Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/aTDHhWlYvk_eHj_U2_Ug_3HCP5I.roa
File: aTDHhWlYvk_eHj_U2_Ug_3HCP5I.roa (raw, json)
Hash identifier: JX2em1N4ck1nCrnXN1k44jV46GZwhp/pgJli/tCiIsY=
Subject key identifier: 69:30:C7:85:69:58:BE:4F:DE:1E:3F:D4:DB:F5:20:FF:71:C2:3F:92
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3B27
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/aTDHhWlYvk_eHj_U2_Ug_3HCP5I.roa
Signing time: Sun 07 Apr 2024 10:52:31 +0000
ROA not before: Sun 07 Apr 2024 10:52:31 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15143 (0x3b27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 7 10:52:31 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6930C7856958BE4FDE1E3FD4DBF520FF71C23F92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:28:df:d6:fc:6c:8f:26:0b:e5:80:6a:1b:5a:
a6:0e:84:20:24:20:89:18:44:af:82:80:b5:06:88:
c0:b9:7d:de:2f:47:53:7d:cf:8d:49:ca:69:f9:6f:
fc:c2:c8:f8:dd:f3:5e:82:63:5c:d9:d7:43:7f:a0:
28:9a:99:bb:6d:7d:82:f0:e8:c1:bf:80:6c:18:5c:
13:c1:2c:7c:c0:c9:16:45:d1:72:cb:b7:7c:d8:c5:
21:8e:24:e9:40:09:3f:76:d7:38:e2:77:2f:78:5f:
47:ea:a7:83:0a:c8:fb:98:00:96:eb:bb:33:9a:66:
63:13:06:28:ad:d9:0c:2d:c2:3b:ef:1e:ce:7c:0b:
9c:13:73:94:c2:ed:53:12:d7:c7:c0:8f:8a:f2:b6:
12:80:08:df:06:2e:40:22:4a:0a:58:7d:a5:b8:8e:
50:17:65:dd:67:64:0c:f1:a2:28:3a:c7:0b:79:bb:
8c:eb:6c:2b:21:c1:25:70:d2:0c:3c:17:4e:e6:eb:
35:c2:a2:ce:78:97:f6:44:d5:d4:67:e7:ab:a2:1f:
d2:5b:e9:36:17:15:2a:a2:78:7d:e0:da:27:31:63:
cf:42:41:ff:ea:4b:17:be:ce:00:b2:b9:3f:c5:d6:
36:82:33:03:24:60:92:27:d7:e9:cc:b6:84:84:ca:
ea:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:30:C7:85:69:58:BE:4F:DE:1E:3F:D4:DB:F5:20:FF:71:C2:3F:92
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/aTDHhWlYvk_eHj_U2_Ug_3HCP5I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
5b:ce:cf:00:b9:e4:6d:b0:74:78:27:a2:18:b3:68:af:86:0e:
56:0c:7c:bf:33:dd:2b:5a:75:1f:6c:2c:4f:10:b2:1a:9a:84:
51:d4:de:94:98:72:bc:15:43:5e:80:cb:7e:5e:bc:74:26:ce:
08:32:b3:68:2b:4b:f5:43:46:bb:37:96:54:37:8d:ff:ab:97:
fa:b7:51:25:5d:cd:12:5a:9a:21:da:d3:be:25:f6:59:8f:90:
47:02:54:f6:7b:39:44:ae:dc:79:0a:e9:74:80:c2:11:1d:e7:
21:85:e1:75:2c:19:70:78:6d:56:64:f0:e9:d6:4b:ea:86:0d:
89:9c:84:46:cf:be:9b:56:01:58:b0:e0:bc:2a:04:43:66:d7:
be:8a:d8:06:40:54:96:fb:d1:2e:56:b9:ce:3a:4a:e9:8d:cc:
25:01:e3:8a:2c:74:1b:25:c8:89:4b:0b:80:55:a1:b9:4d:a1:
c4:8a:db:44:1b:eb:2a:bd:2c:61:14:b4:8d:ad:cd:ea:57:93:
db:c0:14:41:1f:72:a2:93:e1:cc:7e:03:f1:16:a4:c8:92:c1:
95:1c:8e:19:c7:6d:b3:a6:40:fa:4a:a5:7c:d8:68:18:6a:7f:
fc:13:ac:e5:6e:fe:b1:0d:e7:e2:01:11:64:97:df:e1:29:04:
e4:ae:87:57
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICOycwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDcx
MDUyMzFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY5MzBDNzg1Njk1OEJF
NEZERTFFM0ZENERCRjUyMEZGNzFDMjNGOTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6KN/W/GyPJgvlgGobWqYOhCAkIIkYRK+CgLUGiMC5fd4vR1N9
z41Jymn5b/zCyPjd816CY1zZ10N/oCiambttfYLw6MG/gGwYXBPBLHzAyRZF0XLL
t3zYxSGOJOlACT921zjidy94X0fqp4MKyPuYAJbruzOaZmMTBiit2QwtwjvvHs58
C5wTc5TC7VMS18fAj4rythKACN8GLkAiSgpYfaW4jlAXZd1nZAzxoig6xwt5u4zr
bCshwSVw0gw8F07m6zXCos54l/ZE1dRn56uiH9Jb6TYXFSqieH3g2icxY89CQf/q
Sxe+zgCyuT/F1jaCMwMkYJIn1+nMtoSEyuovAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUaTDHhWlYvk/eHj/U2/Ug/3HCP5IwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2FUREhoV2xZdmtfZUhq
X1UyX1VnXzNIQ1A1SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFvOzwC55G2wdHgnohizaK+GDlYMfL8z
3StadR9sLE8QshqahFHU3pSYcrwVQ16Ay35evHQmzggys2grS/VDRrs3llQ3jf+r
l/q3USVdzRJamiHa074l9lmPkEcCVPZ7OUSu3HkK6XSAwhEd5yGF4XUsGXB4bVZk
8OnWS+qGDYmchEbPvptWAViw4LwqBENm176K2AZAVJb70S5Wuc46SumNzCUB44os
dBslyIlLC4BVoblNocSK20Qb6yq9LGEUtI2tzepXk9vAFEEfcqKT4cx+A/EWpMiS
wZUcjhnHbbOmQPpKpXzYaBhqf/wTrOVu/rEN5+IBEWSX3+EpBOSuh1c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:53 2024 by rpki-client on console-ams.rpki-client.org