Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/aH7e_PO3yzJSUH0H6clzad6Lsws.roa
File: aH7e_PO3yzJSUH0H6clzad6Lsws.roa (raw, json)
Hash identifier: fW6GQwwZdyIylpjwRXcCe4qdA5+kGUtvz1VlU8xA1nQ=
Subject key identifier: 68:7E:DE:FC:F3:B7:CB:32:52:50:7D:07:E9:C9:73:69:DE:8B:B3:0B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3DB3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/aH7e_PO3yzJSUH0H6clzad6Lsws.roa
Signing time: Wed 10 Apr 2024 20:22:43 +0000
ROA not before: Wed 10 Apr 2024 20:22:43 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15795 (0x3db3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 10 20:22:43 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=687EDEFCF3B7CB3252507D07E9C97369DE8BB30B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:14:60:3e:68:b5:af:84:0c:db:ae:c9:7e:1a:
ca:a4:e7:10:7b:7b:af:07:66:27:54:c2:80:7a:bc:
fb:82:7f:22:a2:4b:58:e3:a1:40:25:9f:cf:cd:e4:
4c:4d:4e:46:55:2d:1e:af:d9:45:3b:26:8f:3e:af:
9a:e2:85:76:38:ed:80:9e:f9:52:c6:1a:68:0d:f2:
df:fe:ef:c8:c0:6f:85:ff:c9:a0:a6:76:89:d8:ae:
1b:2a:87:63:ed:95:8c:35:e8:c9:70:92:bc:cc:06:
fb:be:5c:a8:c1:1e:6c:10:03:ed:b0:43:d6:b8:22:
1c:b5:95:3f:de:95:05:b8:66:f5:6e:f4:f2:37:2a:
a8:6d:1d:41:01:21:e4:6d:9d:77:02:87:60:02:38:
42:ab:8f:69:5d:9f:79:73:7d:4a:24:1c:e6:84:b3:
53:1c:1b:a1:a6:8b:c5:60:e2:1e:23:14:04:04:2b:
97:d0:5f:d2:45:fa:59:75:dc:bd:f4:68:76:f7:f0:
a7:da:a3:ca:e0:c1:59:90:15:cc:8d:44:99:95:ea:
ae:ba:87:ad:e6:48:73:cf:84:d8:1e:79:85:1d:9e:
0c:4f:b6:16:df:ca:75:05:34:54:c5:de:67:48:7c:
8f:ff:53:50:6a:ed:71:a0:76:49:ab:62:8e:20:e0:
37:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:7E:DE:FC:F3:B7:CB:32:52:50:7D:07:E9:C9:73:69:DE:8B:B3:0B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/aH7e_PO3yzJSUH0H6clzad6Lsws.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
6f:ef:90:d6:50:c2:31:08:30:a3:a3:0d:13:8b:0e:9b:dc:8c:
db:e7:cf:7e:f3:5c:db:4a:73:b9:7e:02:0a:17:c8:2f:b2:68:
49:4f:5f:f9:33:1e:2c:87:7f:20:e6:e5:5a:ca:19:25:78:dc:
39:67:bb:22:11:c0:93:c5:66:8a:32:75:38:9c:19:34:3f:a0:
d3:42:cd:f1:dd:76:8b:3b:41:64:c5:eb:48:b2:7a:2e:9f:3f:
43:15:e9:bf:5d:31:ac:01:c8:aa:38:82:36:64:48:33:df:ee:
14:72:af:cb:9a:0a:5f:f0:f7:ed:b0:13:f0:07:ef:d9:7d:26:
20:fa:fa:1e:11:dd:93:fa:61:66:00:3e:e2:16:ad:61:9c:c6:
9f:91:33:92:20:91:a6:a4:81:be:15:cb:96:1e:83:19:b7:a3:
be:22:62:36:eb:29:4d:b5:50:da:f2:e2:65:9f:4f:f4:e4:0f:
b2:4b:c3:9f:f7:4f:ad:8b:8a:21:19:8b:f8:43:62:f3:b5:07:
ec:14:eb:cc:7c:17:2b:e7:07:68:a3:f5:7e:f7:f1:22:b2:5a:
2c:d9:64:47:82:9d:98:37:8f:7b:22:1a:85:40:f8:28:66:f4:
7c:62:fa:66:bb:d1:d8:c6:08:cd:41:77:a8:b5:07:ee:1a:b6:
d4:98:f6:78
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPbMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTAy
MDIyNDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY4N0VERUZDRjNCN0NC
MzI1MjUwN0QwN0U5Qzk3MzY5REU4QkIzMEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDrFGA+aLWvhAzbrsl+Gsqk5xB7e68HZidUwoB6vPuCfyKiS1jj
oUAln8/N5ExNTkZVLR6v2UU7Jo8+r5rihXY47YCe+VLGGmgN8t/+78jAb4X/yaCm
donYrhsqh2PtlYw16MlwkrzMBvu+XKjBHmwQA+2wQ9a4Ihy1lT/elQW4ZvVu9PI3
KqhtHUEBIeRtnXcCh2ACOEKrj2ldn3lzfUokHOaEs1McG6Gmi8Vg4h4jFAQEK5fQ
X9JF+ll13L30aHb38Kfao8rgwVmQFcyNRJmV6q66h63mSHPPhNgeeYUdngxPthbf
ynUFNFTF3mdIfI//U1Bq7XGgdkmrYo4g4DeJAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUaH7e/PO3yzJSUH0H6clzad6LswswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2FIN2VfUE8zeXpKU1VI
MEg2Y2x6YWQ2THN3cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAG/vkNZQwjEIMKOjDROLDpvcjNvnz37z
XNtKc7l+AgoXyC+yaElPX/kzHiyHfyDm5VrKGSV43DlnuyIRwJPFZooydTicGTQ/
oNNCzfHddos7QWTF60iyei6fP0MV6b9dMawByKo4gjZkSDPf7hRyr8uaCl/w9+2w
E/AH79l9JiD6+h4R3ZP6YWYAPuIWrWGcxp+RM5Igkaakgb4Vy5Yegxm3o74iYjbr
KU21UNry4mWfT/TkD7JLw5/3T62LiiEZi/hDYvO1B+wU68x8FyvnB2ij9X738SKy
WizZZEeCnZg3j3siGoVA+Chm9Hxi+ma70djGCM1Bd6i1B+4attSY9ng=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:34 2024 by rpki-client on console-fra.rpki-client.org