Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/XalN8SSoeAF5bQeIu8xZRXmKF7E.roa
File: XalN8SSoeAF5bQeIu8xZRXmKF7E.roa (raw, json)
Hash identifier: QxApG5pmTtyD+IC667o2JO8+jCo7/GoWIV7Km4G3kv8=
Subject key identifier: 5D:A9:4D:F1:24:A8:78:01:79:6D:07:88:BB:CC:59:45:79:8A:17:B1
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 342F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/XalN8SSoeAF5bQeIu8xZRXmKF7E.roa
Signing time: Fri 29 Mar 2024 03:52:04 +0000
ROA not before: Fri 29 Mar 2024 03:52:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13359 (0x342f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 03:52:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5DA94DF124A87801796D0788BBCC5945798A17B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:50:27:e6:66:4d:7d:22:fd:68:22:20:85:a6:
58:4c:0d:eb:84:b9:30:fa:1f:73:96:ff:16:a6:20:
de:a0:40:b8:58:9a:13:02:76:05:f1:58:8a:78:bc:
01:92:ea:e6:ea:fe:c3:2f:31:bd:4a:d3:60:57:41:
33:17:b0:1d:3c:23:05:e9:f5:df:fb:6e:74:84:00:
24:0f:d2:63:9d:37:61:4c:38:c7:1d:44:40:69:ce:
ef:d6:9c:d8:53:2f:20:d4:95:b9:b2:2b:58:85:46:
50:c2:02:87:7b:cd:b6:80:c5:80:26:51:c7:c5:0a:
a3:47:0b:8f:26:6b:40:eb:bb:ea:92:4e:02:4b:89:
f8:d7:25:db:6e:50:a0:b5:ea:dc:a3:4a:f5:01:28:
3d:59:06:17:7c:07:1e:ae:78:ea:42:5d:fb:df:dc:
3e:84:4b:01:42:3b:b6:67:7d:a4:6c:00:75:dc:41:
1e:82:b9:10:ce:a5:2c:de:d9:98:91:e5:52:8d:79:
d0:a1:21:8e:08:2d:da:11:83:63:9b:57:62:f2:26:
71:71:af:78:ad:77:18:f0:9c:5e:bc:47:ca:7c:11:
68:a0:ee:5a:8d:3b:f0:78:a1:bc:9b:40:a9:11:a1:
f3:51:9d:04:b8:6e:25:ea:9f:6b:ae:bc:28:1f:7f:
db:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:A9:4D:F1:24:A8:78:01:79:6D:07:88:BB:CC:59:45:79:8A:17:B1
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/XalN8SSoeAF5bQeIu8xZRXmKF7E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
4d:87:a3:76:79:bf:66:35:a0:25:4f:3e:bc:36:85:1f:c2:22:
1a:b9:44:ba:3c:88:e1:dd:8a:24:a2:22:2f:1f:f0:b3:c3:2d:
00:88:d4:a7:84:52:37:4c:7c:e4:45:39:87:45:fb:59:89:2d:
cb:6c:fd:af:ac:e9:09:b9:c9:58:41:33:d5:04:b2:df:1d:a4:
c4:42:b3:aa:c0:13:16:f6:ac:23:44:fc:b3:6f:92:f4:1d:92:
36:d5:d7:77:0b:0e:2c:63:7b:68:f1:a3:df:5f:8d:dc:cf:8c:
5b:48:3c:cb:f3:21:47:0d:66:9a:71:39:96:3e:15:2c:6c:e2:
63:ce:9d:f3:38:db:8a:28:98:6b:0f:b8:9d:13:4b:8f:b1:49:
e7:a9:49:43:9d:dd:41:a0:95:71:25:8f:a0:51:6b:88:74:a1:
93:17:8c:c3:1c:7b:05:0e:c1:6d:af:ce:40:32:14:38:59:ac:
62:7b:83:ee:a7:07:96:9b:d1:82:cc:90:da:10:dd:33:58:b6:
2a:bd:ae:94:dd:28:07:fd:9e:24:41:b5:2d:7f:b7:07:34:17:
fc:78:16:35:59:f5:b2:89:8e:01:37:8c:70:e8:44:ac:6b:4c:
7c:b7:f6:75:3f:b8:a6:f3:ac:11:7a:d2:d3:26:77:13:db:3f:
9a:26:bb:e1
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNC8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjkw
MzUyMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVEQTk0REYxMjRBODc4
MDE3OTZEMDc4OEJCQ0M1OTQ1Nzk4QTE3QjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOUCfmZk19Iv1oIiCFplhMDeuEuTD6H3OW/xamIN6gQLhYmhMC
dgXxWIp4vAGS6ubq/sMvMb1K02BXQTMXsB08IwXp9d/7bnSEACQP0mOdN2FMOMcd
REBpzu/WnNhTLyDUlbmyK1iFRlDCAod7zbaAxYAmUcfFCqNHC48ma0Dru+qSTgJL
ifjXJdtuUKC16tyjSvUBKD1ZBhd8Bx6ueOpCXfvf3D6ESwFCO7ZnfaRsAHXcQR6C
uRDOpSze2ZiR5VKNedChIY4ILdoRg2ObV2LyJnFxr3itdxjwnF68R8p8EWig7lqN
O/B4obybQKkRofNRnQS4biXqn2uuvCgff9unAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUXalN8SSoeAF5bQeIu8xZRXmKF7EwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1hhbE44U1NvZUFGNWJR
ZUl1OHhaUlhtS0Y3RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAE2Ho3Z5v2Y1oCVPPrw2hR/CIhq5RLo8
iOHdiiSiIi8f8LPDLQCI1KeEUjdMfORFOYdF+1mJLcts/a+s6Qm5yVhBM9UEst8d
pMRCs6rAExb2rCNE/LNvkvQdkjbV13cLDixje2jxo99fjdzPjFtIPMvzIUcNZppx
OZY+FSxs4mPOnfM424oomGsPuJ0TS4+xSeepSUOd3UGglXElj6BRa4h0oZMXjMMc
ewUOwW2vzkAyFDhZrGJ7g+6nB5ab0YLMkNoQ3TNYtiq9rpTdKAf9niRBtS1/twc0
F/x4FjVZ9bKJjgE3jHDoRKxrTHy39nU/uKbzrBF60tMmdxPbP5omu+E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:30 2024 by rpki-client on console-fra.rpki-client.org