Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ZAXwpMrmaMjgPwW64CUOOEWWtdg.roa
File: ZAXwpMrmaMjgPwW64CUOOEWWtdg.roa (raw, json)
Hash identifier: QtIcV2HwujGgWeEtLf7XWH7QDBPyQLRT7yC+OkPKStw=
Subject key identifier: 64:05:F0:A4:CA:E6:68:C8:E0:3F:05:BA:E0:25:0E:38:45:96:B5:D8
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 43CB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ZAXwpMrmaMjgPwW64CUOOEWWtdg.roa
Signing time: Thu 18 Apr 2024 23:22:59 +0000
ROA not before: Thu 18 Apr 2024 23:22:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17355 (0x43cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 18 23:22:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6405F0A4CAE668C8E03F05BAE0250E384596B5D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:86:06:4a:3c:41:fc:1b:a3:f9:e6:5e:43:8d:
5f:a4:cc:a3:41:f2:21:e1:e3:64:79:ae:ec:37:2b:
87:71:6a:9f:01:66:5d:b7:67:f8:60:e6:e8:20:8e:
60:f7:76:ba:18:41:26:24:ab:17:9f:9f:9a:28:77:
60:a8:3a:3e:79:3f:c8:f8:0b:df:e4:62:f8:86:58:
8e:44:63:5e:c5:cf:da:24:81:81:83:d9:c3:c8:87:
f7:de:cd:7c:5f:bb:f4:fd:13:e8:d7:0a:95:26:e6:
4d:81:97:7e:14:bb:f6:73:5d:de:7a:c0:ac:0e:54:
99:f9:39:12:01:22:60:5e:00:0d:d2:2e:ed:94:7d:
b8:77:25:d2:97:15:30:9f:52:b8:70:27:22:ad:e6:
c8:fb:7a:c2:1d:31:3b:e1:42:3a:21:ea:8e:11:db:
77:2f:a5:6d:ba:28:5d:55:e6:2e:f8:58:5c:9c:1f:
0e:72:73:04:f0:f4:e3:62:3c:97:f0:a5:36:10:ad:
e1:92:ed:26:28:6a:13:95:ae:b9:58:26:fd:00:64:
47:52:85:2a:e6:07:30:4e:53:ed:dc:fa:06:15:09:
32:60:db:81:de:03:71:df:aa:ba:53:79:fb:41:a2:
e8:2f:6e:b0:79:56:c6:8e:14:59:b7:a2:2b:6d:98:
36:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:05:F0:A4:CA:E6:68:C8:E0:3F:05:BA:E0:25:0E:38:45:96:B5:D8
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ZAXwpMrmaMjgPwW64CUOOEWWtdg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
04:0e:88:b8:19:f5:9f:d5:e3:9d:0c:e3:84:c1:24:cc:09:4f:
98:fc:94:72:1c:cb:46:97:5c:69:03:e4:42:5b:81:22:11:58:
a5:e0:25:5a:95:dc:a6:c5:3b:8b:a3:7e:e7:b6:c9:6a:42:5e:
db:6c:ea:63:60:e1:bc:e9:5e:9a:05:21:88:e0:b5:2f:73:06:
4e:17:e1:85:75:fd:8d:fb:67:e3:61:c1:f3:0a:52:ee:de:79:
d1:10:cf:ba:4d:4b:c0:de:e1:02:ac:96:a1:07:41:cf:4f:e7:
ea:97:46:93:5e:1b:e7:5d:ab:d9:58:87:7f:e1:bc:7f:2e:c6:
c1:cf:84:82:ec:05:15:3d:57:90:a3:de:db:40:19:5f:fe:35:
b2:74:a3:35:d1:0c:fd:14:48:0e:94:49:10:a7:50:41:95:6b:
4d:b0:c0:4e:13:b6:2b:69:b2:13:bc:7f:a9:da:04:22:5c:9b:
66:28:48:8b:68:0b:a6:33:74:5a:7a:df:6d:65:97:74:f1:e0:
df:b5:4a:3c:2d:bc:32:5b:bd:87:a2:b6:2d:ab:59:f2:07:33:
04:41:8a:e0:57:88:4c:2d:05:d3:cc:87:9d:1b:be:c6:7c:52:
1d:3d:73:af:96:cb:a7:6e:d3:67:25:f5:bc:68:84:f6:80:89:
f9:97:1f:89
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQ8swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTgy
MzIyNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY0MDVGMEE0Q0FFNjY4
QzhFMDNGMDVCQUUwMjUwRTM4NDU5NkI1RDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCshgZKPEH8G6P55l5DjV+kzKNB8iHh42R5ruw3K4dxap8BZl23
Z/hg5uggjmD3droYQSYkqxefn5ood2CoOj55P8j4C9/kYviGWI5EY17Fz9okgYGD
2cPIh/fezXxfu/T9E+jXCpUm5k2Bl34Uu/ZzXd56wKwOVJn5ORIBImBeAA3SLu2U
fbh3JdKXFTCfUrhwJyKt5sj7esIdMTvhQjoh6o4R23cvpW26KF1V5i74WFycHw5y
cwTw9ONiPJfwpTYQreGS7SYoahOVrrlYJv0AZEdShSrmBzBOU+3c+gYVCTJg24He
A3HfqrpTeftBougvbrB5VsaOFFm3oittmDaFAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUZAXwpMrmaMjgPwW64CUOOEWWtdgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1pBWHdwTXJtYU1qZ1B3
VzY0Q1VPT0VXV3RkZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAAQOiLgZ9Z/V450M44TBJMwJT5j8lHIc
y0aXXGkD5EJbgSIRWKXgJVqV3KbFO4ujfue2yWpCXtts6mNg4bzpXpoFIYjgtS9z
Bk4X4YV1/Y37Z+NhwfMKUu7eedEQz7pNS8De4QKslqEHQc9P5+qXRpNeG+ddq9lY
h3/hvH8uxsHPhILsBRU9V5Cj3ttAGV/+NbJ0ozXRDP0USA6USRCnUEGVa02wwE4T
titpshO8f6naBCJcm2YoSItoC6YzdFp6321ll3Tx4N+1SjwtvDJbvYeiti2rWfIH
MwRBiuBXiEwtBdPMh50bvsZ8Uh09c6+Wy6du02cl9bxohPaAifmXH4k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:32 2024 by rpki-client on console-fra.rpki-client.org