Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/aLtwp3m_APz5YSVocArrekULbpM.roa
File: aLtwp3m_APz5YSVocArrekULbpM.roa (raw, json)
Hash identifier: SKTTbe6CGGzK1wVaPDe2sNN4udDJO/6sfqT4jjodTrI=
Subject key identifier: 68:BB:70:A7:79:BF:00:FC:F9:61:25:68:70:0A:EB:7A:45:0B:6E:93
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 437B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/aLtwp3m_APz5YSVocArrekULbpM.roa
Signing time: Thu 18 Apr 2024 13:22:59 +0000
ROA not before: Thu 18 Apr 2024 13:22:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17275 (0x437b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 18 13:22:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=68BB70A779BF00FCF9612568700AEB7A450B6E93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a3:c7:27:b5:9b:6a:84:a9:1b:fd:1e:7a:87:
e2:26:7f:58:de:06:a2:25:11:56:89:05:5c:c3:a3:
df:45:ad:26:5c:83:b6:d8:42:a8:20:97:a3:70:9f:
44:5d:13:59:49:24:5d:57:cf:ba:2b:5d:d5:34:37:
15:9e:e4:3a:af:a0:fe:66:17:fc:de:85:af:2a:65:
ab:72:d0:01:5f:63:91:f9:9e:76:a4:87:bf:05:ca:
f7:63:a6:da:39:07:69:58:90:79:dd:64:15:5c:42:
4c:53:68:42:22:c2:b7:f4:69:52:18:3c:12:db:5e:
b6:6f:38:ca:7c:d6:9e:0a:61:b5:e3:9a:74:1f:30:
98:ec:2a:af:cd:56:3e:93:c9:96:03:36:af:39:fb:
48:c9:61:1f:6c:d4:90:25:88:fb:eb:b7:8f:fb:26:
71:b7:c2:14:9b:8f:bb:7c:87:4c:f6:ea:0e:d2:5c:
ed:80:f5:0b:bf:74:dd:c2:8b:85:20:41:6c:d1:32:
25:a9:47:65:96:83:f0:15:93:71:59:18:32:6c:35:
d7:12:4b:35:29:c0:ea:f3:a9:05:6f:f4:c9:0c:7a:
48:e5:1d:70:1a:1f:37:54:c3:7d:e0:ec:70:e4:a2:
29:fd:de:b8:a9:0a:53:44:ce:57:29:67:dc:46:46:
f0:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:BB:70:A7:79:BF:00:FC:F9:61:25:68:70:0A:EB:7A:45:0B:6E:93
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/aLtwp3m_APz5YSVocArrekULbpM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
82:6a:89:54:15:2b:9a:3b:a3:ba:1f:87:2b:f9:5b:79:e1:81:
33:85:eb:b4:19:15:bc:c4:60:13:fe:9a:7a:f9:61:11:c6:62:
c3:f8:d2:4c:c2:ba:b9:82:fd:3e:bf:f9:bc:2a:7b:97:a9:29:
f3:02:46:2a:3c:2b:d1:0e:61:df:7f:d6:55:af:ba:94:11:83:
3f:52:fa:09:ce:90:c0:f1:a6:85:08:15:9d:41:e6:96:45:c5:
28:89:2f:eb:6a:02:0a:6c:d8:33:98:26:af:69:94:87:9e:8e:
d8:e0:ce:3c:0f:ef:d2:78:1a:65:98:07:da:63:b0:4d:99:ce:
01:ae:27:f3:9e:62:9c:d1:43:45:92:4c:9e:b8:7c:ce:f6:9c:
f5:65:01:1f:78:2d:6d:78:6d:31:4a:de:13:20:08:e1:05:9b:
75:2f:96:ec:eb:c9:33:26:fe:6c:da:e4:b8:56:1f:9d:a1:1f:
64:a2:90:34:31:f2:9c:57:03:25:b4:1f:17:fb:1f:9e:a4:0e:
db:99:74:88:2c:d4:75:f1:39:d8:dc:f8:1f:74:40:cb:89:7f:
c6:20:52:18:8a:15:e9:fe:3c:43:ed:44:b5:5b:d3:4d:55:92:
f9:4e:02:31:66:06:ea:d6:ed:2d:55:99:06:fb:d5:c1:18:77:
a7:8b:fc:b6
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQ3swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTgx
MzIyNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY4QkI3MEE3NzlCRjAw
RkNGOTYxMjU2ODcwMEFFQjdBNDUwQjZFOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCo8cntZtqhKkb/R56h+Imf1jeBqIlEVaJBVzDo99FrSZcg7bY
Qqggl6Nwn0RdE1lJJF1Xz7orXdU0NxWe5DqvoP5mF/zeha8qZaty0AFfY5H5nnak
h78Fyvdjpto5B2lYkHndZBVcQkxTaEIiwrf0aVIYPBLbXrZvOMp81p4KYbXjmnQf
MJjsKq/NVj6TyZYDNq85+0jJYR9s1JAliPvrt4/7JnG3whSbj7t8h0z26g7SXO2A
9Qu/dN3Ci4UgQWzRMiWpR2WWg/AVk3FZGDJsNdcSSzUpwOrzqQVv9MkMekjlHXAa
HzdUw33g7HDkoin93ripClNEzlcpZ9xGRvA5AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUaLtwp3m/APz5YSVocArrekULbpMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2FMdHdwM21fQVB6NVlT
Vm9jQXJyZWtVTGJwTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAIJqiVQVK5o7o7ofhyv5W3nhgTOF67QZ
FbzEYBP+mnr5YRHGYsP40kzCurmC/T6/+bwqe5epKfMCRio8K9EOYd9/1lWvupQR
gz9S+gnOkMDxpoUIFZ1B5pZFxSiJL+tqAgps2DOYJq9plIeejtjgzjwP79J4GmWY
B9pjsE2ZzgGuJ/OeYpzRQ0WSTJ64fM72nPVlAR94LW14bTFK3hMgCOEFm3Uvluzr
yTMm/mza5LhWH52hH2SikDQx8pxXAyW0Hxf7H56kDtuZdIgs1HXxOdjc+B90QMuJ
f8YgUhiKFen+PEPtRLVb001VkvlOAjFmBurW7S1VmQb71cEYd6eL/LY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:34 2024 by rpki-client on console-fra.rpki-client.org