Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/baquFGCXPqPPBv-efhaUEs0tQFk.roa
File: baquFGCXPqPPBv-efhaUEs0tQFk.roa (raw, json)
Hash identifier: Zyq5Jrgu+kOodIaL5H0WsjbAY7jDU/axlWavLtmamsc=
Subject key identifier: 6D:AA:AE:14:60:97:3E:A3:CF:06:FF:9E:7E:16:94:12:CD:2D:40:59
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 355B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/baquFGCXPqPPBv-efhaUEs0tQFk.roa
Signing time: Sat 30 Mar 2024 17:22:09 +0000
ROA not before: Sat 30 Mar 2024 17:22:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13659 (0x355b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 17:22:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6DAAAE1460973EA3CF06FF9E7E169412CD2D4059
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5e:18:df:6f:bf:50:d5:bd:bd:79:ad:1b:9e:
20:3b:c8:82:86:19:0b:82:83:3a:fe:d4:6e:72:3e:
5e:28:5b:2b:17:80:4b:96:31:a6:33:55:75:9d:03:
91:57:c3:d4:3f:87:4b:84:e7:b0:f8:46:39:14:e7:
2c:98:07:fa:5a:22:29:bd:fd:e2:12:22:e7:61:ee:
05:76:79:45:1f:1a:74:35:54:eb:50:c4:40:bb:ed:
c2:e8:20:3a:d0:e5:39:31:f2:c0:9f:9f:28:52:9a:
78:dd:f9:7d:61:01:1a:c1:a8:d6:a9:d0:2a:dc:ea:
5f:b6:16:55:a6:91:b9:92:dd:0d:90:ff:22:20:40:
25:77:ca:d8:17:ba:d6:48:c8:85:cc:65:6b:cf:18:
7c:0b:2e:8c:b8:35:51:64:8e:da:1d:22:25:6e:30:
1d:7c:09:d3:b4:e7:1d:a1:de:1d:f5:c3:a1:a7:b5:
9b:b9:15:d3:7c:29:1a:31:17:b7:48:dd:b6:f8:ff:
9e:e1:40:d2:1c:19:46:c5:55:55:7d:c8:35:24:06:
08:6c:46:a8:2c:6a:ec:98:1f:d2:57:eb:5a:15:bd:
35:7e:ca:be:4b:68:02:6e:4c:cd:b4:b9:ac:73:15:
7b:b2:ff:a6:5e:cc:9d:eb:0d:01:6f:fd:db:3b:a3:
46:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:AA:AE:14:60:97:3E:A3:CF:06:FF:9E:7E:16:94:12:CD:2D:40:59
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/baquFGCXPqPPBv-efhaUEs0tQFk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
4f:e1:a7:ec:40:2c:e0:77:3b:ce:83:a1:30:54:17:cb:ce:80:
f5:06:d2:05:af:bc:c8:73:18:44:70:36:9a:48:b0:88:98:1c:
4f:ee:4f:82:57:17:2f:ee:20:fa:83:a4:50:8b:7f:7e:a4:28:
39:fa:2b:42:0e:79:66:2d:30:b9:39:6f:4a:08:a6:ab:ea:5c:
4f:37:36:2f:56:89:23:ce:53:be:82:7c:4e:da:d1:8d:07:a8:
24:9d:fa:e1:76:9d:19:6d:28:19:a2:b6:00:22:da:69:2f:7f:
81:ab:ad:8f:50:11:3e:7b:83:af:b4:36:6a:69:99:e9:64:b2:
71:56:35:4f:0e:2d:d2:c4:ac:77:09:d4:23:61:1b:75:6e:1f:
f7:24:de:8d:c8:fb:2f:98:d5:6f:dc:9f:95:ff:c5:36:86:ec:
1f:4f:6d:c2:42:5c:8e:1a:af:1f:94:1f:40:66:f1:44:cd:45:
f2:ae:d3:e2:35:46:ed:80:bc:e6:bf:80:2b:26:d0:ec:66:58:
e3:52:f5:73:46:ee:11:93:24:02:7f:11:57:b5:92:6e:24:7f:
dc:dd:95:e9:ec:69:9c:54:7a:75:41:ee:ef:2d:11:53:da:ed:
52:bc:08:5d:7e:ab:80:d8:b8:d0:d0:58:1e:44:f5:18:5f:24:
c6:d4:1b:19
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNVswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAx
NzIyMDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZEQUFBRTE0NjA5NzNF
QTNDRjA2RkY5RTdFMTY5NDEyQ0QyRDQwNTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrXhjfb79Q1b29ea0bniA7yIKGGQuCgzr+1G5yPl4oWysXgEuW
MaYzVXWdA5FXw9Q/h0uE57D4RjkU5yyYB/paIim9/eISIudh7gV2eUUfGnQ1VOtQ
xEC77cLoIDrQ5Tkx8sCfnyhSmnjd+X1hARrBqNap0Crc6l+2FlWmkbmS3Q2Q/yIg
QCV3ytgXutZIyIXMZWvPGHwLLoy4NVFkjtodIiVuMB18CdO05x2h3h31w6GntZu5
FdN8KRoxF7dI3bb4/57hQNIcGUbFVVV9yDUkBghsRqgsauyYH9JX61oVvTV+yr5L
aAJuTM20uaxzFXuy/6ZezJ3rDQFv/ds7o0bJAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUbaquFGCXPqPPBv+efhaUEs0tQFkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2JhcXVGR0NYUHFQUEJ2
LWVmaGFVRXMwdFFGay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAE/hp+xALOB3O86DoTBUF8vOgPUG0gWv
vMhzGERwNppIsIiYHE/uT4JXFy/uIPqDpFCLf36kKDn6K0IOeWYtMLk5b0oIpqvq
XE83Ni9WiSPOU76CfE7a0Y0HqCSd+uF2nRltKBmitgAi2mkvf4GrrY9QET57g6+0
NmppmelksnFWNU8OLdLErHcJ1CNhG3VuH/ck3o3I+y+Y1W/cn5X/xTaG7B9PbcJC
XI4arx+UH0Bm8UTNRfKu0+I1Ru2AvOa/gCsm0OxmWONS9XNG7hGTJAJ/EVe1km4k
f9zdlensaZxUenVB7u8tEVPa7VK8CF1+q4DYuNDQWB5E9RhfJMbUGxk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:55 2024 by rpki-client on console-ams.rpki-client.org