identifier: d3uxsu+gQ0XLDO/nBgw2d8uhqSIP5DIGkWBP4xyAmv8=
Subject key identifier: 50:DA:E3:02:76:34:DC:E5:60:DB:37:C8:A8:BA:FA:EB:5E:B1:59:6D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3DC7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/UNrjAnY03OVg2zfIqLr6616xWW0.roa
Signing time: Wed 10 Apr 2024 22:52:43 +0000
ROA not before: Wed 10 Apr 2024 22:52:43 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15815 (0x3dc7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 10 22:52:43 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=50DAE3027634DCE560DB37C8A8BAFAEB5EB1596D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:fa:fb:d4:9c:05:9c:16:2d:52:90:1f:17:24:
54:0c:37:bf:20:cc:15:51:bf:14:97:d0:13:fd:f7:
12:4e:86:f2:8a:46:01:1a:7f:25:3c:91:3c:87:29:
77:c9:04:0c:08:8e:4f:2f:65:2d:b9:f3:34:ad:37:
fd:22:af:ea:35:76:55:89:2f:c8:da:43:28:08:64:
c3:8a:be:f4:fc:b5:a8:69:46:4a:95:9e:db:b8:b2:
a6:73:80:ef:43:5d:1c:c6:cd:8c:4a:df:13:3e:53:
ce:5f:38:f5:4e:eb:fd:76:af:8f:0f:05:7d:3e:29:
9d:3e:58:89:64:ec:96:36:d0:dc:b7:ea:59:a1:0b:
af:10:6a:d7:09:b9:0d:18:97:c8:6f:a0:fb:3d:a4:
52:06:53:29:6c:f4:36:02:01:40:46:b5:6b:fd:84:
2f:7f:d5:fe:fe:26:b2:25:07:84:ca:71:84:2d:f7:
89:d6:67:35:77:67:2a:42:d2:60:d2:85:69:23:8b:
2e:0f:47:cf:b0:b1:58:61:c2:59:9b:c0:c8:78:f6:
c5:d8:33:b9:30:10:d7:9a:23:0f:a9:46:26:59:39:
04:8b:56:99:82:45:90:64:e3:7e:05:4f:c1:e6:a2:
98:50:cb:a1:dc:aa:88:be:38:7e:d0:6c:46:f4:2e:
26:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:DA:E3:02:76:34:DC:E5:60:DB:37:C8:A8:BA:FA:EB:5E:B1:59:6D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/UNrjAnY03OVg2zfIqLr6616xWW0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
a8:4f:a1:5f:3b:73:41:2b:15:7b:ec:a6:3c:d0:d5:ee:98:7b:
92:e7:ad:66:a0:f0:62:77:73:3d:f1:f8:dc:96:c7:5c:47:9d:
f5:af:40:78:b9:cc:9b:2d:69:35:27:7c:78:b2:87:ad:78:a0:
ca:79:dd:3d:13:a4:6e:ed:69:5a:21:4d:06:ca:05:fe:8e:6e:
6a:ec:8f:b5:39:66:12:5f:1d:6e:72:4b:ec:d4:b2:61:d6:1f:
c0:51:25:fe:68:1b:29:19:22:d1:6d:66:a9:d5:e6:2b:67:42:
8e:6e:e9:24:11:5b:b5:a1:09:52:c4:30:6a:25:f9:36:61:12:
ab:00:8e:90:37:b7:36:54:43:e9:d0:63:6e:80:50:d9:1e:e3:
ba:8b:11:78:98:b9:89:da:02:92:b9:43:c0:81:43:2e:f6:ab:
12:1f:1e:91:d2:2c:21:cf:b2:09:2d:a8:91:6b:ac:fa:e4:61:
b6:19:47:7c:76:a5:7f:c3:e2:8b:b5:80:c1:5b:06:5f:69:05:
02:d5:85:02:7c:e5:2a:9a:c9:89:11:f2:81:73:ef:35:c5:85:
73:3f:51:74:7c:4a:81:e4:91:c6:a4:6e:2b:d2:45:d0:1f:a5:
f0:9c:e4:5c:90:a0:48:82:c5:56:9d:60:fb:e9:51:d1:5d:d3:
d6:6f:e4:c5
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPccwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTAy
MjUyNDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUwREFFMzAyNzYzNERD
RTU2MERCMzdDOEE4QkFGQUVCNUVCMTU5NkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDA+vvUnAWcFi1SkB8XJFQMN78gzBVRvxSX0BP99xJOhvKKRgEa
fyU8kTyHKXfJBAwIjk8vZS258zStN/0ir+o1dlWJL8jaQygIZMOKvvT8tahpRkqV
ntu4sqZzgO9DXRzGzYxK3xM+U85fOPVO6/12r48PBX0+KZ0+WIlk7JY20Ny36lmh
C68QatcJuQ0Yl8hvoPs9pFIGUyls9DYCAUBGtWv9hC9/1f7+JrIlB4TKcYQt94nW
ZzV3ZypC0mDShWkjiy4PR8+wsVhhwlmbwMh49sXYM7kwENeaIw+pRiZZOQSLVpmC
RZBk434FT8HmophQy6Hcqoi+OH7QbEb0LiYHAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUUNrjAnY03OVg2zfIqLr6616xWW0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1VOcmpBblkwM09WZzJ6
ZklxTHI2NjE2eFdXMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAKhPoV87c0ErFXvspjzQ1e6Ye5LnrWag
8GJ3cz3x+NyWx1xHnfWvQHi5zJstaTUnfHiyh614oMp53T0TpG7taVohTQbKBf6O
bmrsj7U5ZhJfHW5yS+zUsmHWH8BRJf5oGykZItFtZqnV5itnQo5u6SQRW7WhCVLE
MGol+TZhEqsAjpA3tzZUQ+nQY26AUNke47qLEXiYuYnaApK5Q8CBQy72qxIfHpHS
LCHPsgktqJFrrPrkYbYZR3x2pX/D4ou1gMFbBl9pBQLVhQJ85SqayYkR8oFz7zXF
hXM/UXR8SoHkkcakbivSRdAfpfCc5FyQoEiCxVadYPvpUdFd09Zv5MU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:27 2024 by rpki-client on console-fra.rpki-client.org