Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/_cXr_JGdCdHkHOaLKf265q5OIb0.roa
File: _cXr_JGdCdHkHOaLKf265q5OIb0.roa (raw, json)
Hash identifier: MY3tqc9Zy4ao7TdOgak5ultJzKoQu03AFQaR/6Xn5JQ=
Subject key identifier: FD:C5:EB:FC:91:9D:09:D1:E4:1C:E6:8B:29:FD:BA:E6:AE:4E:21:BD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3807
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_cXr_JGdCdHkHOaLKf265q5OIb0.roa
Signing time: Wed 03 Apr 2024 06:52:22 +0000
ROA not before: Wed 03 Apr 2024 06:52:22 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14343 (0x3807)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 3 06:52:22 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FDC5EBFC919D09D1E41CE68B29FDBAE6AE4E21BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e5:fd:9e:42:8d:bc:42:5e:3d:8a:63:4e:64:
a8:8e:4b:85:2d:b5:32:27:ce:b3:7b:65:49:db:44:
6e:44:73:c0:0a:ef:7f:16:22:cd:a3:a1:8c:4e:f1:
1a:54:78:47:75:f7:5d:49:4c:f4:71:09:49:16:01:
bb:79:c1:d1:c3:19:e8:bb:76:4e:73:6d:78:e3:08:
55:c2:1a:7d:cc:aa:0b:72:29:04:95:ac:c8:f4:b8:
a9:6e:28:da:bd:67:95:ba:3c:ba:69:05:25:41:ba:
59:3f:e8:1f:da:91:69:19:18:49:83:79:66:8e:9f:
37:63:52:e0:3b:c3:a7:3c:7c:60:97:26:07:a9:2d:
b4:45:d5:2b:f8:67:27:d9:bb:38:48:8d:3e:32:1f:
b0:ba:9b:4a:11:ae:c4:e4:fc:b1:c3:62:1d:14:f1:
1e:4e:b2:80:b3:fb:3f:8d:46:17:58:95:2a:f0:ee:
43:49:bf:f8:35:b4:b5:82:b7:67:5c:67:e2:0e:a5:
87:50:cb:bf:67:e9:2f:48:b4:1c:6b:d1:9e:9b:1e:
7d:32:ac:17:bf:b8:db:20:16:f9:53:20:9d:51:73:
4a:d2:12:e2:9f:67:e9:d4:d6:d5:6b:e3:89:a4:ad:
44:0c:31:2b:26:4c:37:91:7e:26:df:43:c7:ac:90:
2d:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:C5:EB:FC:91:9D:09:D1:E4:1C:E6:8B:29:FD:BA:E6:AE:4E:21:BD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/_cXr_JGdCdHkHOaLKf265q5OIb0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
31:f2:75:43:3b:09:b9:85:ef:2f:0e:2f:01:64:55:05:42:28:
1b:aa:4e:b6:a3:4e:a3:36:d6:a9:f3:74:b9:be:eb:38:05:24:
92:99:7c:cd:0c:19:e5:36:db:a3:cd:7e:0f:56:06:fc:f1:cc:
96:97:08:68:9a:2d:3a:9a:fa:5b:97:9e:cd:27:65:01:5c:9a:
f6:56:20:ad:13:ca:0b:3e:9e:6b:7e:fc:72:c3:f4:a7:7d:f8:
65:96:f2:92:fc:1a:62:4d:f0:80:5d:58:b6:58:e6:a9:09:9a:
4c:f9:d6:e9:16:9d:ce:bb:54:c8:d6:aa:2a:19:43:7a:0e:ec:
53:ca:c7:26:51:de:59:42:1d:44:3c:91:53:15:da:6d:9f:1c:
4b:19:06:28:7a:4c:7d:de:29:4a:66:41:2e:f9:29:91:7e:2b:
a4:4c:6e:de:fa:4e:b3:93:f5:d2:00:02:92:f4:36:5f:64:43:
ff:f0:e5:f4:09:0f:92:90:09:43:5b:ab:50:75:fa:63:f9:db:
06:0e:57:c9:89:1b:c1:3f:58:5a:a2:b2:88:79:92:d6:2f:41:
0b:93:7c:f5:44:4a:36:8b:78:06:40:f2:76:09:1f:b8:bd:fc:
67:f3:8f:13:f9:02:5f:86:42:7d:fd:64:7e:1f:2b:5a:b1:ce:
01:b9:95:31
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICOAcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDMw
NjUyMjJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZEQzVFQkZDOTE5RDA5
RDFFNDFDRTY4QjI5RkRCQUU2QUU0RTIxQkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/5f2eQo28Ql49imNOZKiOS4UttTInzrN7ZUnbRG5Ec8AK738W
Is2joYxO8RpUeEd1911JTPRxCUkWAbt5wdHDGei7dk5zbXjjCFXCGn3MqgtyKQSV
rMj0uKluKNq9Z5W6PLppBSVBulk/6B/akWkZGEmDeWaOnzdjUuA7w6c8fGCXJgep
LbRF1Sv4ZyfZuzhIjT4yH7C6m0oRrsTk/LHDYh0U8R5OsoCz+z+NRhdYlSrw7kNJ
v/g1tLWCt2dcZ+IOpYdQy79n6S9ItBxr0Z6bHn0yrBe/uNsgFvlTIJ1Rc0rSEuKf
Z+nU1tVr44mkrUQMMSsmTDeRfibfQ8eskC25AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU/cXr/JGdCdHkHOaLKf265q5OIb0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L19jWHJfSkdkQ2RIa0hP
YUxLZjI2NXE1T0liMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBADHydUM7CbmF7y8OLwFkVQVCKBuqTraj
TqM21qnzdLm+6zgFJJKZfM0MGeU226PNfg9WBvzxzJaXCGiaLTqa+luXns0nZQFc
mvZWIK0Tygs+nmt+/HLD9Kd9+GWW8pL8GmJN8IBdWLZY5qkJmkz51ukWnc67VMjW
qioZQ3oO7FPKxyZR3llCHUQ8kVMV2m2fHEsZBih6TH3eKUpmQS75KZF+K6RMbt76
TrOT9dIAApL0Nl9kQ//w5fQJD5KQCUNbq1B1+mP52wYOV8mJG8E/WFqisoh5ktYv
QQuTfPVESjaLeAZA8nYJH7i9/GfzjxP5Al+GQn39ZH4fK1qxzgG5lTE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:33 2024 by rpki-client on console-fra.rpki-client.org