Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ZD_H9m7fawRHZlbrShGU7moS8G0.roa
File: ZD_H9m7fawRHZlbrShGU7moS8G0.roa (raw, json)
Hash identifier: pUj/fyibzard9nnH0zMUMZ0AzF5l3GgKGs7FqQD5BHI=
Subject key identifier: 64:3F:C7:F6:6E:DF:6B:04:47:66:56:EB:4A:11:94:EE:6A:12:F0:6D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3573
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ZD_H9m7fawRHZlbrShGU7moS8G0.roa
Signing time: Sat 30 Mar 2024 20:22:12 +0000
ROA not before: Sat 30 Mar 2024 20:22:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13683 (0x3573)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 20:22:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=643FC7F66EDF6B04476656EB4A1194EE6A12F06D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:c6:98:7d:89:33:dd:31:5e:79:cd:fb:a8:9a:
d8:c0:2a:48:ca:59:3a:3a:30:15:79:a9:c3:dd:bd:
e3:81:de:66:5a:8c:cf:5d:ca:23:cc:99:fe:cc:b4:
2f:2b:31:05:a3:43:b2:7e:d8:c8:8b:e8:86:af:86:
37:f0:72:59:f8:61:c5:2c:bc:0d:23:6a:32:2b:f9:
93:0f:5c:eb:c1:1d:00:1c:d4:62:c5:79:19:50:f6:
90:4d:c8:96:f1:8e:27:44:74:b0:f0:a9:a6:07:37:
54:46:04:67:95:7f:d7:17:49:25:da:e9:83:47:c6:
70:8c:92:db:5b:0a:71:12:44:79:10:c2:16:74:97:
5e:09:a5:19:08:11:a3:4b:75:e7:46:88:42:9c:4c:
44:fe:d1:31:ae:86:83:29:30:00:25:42:c6:4f:af:
2e:5e:59:cf:0d:b8:48:a0:00:bb:f8:87:8e:0c:83:
eb:26:14:8a:25:7d:94:30:c5:77:38:e9:dd:65:7e:
c2:29:f4:76:58:ca:ae:ed:a5:d8:13:24:93:a3:3c:
b4:c2:f6:ff:2f:a3:c7:43:55:88:76:c4:ff:1f:5f:
bb:75:39:df:38:ee:b3:36:37:95:8f:4a:24:ff:05:
0c:95:fb:db:4e:e8:1b:ec:b8:76:34:17:f0:e3:14:
46:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:3F:C7:F6:6E:DF:6B:04:47:66:56:EB:4A:11:94:EE:6A:12:F0:6D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ZD_H9m7fawRHZlbrShGU7moS8G0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
a6:03:78:c8:44:32:e6:ad:74:96:34:4f:48:14:7f:9b:c4:84:
d9:42:fc:be:2f:dd:a3:b7:ee:18:1a:bc:6a:83:0e:c3:e6:a8:
4c:0f:85:e3:3b:2b:2c:44:b6:b0:18:48:01:92:34:5c:af:e0:
ac:75:51:66:22:5a:a2:5d:b9:9b:f1:14:1d:1e:db:bb:9f:ee:
2a:d9:41:b9:54:5b:2b:d9:05:77:81:01:c2:36:d3:f4:61:a5:
4e:e0:72:63:e2:0d:90:0a:a8:ae:ab:45:bc:68:87:20:d6:37:
00:56:54:65:13:b5:2c:89:64:f0:99:24:7f:c3:1e:64:bb:15:
be:86:52:e2:3c:6e:32:13:90:51:7a:da:b4:f3:41:08:aa:53:
ea:2e:16:2d:e8:07:9e:71:07:0e:97:2a:ce:5d:c3:f0:dd:0c:
e9:b4:8f:98:a5:15:4e:99:9c:ca:20:b2:9a:54:e9:a4:a6:24:
84:4e:1a:03:91:b8:63:ad:2f:c9:89:bb:4b:c3:b3:19:c5:30:
4e:4d:c4:e2:11:ea:f9:eb:1c:60:32:27:8c:88:f0:ff:3b:c4:
d7:53:fe:55:a8:8a:d0:7c:a1:53:5a:a9:11:10:76:d0:83:57:
83:02:e9:9d:71:3f:2d:17:40:6b:08:f1:ef:fe:97:f2:ad:00:
5b:52:79:07
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNXMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAy
MDIyMTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY0M0ZDN0Y2NkVERjZC
MDQ0NzY2NTZFQjRBMTE5NEVFNkExMkYwNkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDnxph9iTPdMV55zfuomtjAKkjKWTo6MBV5qcPdveOB3mZajM9d
yiPMmf7MtC8rMQWjQ7J+2MiL6Iavhjfwcln4YcUsvA0jajIr+ZMPXOvBHQAc1GLF
eRlQ9pBNyJbxjidEdLDwqaYHN1RGBGeVf9cXSSXa6YNHxnCMkttbCnESRHkQwhZ0
l14JpRkIEaNLdedGiEKcTET+0TGuhoMpMAAlQsZPry5eWc8NuEigALv4h44Mg+sm
FIolfZQwxXc46d1lfsIp9HZYyq7tpdgTJJOjPLTC9v8vo8dDVYh2xP8fX7t1Od84
7rM2N5WPSiT/BQyV+9tO6BvsuHY0F/DjFEb/AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUZD/H9m7fawRHZlbrShGU7moS8G0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1pEX0g5bTdmYXdSSFps
YnJTaEdVN21vUzhHMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAKYDeMhEMuatdJY0T0gUf5vEhNlC/L4v
3aO37hgavGqDDsPmqEwPheM7KyxEtrAYSAGSNFyv4Kx1UWYiWqJduZvxFB0e27uf
7irZQblUWyvZBXeBAcI20/RhpU7gcmPiDZAKqK6rRbxohyDWNwBWVGUTtSyJZPCZ
JH/DHmS7Fb6GUuI8bjITkFF62rTzQQiqU+ouFi3oB55xBw6XKs5dw/DdDOm0j5il
FU6ZnMogsppU6aSmJIROGgORuGOtL8mJu0vDsxnFME5NxOIR6vnrHGAyJ4yI8P87
xNdT/lWoitB8oVNaqREQdtCDV4MC6Z1xPy0XQGsI8e/+l/KtAFtSeQc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:32 2024 by rpki-client on console-fra.rpki-client.org