Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/XuJsAok3jXrLZPu2eY-28XccEqE.roa
File: XuJsAok3jXrLZPu2eY-28XccEqE.roa (raw, json)
Hash identifier: 40Wiz+aiMuwZpjhrJc12aGwlFmGSo+l+xHUVnwM0Ubg=
Subject key identifier: 5E:E2:6C:02:89:37:8D:7A:CB:64:FB:B6:79:8F:B6:F1:77:1C:12:A1
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 415B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/XuJsAok3jXrLZPu2eY-28XccEqE.roa
Signing time: Mon 15 Apr 2024 17:22:54 +0000
ROA not before: Mon 15 Apr 2024 17:22:54 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16731 (0x415b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 15 17:22:54 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5EE26C0289378D7ACB64FBB6798FB6F1771C12A1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6a:9f:47:3c:59:7d:54:f2:11:73:cb:7b:32:
eb:1e:12:39:02:34:bb:26:c2:ee:42:df:48:95:51:
7e:00:93:09:45:4d:a6:ab:2f:67:e9:33:96:60:ee:
63:57:16:d5:8a:18:c2:f6:32:b1:0a:7d:ca:75:31:
20:e3:b9:71:55:3f:e7:34:ef:2c:75:2a:ab:85:65:
f8:d0:b7:7e:15:28:63:5e:e5:02:be:2d:1e:31:86:
ef:88:2a:ec:0c:a6:85:84:45:5b:fa:b5:46:2c:47:
00:3a:5d:07:1e:85:0f:ec:2c:49:8a:30:4a:4b:da:
52:c9:ca:39:5d:15:29:e7:ac:25:ed:1a:4d:e7:67:
a9:c7:1e:8b:9f:cf:2c:98:69:b2:4b:97:29:f4:80:
62:69:9d:8d:a5:83:89:23:12:7a:a3:79:4b:10:59:
eb:36:f4:4a:98:5f:c5:2f:bd:55:dc:05:7a:18:79:
61:c3:0d:16:8e:7a:00:47:fa:c1:52:cf:1e:25:30:
a8:63:c3:8a:a6:49:1a:7e:45:3d:36:2e:e4:f5:90:
f9:fd:af:90:a8:6a:81:a1:91:58:d9:3a:32:a6:b2:
21:3f:91:00:1a:1e:4a:ff:cd:31:9d:7b:5d:da:d0:
ef:b5:a3:43:5c:6c:db:da:05:24:28:5b:0e:f6:e3:
47:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:E2:6C:02:89:37:8D:7A:CB:64:FB:B6:79:8F:B6:F1:77:1C:12:A1
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/XuJsAok3jXrLZPu2eY-28XccEqE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
52:96:b9:26:8d:43:e5:08:f0:5e:31:0b:0e:4d:fb:f0:3a:24:
30:10:64:09:c2:8f:d4:80:c1:a3:8e:a4:41:6c:4f:c3:bc:c2:
c2:38:3f:c5:64:c8:91:70:1c:50:b2:ae:d7:cc:19:7e:98:9c:
7f:22:43:c1:d0:fc:1a:52:31:b8:f4:83:9e:35:05:89:0f:e9:
f6:bf:7d:71:b8:d1:22:1a:e6:12:51:19:25:32:65:6d:33:22:
d6:4e:bc:95:91:69:40:35:a3:19:0c:b4:02:b9:c3:59:72:bf:
3b:7f:ef:a4:fb:08:f7:ea:a4:b7:ea:92:d8:22:74:d7:f1:71:
b9:2e:42:44:1f:5c:b6:9a:8c:8b:78:b8:46:86:c5:15:37:a6:
70:bc:6c:6d:4b:05:30:bf:c8:ad:ac:45:a2:26:57:73:43:41:
1c:47:a4:67:4c:f6:73:7d:8f:58:99:66:01:a6:49:6d:ee:ad:
17:83:b9:e3:b0:dc:c5:da:f4:10:a4:a9:1f:f3:8f:f5:5e:63:
88:cd:65:7d:11:3b:ba:18:3a:b9:4c:5b:1b:59:bf:98:4b:8e:
b7:5e:51:fd:6c:46:81:f2:2b:34:8d:2a:aa:dc:aa:98:17:67:
75:30:00:b2:c0:ab:0d:eb:0a:59:e7:0b:9a:ac:5b:94:7a:0f:
7d:e3:83:09
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQVswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTUx
NzIyNTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVFRTI2QzAyODkzNzhE
N0FDQjY0RkJCNjc5OEZCNkYxNzcxQzEyQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnap9HPFl9VPIRc8t7MuseEjkCNLsmwu5C30iVUX4AkwlFTaar
L2fpM5Zg7mNXFtWKGML2MrEKfcp1MSDjuXFVP+c07yx1KquFZfjQt34VKGNe5QK+
LR4xhu+IKuwMpoWERVv6tUYsRwA6XQcehQ/sLEmKMEpL2lLJyjldFSnnrCXtGk3n
Z6nHHoufzyyYabJLlyn0gGJpnY2lg4kjEnqjeUsQWes29EqYX8UvvVXcBXoYeWHD
DRaOegBH+sFSzx4lMKhjw4qmSRp+RT02LuT1kPn9r5CoaoGhkVjZOjKmsiE/kQAa
Hkr/zTGde13a0O+1o0NcbNvaBSQoWw7240cbAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUXuJsAok3jXrLZPu2eY+28XccEqEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1h1SnNBb2szalhyTFpQ
dTJlWS0yOFhjY0VxRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFKWuSaNQ+UI8F4xCw5N+/A6JDAQZAnC
j9SAwaOOpEFsT8O8wsI4P8VkyJFwHFCyrtfMGX6YnH8iQ8HQ/BpSMbj0g541BYkP
6fa/fXG40SIa5hJRGSUyZW0zItZOvJWRaUA1oxkMtAK5w1lyvzt/76T7CPfqpLfq
ktgidNfxcbkuQkQfXLaajIt4uEaGxRU3pnC8bG1LBTC/yK2sRaImV3NDQRxHpGdM
9nN9j1iZZgGmSW3urReDueOw3MXa9BCkqR/zj/VeY4jNZX0RO7oYOrlMWxtZv5hL
jrdeUf1sRoHyKzSNKqrcqpgXZ3UwALLAqw3rClnnC5qsW5R6D33jgwk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:31 2024 by rpki-client on console-fra.rpki-client.org