Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/bUz9Hj0-fLu-o3eaUDLQvhu9qm0.roa
File: bUz9Hj0-fLu-o3eaUDLQvhu9qm0.roa (raw, json)
Hash identifier: A+sly8YsgffDHQz4+F848gqmR+nQzqGFB7CpmSFz440=
Subject key identifier: 6D:4C:FD:1E:3D:3E:7C:BB:BE:A3:77:9A:50:32:D0:BE:1B:BD:AA:6D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 40CB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/bUz9Hj0-fLu-o3eaUDLQvhu9qm0.roa
Signing time: Sun 14 Apr 2024 23:22:55 +0000
ROA not before: Sun 14 Apr 2024 23:22:55 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16587 (0x40cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 23:22:55 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6D4CFD1E3D3E7CBBBEA3779A5032D0BE1BBDAA6D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:05:1b:7e:83:aa:4a:12:e7:be:a7:98:97:8c:
52:db:2c:fe:23:2e:01:c6:7c:14:25:ee:6f:a2:d9:
f4:8c:59:58:e3:45:32:14:f7:ca:83:ca:9b:f4:ae:
de:7d:de:27:3f:a5:36:60:66:01:1d:8c:3d:c8:59:
20:11:a3:55:67:4f:f6:0a:64:b5:dd:86:b0:f0:9b:
65:8e:fe:0c:e3:3e:04:94:bd:83:5d:53:cd:16:c3:
e8:f5:a5:2b:55:f9:2d:eb:77:f9:8a:24:38:a6:28:
fd:b5:57:30:d0:df:4c:15:1e:0a:5f:67:5f:d5:89:
bc:67:98:6c:36:69:08:a1:24:ae:0e:d1:55:c2:7f:
d4:74:b3:66:91:9b:b6:37:9d:5c:bd:0e:1c:d7:13:
84:81:ce:f1:9f:47:62:bf:79:96:3b:34:7d:cf:35:
0d:60:32:54:97:59:39:91:2c:43:54:4d:f0:1b:e0:
43:34:29:8f:c9:25:12:dc:be:59:81:2e:88:0a:cb:
39:28:1e:8e:df:70:0c:42:b9:da:97:d5:46:9a:31:
60:34:8c:5d:a1:3e:b1:23:b4:c2:17:34:a5:b4:15:
11:10:ed:41:66:31:11:18:e2:29:21:fd:45:9b:2d:
92:3a:73:0e:2b:a4:ec:ea:0c:9b:5c:85:22:c2:24:
c9:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:4C:FD:1E:3D:3E:7C:BB:BE:A3:77:9A:50:32:D0:BE:1B:BD:AA:6D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/bUz9Hj0-fLu-o3eaUDLQvhu9qm0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
5b:7e:88:21:80:b8:0f:10:3e:a4:4c:1c:3f:e9:f1:92:db:23:
18:85:5b:ba:d5:85:04:01:d2:5d:5b:2f:c8:ef:36:08:42:3a:
ae:43:28:dc:3f:57:d4:a8:10:00:d8:8c:04:3d:ce:e2:c8:93:
97:c3:cf:ee:94:10:6c:07:8f:da:2f:1a:38:51:ed:0f:48:44:
93:9c:6d:1c:4d:e2:ba:a6:9e:82:99:9c:d8:c0:81:ea:a7:79:
04:9c:cd:a2:40:c4:dc:94:18:02:03:7d:48:8b:2a:de:4f:c4:
0c:75:2b:5d:5d:d7:4f:d2:86:19:dc:a0:65:61:d8:ea:76:5a:
f8:06:a7:8a:89:76:b7:0d:95:bb:1f:6a:2c:2e:5c:3f:48:14:
9c:f7:f2:ff:b2:ea:c0:bb:de:fa:34:58:5e:84:5d:44:df:2d:
14:d8:c2:e0:5a:8d:22:24:0a:34:31:49:8b:55:2d:69:40:4a:
30:9d:40:ee:4d:6a:a9:7f:c4:d2:60:6b:dc:14:1d:aa:bd:cd:
f3:28:79:39:41:66:5f:44:ea:1a:3c:7b:db:69:cf:61:40:b7:
c7:ce:bd:85:1b:59:6b:82:8f:11:3b:9d:83:f8:b3:52:a0:03:
e5:97:9e:45:7b:1c:e1:a3:ea:8e:65:6e:5d:e3:94:9f:6a:b5:
df:f8:dd:58
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQMswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQy
MzIyNTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZENENGRDFFM0QzRTdD
QkJCRUEzNzc5QTUwMzJEMEJFMUJCREFBNkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFBRt+g6pKEue+p5iXjFLbLP4jLgHGfBQl7m+i2fSMWVjjRTIU
98qDypv0rt593ic/pTZgZgEdjD3IWSARo1VnT/YKZLXdhrDwm2WO/gzjPgSUvYNd
U80Ww+j1pStV+S3rd/mKJDimKP21VzDQ30wVHgpfZ1/VibxnmGw2aQihJK4O0VXC
f9R0s2aRm7Y3nVy9DhzXE4SBzvGfR2K/eZY7NH3PNQ1gMlSXWTmRLENUTfAb4EM0
KY/JJRLcvlmBLogKyzkoHo7fcAxCudqX1UaaMWA0jF2hPrEjtMIXNKW0FREQ7UFm
MREY4ikh/UWbLZI6cw4rpOzqDJtchSLCJMlJAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUbUz9Hj0+fLu+o3eaUDLQvhu9qm0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2JVejlIajAtZkx1LW8z
ZWFVRExRdmh1OXFtMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFt+iCGAuA8QPqRMHD/p8ZLbIxiFW7rV
hQQB0l1bL8jvNghCOq5DKNw/V9SoEADYjAQ9zuLIk5fDz+6UEGwHj9ovGjhR7Q9I
RJOcbRxN4rqmnoKZnNjAgeqneQSczaJAxNyUGAIDfUiLKt5PxAx1K11d10/Shhnc
oGVh2Op2WvgGp4qJdrcNlbsfaiwuXD9IFJz38v+y6sC73vo0WF6EXUTfLRTYwuBa
jSIkCjQxSYtVLWlASjCdQO5Naql/xNJga9wUHaq9zfMoeTlBZl9E6ho8e9tpz2FA
t8fOvYUbWWuCjxE7nYP4s1KgA+WXnkV7HOGj6o5lbl3jlJ9qtd/43Vg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:35 2024 by rpki-client on console-fra.rpki-client.org