Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/XfhHPDqhYHMrGWFjHW2AUFbkmJw.roa
File: XfhHPDqhYHMrGWFjHW2AUFbkmJw.roa (raw, json)
Hash identifier: PXp8Z/J1O/SZOUzsZpdhVaGC42PpD4IZ2E0JVP4w7oY=
Subject key identifier: 5D:F8:47:3C:3A:A1:60:73:2B:19:61:63:1D:6D:80:50:56:E4:98:9C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3563
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/XfhHPDqhYHMrGWFjHW2AUFbkmJw.roa
Signing time: Sat 30 Mar 2024 18:22:08 +0000
ROA not before: Sat 30 Mar 2024 18:22:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13667 (0x3563)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 18:22:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5DF8473C3AA160732B1961631D6D805056E4989C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:11:e9:dc:c4:ab:18:7d:f2:2f:78:81:63:90:
27:bf:47:c7:17:d6:77:b9:4c:f8:ad:3f:13:93:35:
22:26:ef:cb:4c:87:7c:bc:80:be:c3:ff:5e:5a:24:
0b:16:56:62:ae:08:c8:0b:fc:d7:6b:97:bd:77:f1:
66:07:e5:49:9f:f0:ca:71:ec:1f:78:3d:bc:e1:dc:
0c:89:b8:a1:2d:72:8e:a2:24:4f:71:42:ad:29:68:
e7:cb:3b:9d:eb:6c:1b:c9:15:dd:e0:c8:4a:6e:a8:
e1:9f:67:6b:25:a1:28:1f:76:63:fc:63:65:ab:a7:
fe:0c:66:c0:6f:62:b3:b4:47:68:69:41:81:f9:b2:
8b:77:55:a2:91:a8:bb:81:bd:e7:85:07:e5:65:93:
71:e7:90:33:96:40:c8:dc:fb:68:a1:10:b9:d7:eb:
8c:f2:73:c9:a1:f4:f5:59:40:98:c9:71:1e:e4:29:
a3:bd:ba:d7:e5:17:57:89:00:41:22:f4:44:e5:e8:
b4:3e:9b:be:50:1c:7a:01:a8:04:58:96:3a:c7:3e:
0e:d1:1c:7b:e1:61:62:5f:70:cc:66:7a:31:67:33:
e0:b7:3d:6c:f3:d7:ee:d5:50:6f:42:76:14:0a:0d:
de:f6:7a:51:96:66:88:98:73:b1:96:c2:7b:3a:c2:
6c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:F8:47:3C:3A:A1:60:73:2B:19:61:63:1D:6D:80:50:56:E4:98:9C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/XfhHPDqhYHMrGWFjHW2AUFbkmJw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
a0:d3:2f:fc:91:6a:22:5c:9e:98:55:f9:90:e6:f3:59:f6:1b:
d9:eb:17:af:61:71:71:8a:b8:cf:d3:48:52:bc:4e:56:22:03:
d5:45:c6:69:b5:71:47:51:1e:a0:c7:9d:8d:3d:c9:46:84:f4:
5f:35:a6:88:e4:a1:91:28:b3:22:f5:06:8c:cb:7c:2e:3c:4e:
1b:8b:75:f1:00:8b:a0:59:20:ef:0c:82:e9:54:c8:1a:04:28:
17:9a:3b:97:3c:99:f4:bd:21:08:72:89:a2:15:f1:70:0a:77:
c0:79:84:ea:43:3d:5a:fc:8e:6d:d4:08:f5:b5:fd:0e:3e:33:
64:f5:4f:48:a7:0f:c3:74:8d:13:42:3a:47:5c:7a:02:e0:e8:
eb:32:99:47:3c:d8:fe:63:ee:5e:da:3a:72:6c:e6:f5:57:41:
d1:8a:43:06:ed:00:ed:31:60:a1:47:40:8a:e9:af:2e:af:3d:
e1:74:54:1a:49:9a:80:d6:b0:7e:12:30:ea:47:85:17:ce:fe:
0f:58:8f:b6:65:1e:76:cd:15:52:cc:e5:34:cc:63:12:d2:14:
97:ea:28:18:88:bb:de:73:05:38:46:fa:6b:0c:e3:c5:f2:45:
83:f0:df:35:71:24:91:b4:55:fc:58:0a:99:6b:b0:4c:ac:3a:
fe:70:d9:c5
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNWMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAx
ODIyMDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVERjg0NzNDM0FBMTYw
NzMyQjE5NjE2MzFENkQ4MDUwNTZFNDk4OUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVEencxKsYffIveIFjkCe/R8cX1ne5TPitPxOTNSIm78tMh3y8
gL7D/15aJAsWVmKuCMgL/Ndrl7138WYH5Umf8Mpx7B94Pbzh3AyJuKEtco6iJE9x
Qq0paOfLO53rbBvJFd3gyEpuqOGfZ2sloSgfdmP8Y2Wrp/4MZsBvYrO0R2hpQYH5
sot3VaKRqLuBveeFB+Vlk3HnkDOWQMjc+2ihELnX64zyc8mh9PVZQJjJcR7kKaO9
utflF1eJAEEi9ETl6LQ+m75QHHoBqARYljrHPg7RHHvhYWJfcMxmejFnM+C3PWzz
1+7VUG9CdhQKDd72elGWZoiYc7GWwns6wmxVAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUXfhHPDqhYHMrGWFjHW2AUFbkmJwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1hmaEhQRHFoWUhNckdX
RmpIVzJBVUZia21Kdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAKDTL/yRaiJcnphV+ZDm81n2G9nrF69h
cXGKuM/TSFK8TlYiA9VFxmm1cUdRHqDHnY09yUaE9F81pojkoZEosyL1BozLfC48
ThuLdfEAi6BZIO8MgulUyBoEKBeaO5c8mfS9IQhyiaIV8XAKd8B5hOpDPVr8jm3U
CPW1/Q4+M2T1T0inD8N0jRNCOkdcegLg6OsymUc82P5j7l7aOnJs5vVXQdGKQwbt
AO0xYKFHQIrpry6vPeF0VBpJmoDWsH4SMOpHhRfO/g9Yj7ZlHnbNFVLM5TTMYxLS
FJfqKBiIu95zBThG+msM48XyRYPw3zVxJJG0VfxYCplrsEysOv5w2cU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:30 2024 by rpki-client on console-fra.rpki-client.org