Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Xkd51ERBr9XgDvnxnDhcCTPkCJQ.roa
File: Xkd51ERBr9XgDvnxnDhcCTPkCJQ.roa (raw, json)
Hash identifier: eFMrfVD2+eUHLfYTRCdOcNYO/EMIg8FE2v/GqteyIAI=
Subject key identifier: 5E:47:79:D4:44:41:AF:D5:E0:0E:F9:F1:9C:38:5C:09:33:E4:08:94
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3687
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Xkd51ERBr9XgDvnxnDhcCTPkCJQ.roa
Signing time: Mon 01 Apr 2024 06:52:12 +0000
ROA not before: Mon 01 Apr 2024 06:52:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13959 (0x3687)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 1 06:52:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5E4779D44441AFD5E00EF9F19C385C0933E40894
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f0:81:7e:08:21:7f:03:7e:f4:6d:b9:bd:39:
6a:d2:90:20:30:de:d1:75:1c:da:87:ae:75:36:28:
b4:1c:1b:97:48:b2:22:90:d9:24:b3:aa:71:82:5e:
b7:25:b5:31:b0:23:96:bc:c5:f3:77:98:3b:ed:61:
d1:ff:96:c4:80:b7:fb:ef:27:84:a9:b1:40:21:2a:
20:79:d7:e7:8f:87:5d:8a:a3:6c:a1:2a:35:f6:54:
79:8c:7f:0c:fc:30:ea:15:44:77:c3:00:bd:b8:97:
7e:13:5e:26:2e:97:1e:27:e9:0c:30:b2:76:4d:be:
2a:32:fe:13:68:f6:f7:9c:8f:fb:a2:9a:d6:61:b9:
25:54:da:91:6f:d3:55:4f:d3:14:78:fa:b1:93:85:
f2:b3:90:4f:c3:ae:8b:fb:1f:32:53:90:cc:ba:1e:
bf:d5:44:15:fa:37:36:f8:79:b5:3b:3a:5b:8d:b5:
91:ba:30:d1:da:64:60:32:12:a4:58:d5:c2:50:94:
0e:88:c8:5f:77:c2:3c:eb:1e:ed:6f:f6:08:15:8f:
ae:a5:61:c1:79:9d:6d:6d:99:cd:8f:f0:00:a5:f4:
14:9e:00:4c:35:0c:df:ab:a3:e4:cb:36:61:13:e3:
c4:35:0a:3b:5d:ab:df:77:66:5c:2c:ca:4b:a1:bf:
8d:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:47:79:D4:44:41:AF:D5:E0:0E:F9:F1:9C:38:5C:09:33:E4:08:94
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Xkd51ERBr9XgDvnxnDhcCTPkCJQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
97:d1:89:d2:c6:a1:0e:de:8e:43:59:88:62:4c:79:3e:8c:0d:
97:e1:da:a4:2a:3d:64:02:7f:e0:f9:33:f5:a4:f4:d1:c0:10:
ab:00:56:a5:96:52:ee:d7:dd:a9:68:e2:db:16:08:ee:fa:ab:
97:d6:44:d8:8c:f7:f6:58:e9:57:3c:9e:aa:2d:a0:bd:56:18:
4f:ba:ff:4f:9f:4a:15:43:49:bf:52:09:4f:ff:c3:11:ca:11:
73:6e:69:a8:9a:a9:28:7d:b9:54:75:25:e9:28:2d:0d:24:be:
28:7d:1c:04:4e:8f:a8:b6:d3:e0:0d:9f:a0:72:63:21:86:c6:
76:55:e3:d4:0e:f3:88:31:60:b5:13:f0:1b:1b:73:6e:d4:86:
02:92:9b:13:11:6c:84:d5:ce:8a:5a:21:56:0f:0c:a7:71:21:
3f:fa:db:da:80:c0:6f:4b:04:0a:a4:fa:ec:38:02:85:d5:cf:
f6:f7:cb:6c:b6:88:3a:e5:6c:23:92:3f:7a:bb:05:b6:fb:f0:
ee:3a:18:b2:93:c3:47:18:ee:bb:8d:01:23:87:5a:bb:be:af:
39:db:4c:bf:e3:56:c7:58:71:b6:dc:da:87:97:cf:ac:82:d2:
f2:82:26:6e:78:d5:0e:1e:74:23:47:65:fd:e6:68:00:e4:81:
cb:1a:8e:b3
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNocwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDEw
NjUyMTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVFNDc3OUQ0NDQ0MUFG
RDVFMDBFRjlGMTlDMzg1QzA5MzNFNDA4OTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDX8IF+CCF/A370bbm9OWrSkCAw3tF1HNqHrnU2KLQcG5dIsiKQ
2SSzqnGCXrcltTGwI5a8xfN3mDvtYdH/lsSAt/vvJ4SpsUAhKiB51+ePh12Ko2yh
KjX2VHmMfwz8MOoVRHfDAL24l34TXiYulx4n6QwwsnZNvioy/hNo9vecj/uimtZh
uSVU2pFv01VP0xR4+rGThfKzkE/Drov7HzJTkMy6Hr/VRBX6Nzb4ebU7OluNtZG6
MNHaZGAyEqRY1cJQlA6IyF93wjzrHu1v9ggVj66lYcF5nW1tmc2P8ACl9BSeAEw1
DN+ro+TLNmET48Q1Cjtdq993Zlwsykuhv42zAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUXkd51ERBr9XgDvnxnDhcCTPkCJQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1hrZDUxRVJCcjlYZ0R2
bnhuRGhjQ1RQa0NKUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAJfRidLGoQ7ejkNZiGJMeT6MDZfh2qQq
PWQCf+D5M/Wk9NHAEKsAVqWWUu7X3alo4tsWCO76q5fWRNiM9/ZY6Vc8nqotoL1W
GE+6/0+fShVDSb9SCU//wxHKEXNuaaiaqSh9uVR1JekoLQ0kvih9HAROj6i20+AN
n6ByYyGGxnZV49QO84gxYLUT8Bsbc27UhgKSmxMRbITVzopaIVYPDKdxIT/629qA
wG9LBAqk+uw4AoXVz/b3y2y2iDrlbCOSP3q7Bbb78O46GLKTw0cY7ruNASOHWru+
rznbTL/jVsdYcbbc2oeXz6yC0vKCJm541Q4edCNHZf3maADkgcsajrM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:31 2024 by rpki-client on console-fra.rpki-client.org