Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/UxoElSRQFJG2xP8exItn03PUpmY.roa
File: UxoElSRQFJG2xP8exItn03PUpmY.roa (raw, json)
Hash identifier: qg696DA2ohhue0aq4RwadAGAmdGkMyPVKj0TZQ6MLTE=
Subject key identifier: 53:1A:04:95:24:50:14:91:B6:C4:FF:1E:C4:8B:67:D3:73:D4:A6:66
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 32CB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/UxoElSRQFJG2xP8exItn03PUpmY.roa
Signing time: Wed 27 Mar 2024 07:28:09 +0000
ROA not before: Wed 27 Mar 2024 07:28:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13003 (0x32cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 27 07:28:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=531A049524501491B6C4FF1EC48B67D373D4A666
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:99:3a:c8:a1:ee:4f:00:13:6c:d0:87:ce:b6:
ea:87:b1:57:51:a4:f1:fb:eb:cc:37:fd:b4:70:0f:
3b:2a:7e:d4:43:f3:39:1b:31:ba:e7:bc:70:c6:16:
0f:33:f5:55:1d:38:a3:28:0d:f6:66:c0:be:82:0a:
0a:b8:75:22:27:84:53:07:3e:97:18:53:b1:9d:18:
c9:82:6f:40:f3:2a:de:e6:f7:b9:57:cb:cf:6c:a2:
91:6f:33:95:f2:92:08:fd:43:c4:aa:0e:8f:64:2a:
f2:fe:1d:8f:c1:3e:81:b4:f2:96:b6:c8:18:dd:a2:
c2:6a:6e:35:f1:e7:ae:95:74:bd:02:a4:ca:b8:17:
31:42:d2:b8:25:49:2b:90:30:73:2e:0e:6e:5c:bd:
e8:20:0a:bd:07:00:f2:88:2b:43:b5:ab:f2:c0:b9:
10:d9:9c:70:1c:80:6b:36:ae:84:ad:49:9d:b8:2d:
bf:db:b3:19:8b:44:9f:f9:37:fd:86:16:89:35:31:
a8:4d:38:49:be:35:b5:f1:98:ef:3a:4a:8f:86:76:
00:35:84:f3:5f:f0:fe:90:26:89:05:fb:8d:b8:ea:
35:7f:9a:6a:c1:0e:b3:a7:3a:0a:47:9c:91:c4:72:
26:98:79:42:45:5b:4a:b4:9a:9d:12:e8:6b:63:f4:
63:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:1A:04:95:24:50:14:91:B6:C4:FF:1E:C4:8B:67:D3:73:D4:A6:66
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/UxoElSRQFJG2xP8exItn03PUpmY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
31:24:aa:60:57:3d:fb:cd:09:dd:c3:f4:cd:d0:af:1d:65:ec:
c3:29:df:ae:98:af:1f:5d:96:de:ec:b9:b5:55:24:66:31:51:
81:c6:37:f5:4e:2f:45:8f:cd:28:36:f2:33:20:30:2c:81:65:
e3:1f:9f:de:dc:e8:dc:29:a3:ce:c5:c9:6b:93:74:8d:14:a6:
18:d7:42:5c:0b:e0:de:f1:5a:fa:00:2a:66:ab:13:ec:76:fc:
97:74:0f:20:f2:a6:81:00:be:78:2a:da:23:7c:ae:c1:7e:c4:
a5:fa:0f:b9:0f:24:0e:a8:99:88:b0:40:95:4a:8d:86:97:0e:
35:e9:b9:3e:d6:24:99:1f:50:a0:72:5c:9b:1b:7a:cd:d4:d9:
d3:52:05:ee:d9:0e:a3:a6:70:48:8c:45:fd:69:05:5d:a4:f7:
7b:a8:02:ee:e9:87:a0:3b:32:25:8c:fd:06:57:d5:98:39:a3:
b4:fe:c8:3a:73:2e:b4:90:c2:fc:16:50:81:d2:41:1f:72:46:
f2:25:7f:18:fe:f7:31:e0:3c:2a:49:73:d3:a0:24:d7:a8:44:
3b:17:3f:d7:39:b8:86:60:fa:54:57:56:ae:d5:f3:80:1f:77:
b1:3f:40:bd:b3:bf:88:b5:dc:c9:eb:8a:d9:75:92:3b:63:2c:
aa:41:34:a6
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICMsswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjcw
NzI4MDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUzMUEwNDk1MjQ1MDE0
OTFCNkM0RkYxRUM0OEI2N0QzNzNENEE2NjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwmTrIoe5PABNs0IfOtuqHsVdRpPH768w3/bRwDzsqftRD8zkb
MbrnvHDGFg8z9VUdOKMoDfZmwL6CCgq4dSInhFMHPpcYU7GdGMmCb0DzKt7m97lX
y89sopFvM5Xykgj9Q8SqDo9kKvL+HY/BPoG08pa2yBjdosJqbjXx566VdL0CpMq4
FzFC0rglSSuQMHMuDm5cveggCr0HAPKIK0O1q/LAuRDZnHAcgGs2roStSZ24Lb/b
sxmLRJ/5N/2GFok1MahNOEm+NbXxmO86So+GdgA1hPNf8P6QJokF+4246jV/mmrB
DrOnOgpHnJHEciaYeUJFW0q0mp0S6Gtj9GODAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUUxoElSRQFJG2xP8exItn03PUpmYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1V4b0VsU1JRRkpHMnhQ
OGV4SXRuMDNQVXBtWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBADEkqmBXPfvNCd3D9M3Qrx1l7MMp366Y
rx9dlt7subVVJGYxUYHGN/VOL0WPzSg28jMgMCyBZeMfn97c6Nwpo87FyWuTdI0U
phjXQlwL4N7xWvoAKmarE+x2/Jd0DyDypoEAvngq2iN8rsF+xKX6D7kPJA6omYiw
QJVKjYaXDjXpuT7WJJkfUKByXJsbes3U2dNSBe7ZDqOmcEiMRf1pBV2k93uoAu7p
h6A7MiWM/QZX1Zg5o7T+yDpzLrSQwvwWUIHSQR9yRvIlfxj+9zHgPCpJc9OgJNeo
RDsXP9c5uIZg+lRXVq7V84Afd7E/QL2zv4i13Mnritl1kjtjLKpBNKY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:28 2024 by rpki-client on console-fra.rpki-client.org