Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/cwl2vz8HNpyFl4E_4idNkoISskM.roa
File: cwl2vz8HNpyFl4E_4idNkoISskM.roa (raw, json)
Hash identifier: xF0XILUhT1VlYYbSWWqTRpCz3vdapSbpJxrxeuXtfkI=
Subject key identifier: 73:09:76:BF:3F:07:36:9C:85:97:81:3F:E2:27:4D:92:82:12:B2:43
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3F3F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/cwl2vz8HNpyFl4E_4idNkoISskM.roa
Signing time: Fri 12 Apr 2024 21:52:50 +0000
ROA not before: Fri 12 Apr 2024 21:52:50 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16191 (0x3f3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 12 21:52:50 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=730976BF3F07369C8597813FE2274D928212B243
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ce:b4:4c:5d:9a:1d:23:6e:4b:e1:95:e7:94:
b0:f5:19:ec:b6:c3:db:16:66:d1:30:fb:39:21:27:
a2:71:74:54:4c:a8:dd:45:c2:e6:89:7b:db:28:99:
0c:be:d3:70:6e:0e:96:9d:22:f3:0d:c5:de:5d:67:
83:69:e2:eb:96:38:12:ae:4c:59:e7:1d:ed:28:06:
94:42:52:c8:ae:fd:7a:9b:39:76:1c:76:eb:6e:b7:
b5:73:3b:09:46:cc:5f:56:11:ac:e2:4f:fe:cd:d3:
3b:3f:1d:95:2f:97:7c:e5:ff:45:d0:72:66:d4:38:
11:59:e5:7a:99:49:7c:46:6e:3c:f1:6d:c9:59:b3:
47:cd:35:ea:3b:36:30:64:d8:bc:1e:f7:67:6b:92:
2c:21:3d:ce:80:14:fe:51:64:f9:3e:06:95:18:57:
3d:2a:f0:83:e3:93:af:22:b2:13:12:da:dc:99:c8:
20:b0:32:76:38:25:4d:3a:14:c4:78:c9:f6:c1:c3:
af:da:c0:c8:d9:47:49:18:41:b4:e9:79:32:42:b1:
b9:84:18:8d:9a:8e:f6:3d:60:6c:9d:bb:f3:25:ce:
06:b4:5a:88:2f:5b:c0:cc:e2:d9:21:6b:d2:dd:ba:
bc:12:ad:be:68:2b:5d:ad:3d:63:f5:a9:6d:c0:ff:
b7:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:09:76:BF:3F:07:36:9C:85:97:81:3F:E2:27:4D:92:82:12:B2:43
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/cwl2vz8HNpyFl4E_4idNkoISskM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
4c:c4:0f:cc:ff:25:49:ee:88:7e:04:4b:97:51:54:12:80:22:
9a:d3:27:97:d3:fe:3c:e5:87:9b:db:7f:40:a1:57:49:74:d7:
0e:fb:7e:7f:a4:a0:89:26:8a:b6:8c:bd:ff:86:07:0c:c0:47:
6b:02:51:34:b5:2a:a5:eb:0b:f8:ef:ef:ca:ae:fe:38:82:0c:
72:46:80:5f:0d:b3:81:9a:24:ef:a7:a2:9d:3c:0b:aa:2e:9c:
11:cd:1d:07:e8:a0:f3:b2:4f:27:80:6c:fe:5b:3e:7e:37:6e:
5e:64:11:b2:9e:fe:42:49:06:6c:f5:08:28:a4:3c:ce:40:6e:
80:fa:f7:59:54:8d:f2:32:0e:bc:eb:01:5c:77:43:35:fb:f6:
b2:fb:0a:1e:10:71:0c:16:94:39:4c:e1:8d:51:31:df:fb:c3:
a9:ce:87:a2:6f:49:51:43:10:c5:e1:fc:90:53:44:83:17:e5:
8b:ca:fc:b8:e9:56:8f:cb:32:c8:2b:c4:28:74:80:27:c2:e4:
7e:7c:ea:86:52:61:3b:65:38:62:60:bd:b4:d7:da:3a:18:99:
08:ad:61:38:af:63:14:af:0d:f0:b5:ef:55:b9:39:e9:aa:93:
03:ff:d5:74:f9:9e:a1:9d:75:af:ca:37:dd:1a:ca:ed:e2:cf:
62:54:db:e2
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPz8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTIy
MTUyNTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDczMDk3NkJGM0YwNzM2
OUM4NTk3ODEzRkUyMjc0RDkyODIxMkIyNDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCzrRMXZodI25L4ZXnlLD1Gey2w9sWZtEw+zkhJ6JxdFRMqN1F
wuaJe9somQy+03BuDpadIvMNxd5dZ4Np4uuWOBKuTFnnHe0oBpRCUsiu/XqbOXYc
dutut7VzOwlGzF9WEaziT/7N0zs/HZUvl3zl/0XQcmbUOBFZ5XqZSXxGbjzxbclZ
s0fNNeo7NjBk2Lwe92drkiwhPc6AFP5RZPk+BpUYVz0q8IPjk68ishMS2tyZyCCw
MnY4JU06FMR4yfbBw6/awMjZR0kYQbTpeTJCsbmEGI2ajvY9YGydu/Mlzga0Wogv
W8DM4tkha9LdurwSrb5oK12tPWP1qW3A/7dzAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUcwl2vz8HNpyFl4E/4idNkoISskMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2N3bDJ2ejhITnB5Rmw0
RV80aWROa29JU3NrTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAEzED8z/JUnuiH4ES5dRVBKAIprTJ5fT
/jzlh5vbf0ChV0l01w77fn+koIkmiraMvf+GBwzAR2sCUTS1KqXrC/jv78qu/jiC
DHJGgF8Ns4GaJO+nop08C6ounBHNHQfooPOyTyeAbP5bPn43bl5kEbKe/kJJBmz1
CCikPM5AboD691lUjfIyDrzrAVx3QzX79rL7Ch4QcQwWlDlM4Y1RMd/7w6nOh6Jv
SVFDEMXh/JBTRIMX5YvK/LjpVo/LMsgrxCh0gCfC5H586oZSYTtlOGJgvbTX2joY
mQitYTivYxSvDfC171W5OemqkwP/1XT5nqGdda/KN90ayu3iz2JU2+I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:36 2024 by rpki-client on console-fra.rpki-client.org