Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/_andwknhxCmmT6KqHPBXYLR-748.roa
File: _andwknhxCmmT6KqHPBXYLR-748.roa (raw, json)
Hash identifier: a1meBCtP58nR2Pbtkt7mk4ywc9RUpVy1RxzmwbXZSEE=
Subject key identifier: FD:A9:DD:C2:49:E1:C4:29:A6:4F:A2:AA:1C:F0:57:60:B4:7E:EF:8F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 542B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_andwknhxCmmT6KqHPBXYLR-748.roa
Signing time: Fri 10 May 2024 19:24:05 +0000
ROA not before: Fri 10 May 2024 19:24:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21547 (0x542b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 10 19:24:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FDA9DDC249E1C429A64FA2AA1CF05760B47EEF8F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:2e:f5:8e:92:d1:46:88:f8:a2:f9:9f:21:23:
49:d7:63:62:f0:8f:80:4a:0f:2e:33:70:91:96:36:
1c:da:c8:ca:ae:ac:8c:54:09:f3:ea:30:91:21:97:
e0:a3:0d:06:9d:ea:63:62:45:8a:47:0d:bf:d9:5d:
c0:fb:34:ef:4b:91:9f:bd:f8:02:ee:2c:02:57:fa:
f0:2c:67:1c:77:00:00:89:28:01:b7:b8:16:fb:88:
61:05:06:2e:3a:0e:c5:24:f9:9f:ee:d0:c6:39:1b:
a4:c8:86:96:b1:7b:09:c3:d7:94:28:21:67:1e:ca:
3b:94:8b:76:2c:21:e4:9b:36:8d:77:0f:22:b9:53:
fc:35:91:99:af:cc:f9:7c:ee:95:a1:e1:25:e8:fb:
3f:da:61:b3:d6:07:82:0e:6c:70:e6:ff:13:fb:a1:
24:42:cf:17:14:76:47:16:1f:04:df:a8:af:8d:3a:
0c:dc:1f:9e:b2:f7:dd:53:bb:ef:6c:65:65:0f:77:
90:b1:ca:4f:de:b0:54:44:8a:47:bb:b3:0a:7e:7a:
b6:bf:c3:18:37:70:c2:5d:c6:98:b8:8e:a8:49:f6:
36:de:b2:77:99:38:e2:5c:08:98:9c:64:b6:3b:48:
81:91:76:8b:5f:09:4a:40:9e:e6:eb:b8:3e:05:a9:
d3:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:A9:DD:C2:49:E1:C4:29:A6:4F:A2:AA:1C:F0:57:60:B4:7E:EF:8F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_andwknhxCmmT6KqHPBXYLR-748.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
45:d4:0e:67:4d:bc:be:c2:d2:21:30:b0:c4:da:f9:d9:ef:79:
7a:74:3c:31:08:9e:9e:90:01:ef:f5:67:93:e3:c9:1f:47:66:
36:0a:ff:f4:4d:d1:54:22:46:39:1c:92:4f:58:66:1c:0f:7b:
d0:25:38:bb:72:ce:91:e8:d0:21:38:a2:17:27:0d:75:93:6a:
64:33:b2:4d:50:8f:c0:55:9f:35:58:40:3e:71:68:44:3c:87:
2e:64:2c:f5:21:96:77:ab:76:80:e6:e9:a5:3e:0f:3f:ff:65:
99:73:04:e2:2c:3e:c9:1f:5f:b3:fd:a6:b5:8e:c8:cc:a4:e2:
4b:ce:a5:ec:9c:24:c8:5b:b5:b5:66:19:75:32:bb:2d:3f:9a:
db:27:89:a2:a8:50:12:81:ab:ad:a7:3e:10:87:c7:57:0d:17:
bc:e9:a4:d8:9e:01:88:ca:a7:2d:fd:1d:50:66:5b:6d:82:79:
ff:62:70:16:0f:39:46:f0:8b:d1:61:6c:ae:e9:6c:19:6a:5c:
4e:cf:e7:4d:5c:59:7c:08:c3:c2:88:76:67:2e:35:86:df:d2:
17:b4:3e:61:7f:47:14:03:af:ae:b2:cd:77:db:bb:b2:f9:9c:
ee:dd:c1:ff:e0:91:58:ee:07:aa:1b:03:cf:92:fa:0d:8b:90:
71:08:95:1b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICVCswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTAx
OTI0MDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZEQTlEREMyNDlFMUM0
MjlBNjRGQTJBQTFDRjA1NzYwQjQ3RUVGOEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKLvWOktFGiPii+Z8hI0nXY2Lwj4BKDy4zcJGWNhzayMqurIxU
CfPqMJEhl+CjDQad6mNiRYpHDb/ZXcD7NO9LkZ+9+ALuLAJX+vAsZxx3AACJKAG3
uBb7iGEFBi46DsUk+Z/u0MY5G6TIhpaxewnD15QoIWceyjuUi3YsIeSbNo13DyK5
U/w1kZmvzPl87pWh4SXo+z/aYbPWB4IObHDm/xP7oSRCzxcUdkcWHwTfqK+NOgzc
H56y991Tu+9sZWUPd5Cxyk/esFREike7swp+era/wxg3cMJdxpi4jqhJ9jbesneZ
OOJcCJicZLY7SIGRdotfCUpAnubruD4FqdO/AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU/andwknhxCmmT6KqHPBXYLR+748wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L19hbmR3a25oeENtbVQ2
S3FIUEJYWUxSLTc0OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAEXUDmdNvL7C0iEwsMTa+dnveXp0PDEI
np6QAe/1Z5PjyR9HZjYK//RN0VQiRjkckk9YZhwPe9AlOLtyzpHo0CE4ohcnDXWT
amQzsk1Qj8BVnzVYQD5xaEQ8hy5kLPUhlnerdoDm6aU+Dz//ZZlzBOIsPskfX7P9
prWOyMyk4kvOpeycJMhbtbVmGXUyuy0/mtsniaKoUBKBq62nPhCHx1cNF7zppNie
AYjKpy39HVBmW22Cef9icBYPOUbwi9FhbK7pbBlqXE7P501cWXwIw8KIdmcuNYbf
0he0PmF/RxQDr66yzXfbu7L5nO7dwf/gkVjuB6obA8+S+g2LkHEIlRs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:33 2024 by rpki-client on console-fra.rpki-client.org