Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/caHaCFvP15n4ZMRRyfFlLHWWDSE.roa
File: caHaCFvP15n4ZMRRyfFlLHWWDSE.roa (raw, json)
Hash identifier: lG6XVS3hC9i9n4Ht9mshm8gwZ3ggjePD2M/qpCBO4sc=
Subject key identifier: 71:A1:DA:08:5B:CF:D7:99:F8:64:C4:51:C9:F1:65:2C:75:96:0D:21
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4F2F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/caHaCFvP15n4ZMRRyfFlLHWWDSE.roa
Signing time: Sat 04 May 2024 03:53:48 +0000
ROA not before: Sat 04 May 2024 03:53:48 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20271 (0x4f2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 4 03:53:48 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=71A1DA085BCFD799F864C451C9F1652C75960D21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:3d:c4:59:af:fa:2e:24:fb:8d:54:97:95:1a:
55:ab:d3:33:a4:bd:a8:d7:b3:00:4a:46:45:9f:b2:
27:2a:61:fe:d9:95:93:e4:5f:75:0f:b5:a1:dd:cf:
57:48:1c:e0:5e:fe:05:7f:7a:f0:10:97:9a:f0:4c:
3b:12:d1:9d:d9:39:52:f4:83:dc:e6:71:fe:3c:46:
4f:12:f8:f3:35:93:ba:0a:15:ce:52:65:71:20:d3:
02:c0:8a:b5:7f:e1:71:b5:94:58:bd:03:75:2d:41:
4e:e4:fd:9f:cc:3a:da:cf:ca:f5:d7:0a:70:02:75:
40:5c:d6:fc:4e:a1:fe:35:34:f1:41:41:93:c0:bd:
c9:42:3c:f4:6d:4f:df:98:27:0e:69:a6:1d:ac:f3:
9a:fa:73:5f:90:8d:d2:64:51:11:2d:07:27:82:83:
cf:3a:ca:ba:2a:05:2d:76:3f:d5:64:38:5b:4d:38:
3f:98:d5:44:45:33:c7:dd:cb:f9:45:08:7f:0c:26:
2a:3e:f2:12:cf:89:b2:21:14:40:ec:15:97:99:ae:
54:d4:34:9e:78:af:14:96:3b:65:8f:86:1b:a2:90:
fb:35:b4:d9:5a:41:84:40:c4:8a:a2:72:33:63:62:
fb:4a:db:d1:be:76:b4:ef:96:cd:32:40:0b:2d:fb:
b9:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:A1:DA:08:5B:CF:D7:99:F8:64:C4:51:C9:F1:65:2C:75:96:0D:21
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/caHaCFvP15n4ZMRRyfFlLHWWDSE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
61:eb:79:db:fd:76:66:53:af:16:e9:34:52:ad:70:dc:ba:be:
36:29:ec:3a:69:7f:d7:d7:4f:3a:a8:cc:3c:e5:6a:b2:05:80:
79:88:f7:06:34:d5:7b:33:3b:1b:95:fc:dc:a7:a7:5f:73:f3:
7e:fb:ee:78:6d:e2:0b:3c:b4:bc:30:ac:9a:bf:3b:14:03:81:
ef:a3:fb:11:55:48:79:4a:7f:0b:23:e0:80:ae:81:b3:69:eb:
71:23:a4:3d:81:ec:84:bd:9d:dd:fe:1c:4b:17:e5:50:a0:a4:
92:4d:a2:40:20:6d:4d:ba:2f:53:94:3c:65:00:eb:c7:35:7c:
4e:74:7e:01:4a:44:12:69:02:1f:b7:fc:c1:2e:f3:a3:bf:32:
88:4c:f6:82:78:53:ec:ec:d2:70:59:6b:fe:11:d0:2a:dc:ef:
c2:c1:20:c1:86:c1:a8:b7:b3:f4:5b:82:62:98:8d:ac:a4:8a:
c4:17:9b:ca:a6:f9:a1:34:1e:d5:a6:d1:93:23:b2:74:84:ef:
16:cc:59:6a:73:42:7f:36:63:05:4c:d7:73:f5:a1:ae:47:f7:
92:36:7c:d9:c6:51:2a:56:e1:77:9a:1e:da:c3:b3:ff:e0:2f:
60:f5:7e:ec:7d:d0:4b:21:26:d2:30:85:72:fb:42:06:02:4c:
8b:9b:0e:05
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTy8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDQw
MzUzNDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDcxQTFEQTA4NUJDRkQ3
OTlGODY0QzQ1MUM5RjE2NTJDNzU5NjBEMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfPcRZr/ouJPuNVJeVGlWr0zOkvajXswBKRkWfsicqYf7ZlZPk
X3UPtaHdz1dIHOBe/gV/evAQl5rwTDsS0Z3ZOVL0g9zmcf48Rk8S+PM1k7oKFc5S
ZXEg0wLAirV/4XG1lFi9A3UtQU7k/Z/MOtrPyvXXCnACdUBc1vxOof41NPFBQZPA
vclCPPRtT9+YJw5pph2s85r6c1+QjdJkUREtByeCg886yroqBS12P9VkOFtNOD+Y
1URFM8fdy/lFCH8MJio+8hLPibIhFEDsFZeZrlTUNJ54rxSWO2WPhhuikPs1tNla
QYRAxIqicjNjYvtK29G+drTvls0yQAst+7mdAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUcaHaCFvP15n4ZMRRyfFlLHWWDSEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2NhSGFDRnZQMTVuNFpN
UlJ5ZkZsTEhXV0RTRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAGHredv9dmZTrxbpNFKtcNy6vjYp7Dpp
f9fXTzqozDzlarIFgHmI9wY01XszOxuV/Nynp19z83777nht4gs8tLwwrJq/OxQD
ge+j+xFVSHlKfwsj4ICugbNp63EjpD2B7IS9nd3+HEsX5VCgpJJNokAgbU26L1OU
PGUA68c1fE50fgFKRBJpAh+3/MEu86O/MohM9oJ4U+zs0nBZa/4R0Crc78LBIMGG
wai3s/RbgmKYjaykisQXm8qm+aE0HtWm0ZMjsnSE7xbMWWpzQn82YwVM13P1oa5H
95I2fNnGUSpW4XeaHtrDs//gL2D1fux90EshJtIwhXL7QgYCTIubDgU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:36 2024 by rpki-client on console-fra.rpki-client.org