Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/XKq38t2tSNFBnbQjWgY28lN38Iw.roa
File: XKq38t2tSNFBnbQjWgY28lN38Iw.roa (raw, json)
Hash identifier: UfLWtTfPHu5wTDojAwZYo1zH+g4cCO7JEl3q9u8LqOI=
Subject key identifier: 5C:AA:B7:F2:DD:AD:48:D1:41:9D:B4:23:5A:06:36:F2:53:77:F0:8C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3147
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/XKq38t2tSNFBnbQjWgY28lN38Iw.roa
Signing time: Sat 03 Feb 2024 02:49:43 +0000
ROA not before: Sat 03 Feb 2024 02:49:43 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12615 (0x3147)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Feb 3 02:49:43 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5CAAB7F2DDAD48D1419DB4235A0636F25377F08C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f9:7d:a1:40:66:2a:c4:3f:62:25:5b:bd:26:
18:ad:29:83:4e:b7:85:54:6f:7a:29:3a:e9:3a:db:
ad:ef:30:3c:0b:78:48:a1:35:c0:0e:9f:02:6d:e8:
2a:03:0b:cd:c7:16:a8:89:20:33:07:dd:65:ce:ba:
2d:3e:18:e8:27:ec:8c:1d:4f:85:39:03:7b:bb:db:
70:1c:7d:d3:2f:81:f8:b8:64:d5:9e:16:12:40:30:
a4:22:c4:27:70:84:b8:be:95:3d:ae:1c:33:35:01:
8a:c7:c8:3b:3f:89:13:2e:e5:60:6e:7a:14:68:ae:
04:02:0b:28:fb:61:ba:b4:90:49:4e:26:06:ef:e8:
ef:61:36:7e:a0:84:25:f7:e0:7d:5b:1b:87:17:ff:
d7:7c:14:fa:2f:c1:57:d5:71:89:f2:2c:84:a5:eb:
7e:f2:08:bb:29:63:65:a0:cf:57:36:54:14:e2:5e:
90:1c:2e:0c:ab:76:e3:c3:a0:62:08:68:a2:f3:ba:
7f:fb:d6:5b:7d:6f:e1:50:ac:d1:32:2e:3d:a7:4b:
b8:53:06:88:ac:7d:9c:82:2b:8a:54:7f:57:1f:2a:
6a:ba:98:5d:08:a4:84:59:ea:10:4c:0c:4e:15:63:
18:18:96:73:bf:76:ff:d1:ae:12:72:fd:7e:87:3e:
e8:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:AA:B7:F2:DD:AD:48:D1:41:9D:B4:23:5A:06:36:F2:53:77:F0:8C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/XKq38t2tSNFBnbQjWgY28lN38Iw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
ad:d6:06:40:31:03:68:a5:4d:d0:2f:8d:6f:c9:bd:9a:5f:51:
51:ed:e9:b6:19:2b:bd:4b:8f:5d:15:51:a0:ee:b8:fa:c3:53:
f6:0c:94:f5:db:65:d4:3b:61:bd:85:70:52:f3:8e:af:6f:94:
86:d0:c8:45:6e:e9:f2:6e:e0:e6:b8:aa:be:de:5e:07:df:ec:
11:c6:2e:4a:a0:7d:bf:32:7c:ad:85:80:ba:c3:da:07:3f:c8:
d6:09:28:21:76:37:6f:64:27:85:c4:1b:48:d1:32:0a:a2:31:
1b:ba:81:20:5d:1f:61:ae:90:cb:a1:15:c2:db:e0:9f:bc:91:
70:0c:e9:5f:e9:5b:dd:92:c0:69:91:cf:77:ef:54:ae:1a:39:
42:58:74:fb:75:27:ff:a9:92:0a:1b:9c:0c:f6:67:44:a6:f3:
56:07:e3:94:a2:c0:83:2f:ac:ea:cf:ed:99:5a:b5:bf:6b:b9:
ff:9a:4c:86:49:ef:d0:55:b2:dc:ef:7f:5f:f2:89:40:33:93:
50:6e:98:c2:4a:34:00:bd:1a:07:48:2f:a7:95:ba:80:79:48:
2e:5f:99:8d:38:6f:d3:16:8e:d4:34:c1:35:f0:1f:99:2e:83:
28:2b:b7:aa:9c:a8:d5:81:bf:29:72:b2:30:68:f2:82:03:38:
fd:46:fc:b7
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICMUcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAyMDMw
MjQ5NDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVDQUFCN0YyRERBRDQ4
RDE0MTlEQjQyMzVBMDYzNkYyNTM3N0YwOEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8+X2hQGYqxD9iJVu9JhitKYNOt4VUb3opOuk6263vMDwLeEih
NcAOnwJt6CoDC83HFqiJIDMH3WXOui0+GOgn7IwdT4U5A3u723AcfdMvgfi4ZNWe
FhJAMKQixCdwhLi+lT2uHDM1AYrHyDs/iRMu5WBuehRorgQCCyj7Ybq0kElOJgbv
6O9hNn6ghCX34H1bG4cX/9d8FPovwVfVcYnyLISl637yCLspY2Wgz1c2VBTiXpAc
LgyrduPDoGIIaKLzun/71lt9b+FQrNEyLj2nS7hTBoisfZyCK4pUf1cfKmq6mF0I
pIRZ6hBMDE4VYxgYlnO/dv/RrhJy/X6HPuj1AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUXKq38t2tSNFBnbQjWgY28lN38IwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1hLcTM4dDJ0U05GQm5i
UWpXZ1kyOGxOMzhJdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAK3WBkAxA2ilTdAvjW/JvZpfUVHt6bYZ
K71Lj10VUaDuuPrDU/YMlPXbZdQ7Yb2FcFLzjq9vlIbQyEVu6fJu4Oa4qr7eXgff
7BHGLkqgfb8yfK2FgLrD2gc/yNYJKCF2N29kJ4XEG0jRMgqiMRu6gSBdH2GukMuh
FcLb4J+8kXAM6V/pW92SwGmRz3fvVK4aOUJYdPt1J/+pkgobnAz2Z0Sm81YH45Si
wIMvrOrP7Zlatb9ruf+aTIZJ79BVstzvf1/yiUAzk1BumMJKNAC9GgdIL6eVuoB5
SC5fmY04b9MWjtQ0wTXwH5kugygrt6qcqNWBvylysjBo8oIDOP1G/Lc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:30 2024 by rpki-client on console-fra.rpki-client.org