Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/XgaD6XdU_no3tAfeE-3trHD887Q.roa
File: XgaD6XdU_no3tAfeE-3trHD887Q.roa (raw, json)
Hash identifier: 4BWt9F8VKujWTYXO3YGWfrjxI05uZA5LYQ8L2MsPLEk=
Subject key identifier: 5E:06:83:E9:77:54:FE:7A:37:B4:07:DE:13:ED:ED:AC:70:FC:F3:B4
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 44C7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/XgaD6XdU_no3tAfeE-3trHD887Q.roa
Signing time: Sat 20 Apr 2024 06:53:10 +0000
ROA not before: Sat 20 Apr 2024 06:53:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17607 (0x44c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 06:53:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5E0683E97754FE7A37B407DE13EDEDAC70FCF3B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6c:14:e8:69:d7:27:d9:f4:19:01:7d:9c:9b:
6f:15:0b:8c:b6:eb:00:e1:10:a6:1b:bf:f2:b5:ba:
50:5b:f5:97:ec:4b:39:d5:79:e2:9b:9e:33:9b:96:
19:9c:d7:0e:5e:2b:3a:4a:26:7c:fe:ab:3c:81:90:
ff:ca:b1:a9:ee:cd:c3:4a:22:09:09:bf:21:c8:fa:
5d:e6:df:8f:6f:35:a8:d0:3f:1f:c7:3c:4b:4d:26:
90:7a:8a:8e:9f:b2:5d:b1:d9:c2:bb:eb:5b:e6:07:
aa:9c:db:69:05:c1:83:59:db:36:a1:aa:00:20:34:
11:f9:73:d7:99:7a:2f:07:85:31:92:97:df:27:fb:
55:51:3f:f7:4e:84:ad:57:f5:2f:52:57:f0:4c:01:
e1:76:8f:75:e8:ed:99:8d:93:08:df:27:46:76:2e:
1f:d4:f4:13:f8:6b:f6:4e:3f:69:4a:f5:03:a6:0f:
68:c8:fe:0f:fc:21:25:8f:75:6d:f5:37:a9:b2:64:
5e:82:b0:c1:ec:9b:74:97:dc:f4:d9:56:36:ee:07:
74:01:3c:57:ac:ec:2c:2e:48:27:89:8e:b0:a8:17:
dd:3c:87:75:04:10:8c:a4:e8:ba:62:86:6a:53:0c:
d7:cb:da:88:ea:06:3a:43:6f:18:52:c3:77:09:8c:
b8:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:06:83:E9:77:54:FE:7A:37:B4:07:DE:13:ED:ED:AC:70:FC:F3:B4
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/XgaD6XdU_no3tAfeE-3trHD887Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
7d:86:2f:dd:02:4a:fb:ef:3b:44:7b:a5:d6:54:bd:9d:c8:6a:
40:7c:9e:a5:8c:2a:55:bd:67:c3:05:03:52:5a:93:51:b5:62:
74:f0:2d:19:bf:a5:41:a9:bb:10:96:2a:41:d6:83:22:ba:13:
ab:25:5a:9d:0b:38:fd:af:55:26:68:ea:60:2d:8b:4d:08:e1:
13:3f:56:76:eb:a6:50:0e:bd:6a:3c:cc:04:8a:5b:28:bd:a6:
10:59:8a:c1:c9:25:a3:88:5e:1a:86:74:16:7e:4e:4c:b6:b2:
bc:cd:ec:e8:1c:28:f1:28:c3:52:96:95:9c:5d:9f:8d:31:ce:
a7:bd:74:20:61:31:8b:66:6e:b9:e4:5e:3f:2e:5d:ee:32:c0:
7f:a3:4e:4b:cb:89:b5:e6:95:67:22:cc:21:28:30:1c:ce:4b:
3d:2e:d1:d2:6f:ae:e3:c6:9c:1a:20:5f:41:82:cb:90:f9:24:
1b:b3:18:b6:74:da:45:87:a2:0f:40:17:02:fc:07:b0:31:7c:
db:a2:82:9d:50:c5:0b:d9:a8:e8:4c:0f:27:6c:61:a8:48:60:
de:57:d4:79:e2:fe:2f:21:f9:9c:0e:4d:1d:97:72:1a:33:14:
97:00:85:a3:45:67:f0:a1:7e:e6:ae:bb:25:dd:af:ef:61:12:
51:6f:0e:c4
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICRMcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAw
NjUzMTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVFMDY4M0U5Nzc1NEZF
N0EzN0I0MDdERTEzRURFREFDNzBGQ0YzQjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3bBToadcn2fQZAX2cm28VC4y26wDhEKYbv/K1ulBb9ZfsSznV
eeKbnjOblhmc1w5eKzpKJnz+qzyBkP/KsanuzcNKIgkJvyHI+l3m349vNajQPx/H
PEtNJpB6io6fsl2x2cK761vmB6qc22kFwYNZ2zahqgAgNBH5c9eZei8HhTGSl98n
+1VRP/dOhK1X9S9SV/BMAeF2j3Xo7ZmNkwjfJ0Z2Lh/U9BP4a/ZOP2lK9QOmD2jI
/g/8ISWPdW31N6myZF6CsMHsm3SX3PTZVjbuB3QBPFes7CwuSCeJjrCoF908h3UE
EIyk6LpihmpTDNfL2ojqBjpDbxhSw3cJjLjRAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUXgaD6XdU/no3tAfeE+3trHD887QwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1hnYUQ2WGRVX25vM3RB
ZmVFLTN0ckhEODg3US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAH2GL90CSvvvO0R7pdZUvZ3IakB8nqWM
KlW9Z8MFA1Jak1G1YnTwLRm/pUGpuxCWKkHWgyK6E6slWp0LOP2vVSZo6mAti00I
4RM/VnbrplAOvWo8zASKWyi9phBZisHJJaOIXhqGdBZ+Tky2srzN7OgcKPEow1KW
lZxdn40xzqe9dCBhMYtmbrnkXj8uXe4ywH+jTkvLibXmlWcizCEoMBzOSz0u0dJv
ruPGnBogX0GCy5D5JBuzGLZ02kWHog9AFwL8B7AxfNuigp1QxQvZqOhMDydsYahI
YN5X1Hni/i8h+ZwOTR2XchozFJcAhaNFZ/ChfuauuyXdr+9hElFvDsQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:49 2024 by rpki-client on console-ams.rpki-client.org