Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/bsTvfL88OlxHGQnbce9MbyVoO64.roa
File: bsTvfL88OlxHGQnbce9MbyVoO64.roa (raw, json)
Hash identifier: b8DQb2LNlCo6MZgXTu3y+TsykD+L3PEs33qsshExqN4=
Subject key identifier: 6E:C4:EF:7C:BF:3C:3A:5C:47:19:09:DB:71:EF:4C:6F:25:68:3B:AE
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 428B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/bsTvfL88OlxHGQnbce9MbyVoO64.roa
Signing time: Wed 17 Apr 2024 07:23:26 +0000
ROA not before: Wed 17 Apr 2024 07:23:26 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17035 (0x428b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 17 07:23:26 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6EC4EF7CBF3C3A5C471909DB71EF4C6F25683BAE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ab:96:04:5a:ee:24:f4:c2:91:81:e2:6f:98:
08:2c:8a:d4:9c:9a:2c:fa:61:6f:83:01:0c:af:05:
71:3b:ae:fa:cf:29:e8:17:56:18:7f:ed:56:9c:29:
48:a4:22:ad:9d:2b:a1:b4:d7:85:6e:50:4e:0f:a1:
f8:dd:dc:64:39:98:13:38:d4:c0:de:84:85:25:db:
d4:24:c9:95:3b:4a:4b:74:fe:91:33:5f:0c:b0:1d:
f7:1a:17:c1:89:d2:c3:8d:70:64:87:bd:9a:86:78:
ff:28:0c:6b:f5:dc:4a:9c:62:53:56:37:65:d2:87:
49:a0:e0:bf:78:c9:4a:da:1a:95:0d:4e:b9:c9:5e:
9b:64:1e:e4:54:56:33:d0:6f:ad:cd:cb:48:cb:02:
cb:df:df:35:d0:db:32:10:51:3a:37:64:b6:f2:dc:
73:3b:39:5e:db:87:7b:36:73:29:c1:46:3b:e1:a2:
29:bd:43:de:5e:43:c4:69:bc:e2:28:23:68:0b:54:
1b:20:b7:a7:58:74:4f:a4:1f:f0:9e:3a:27:b3:88:
3c:f3:b9:de:6f:a1:72:98:66:7d:ee:3e:9f:d4:ff:
f1:60:2d:af:58:41:51:4f:2b:d6:62:0f:96:f5:2e:
7c:80:75:b1:97:84:02:72:da:7d:1c:92:40:78:91:
d7:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:C4:EF:7C:BF:3C:3A:5C:47:19:09:DB:71:EF:4C:6F:25:68:3B:AE
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/bsTvfL88OlxHGQnbce9MbyVoO64.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
35:a8:a6:3e:a2:2d:15:08:58:1d:cf:52:dd:0c:b6:71:f5:d4:
ce:a2:30:9f:0b:ae:9d:42:c8:f2:0f:e8:7d:e4:6d:37:a9:c4:
73:a4:98:08:36:3a:2a:80:02:47:e7:41:af:9a:c5:7e:9d:f3:
c7:7a:cb:42:b3:ca:c3:e5:16:0e:a6:54:c2:ab:bb:3e:89:05:
bf:42:4e:00:06:f1:43:de:81:e4:a5:28:db:0a:59:de:00:43:
e8:10:1f:f8:5a:a5:a4:46:0b:e9:83:d2:a1:3e:6a:ea:54:c0:
20:de:f5:58:14:65:27:a5:10:bf:4e:7f:b6:d1:69:7d:59:05:
19:74:40:a1:17:7c:7b:77:8c:b2:61:e3:a9:de:26:99:6b:39:
fc:71:f8:37:50:66:b5:32:91:3e:9b:3f:b9:b1:5b:ca:12:02:
90:46:21:14:49:26:d9:4a:f8:a1:ea:f4:a0:d5:58:74:70:1b:
04:25:9d:ed:ca:65:0d:e4:a0:04:61:a3:c3:a9:07:be:ec:23:
14:0f:f6:86:a8:a4:5f:40:70:32:08:e1:67:f8:f3:f7:ae:3f:
28:e1:ba:1d:ff:35:4b:64:74:d6:ee:6e:87:3a:81:31:e4:ff:
44:c1:52:f2:a8:ec:83:b4:86:14:dd:a1:ef:94:fd:90:4d:36:
e4:8a:ce:67
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQoswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTcw
NzIzMjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZFQzRFRjdDQkYzQzNB
NUM0NzE5MDlEQjcxRUY0QzZGMjU2ODNCQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0q5YEWu4k9MKRgeJvmAgsitScmiz6YW+DAQyvBXE7rvrPKegX
Vhh/7VacKUikIq2dK6G014VuUE4Pofjd3GQ5mBM41MDehIUl29QkyZU7Skt0/pEz
XwywHfcaF8GJ0sONcGSHvZqGeP8oDGv13EqcYlNWN2XSh0mg4L94yUraGpUNTrnJ
XptkHuRUVjPQb63Ny0jLAsvf3zXQ2zIQUTo3ZLby3HM7OV7bh3s2cynBRjvhoim9
Q95eQ8RpvOIoI2gLVBsgt6dYdE+kH/CeOieziDzzud5voXKYZn3uPp/U//FgLa9Y
QVFPK9ZiD5b1LnyAdbGXhAJy2n0ckkB4kdfpAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUbsTvfL88OlxHGQnbce9MbyVoO64wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2JzVHZmTDg4T2x4SEdR
bmJjZTlNYnlWb082NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBADWopj6iLRUIWB3PUt0MtnH11M6iMJ8L
rp1CyPIP6H3kbTepxHOkmAg2OiqAAkfnQa+axX6d88d6y0KzysPlFg6mVMKruz6J
Bb9CTgAG8UPegeSlKNsKWd4AQ+gQH/hapaRGC+mD0qE+aupUwCDe9VgUZSelEL9O
f7bRaX1ZBRl0QKEXfHt3jLJh46neJplrOfxx+DdQZrUykT6bP7mxW8oSApBGIRRJ
JtlK+KHq9KDVWHRwGwQlne3KZQ3koARho8OpB77sIxQP9oaopF9AcDII4Wf48/eu
Pyjhuh3/NUtkdNbuboc6gTHk/0TBUvKo7IO0hhTdoe+U/ZBNNuSKzmc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:35 2024 by rpki-client on console-fra.rpki-client.org