Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/czbHoeUBLGBEWFDqzttVvhqgYtc.roa
File: czbHoeUBLGBEWFDqzttVvhqgYtc.roa (raw, json)
Hash identifier: 7mb6hFuiD2CTFP0+i/EMMKrhmaLxkdqYzgEzAlgtJ0Q=
Subject key identifier: 73:36:C7:A1:E5:01:2C:60:44:58:50:EA:CE:DB:55:BE:1A:A0:62:D7
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3667
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/czbHoeUBLGBEWFDqzttVvhqgYtc.roa
Signing time: Mon 01 Apr 2024 02:52:09 +0000
ROA not before: Mon 01 Apr 2024 02:52:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13927 (0x3667)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 1 02:52:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=7336C7A1E5012C60445850EACEDB55BE1AA062D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a0:6a:13:1e:c1:75:8d:36:67:89:a7:67:eb:
38:b8:ab:96:b4:22:b6:22:0d:61:6b:3c:b0:77:ee:
bf:cb:27:67:fb:da:6a:fe:d6:b6:83:11:85:60:ad:
ef:b5:36:11:14:bd:ba:54:91:4f:85:9e:a0:e8:df:
3d:35:3c:cd:89:d0:c6:5f:5d:71:9e:96:7f:6f:33:
2e:92:6c:97:be:00:e8:73:6c:82:03:cf:92:e5:6f:
62:e1:2c:30:fb:b0:5c:c6:ad:9c:15:7b:46:a2:62:
52:9f:a1:a1:bf:29:d7:52:dc:b5:98:e5:9b:1a:0a:
d9:d3:9a:fe:8c:52:96:f2:77:fc:47:41:af:b8:e7:
49:aa:82:a5:e3:13:d0:16:5d:ff:f7:c7:b8:45:4c:
c2:8a:07:16:38:8d:da:db:e0:37:f5:42:10:65:1b:
c8:94:e2:c7:86:0f:13:66:42:1f:0d:3a:88:ee:7a:
35:e1:98:b6:de:77:ed:5e:18:7a:29:11:69:17:ac:
a7:95:82:92:88:3e:ef:c3:ab:2c:fe:6e:43:a3:94:
0f:ad:0a:b6:02:7b:16:32:8d:88:87:e8:a6:96:62:
3c:96:9e:c4:70:52:79:46:0e:55:ed:2b:08:68:02:
66:81:39:75:fb:5e:3e:70:2a:b9:ac:f6:ad:40:bc:
0c:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:36:C7:A1:E5:01:2C:60:44:58:50:EA:CE:DB:55:BE:1A:A0:62:D7
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/czbHoeUBLGBEWFDqzttVvhqgYtc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
80:9d:ec:a1:d1:e6:51:e9:a6:42:04:bd:d4:87:a8:03:2f:62:
aa:2e:c9:c2:32:bd:96:31:5e:bd:fa:4d:bd:92:0c:95:18:2c:
1d:74:60:e0:38:f0:03:ad:31:bd:e0:d0:7e:b2:d4:8e:a3:59:
11:8d:31:48:11:6b:12:a7:6a:92:c7:81:b5:8a:57:39:c8:0d:
4e:b0:8d:3a:08:a9:ac:ed:33:68:65:29:21:13:d3:ec:e4:12:
50:4d:59:77:70:3d:fe:d8:6a:6d:5a:eb:36:d4:38:c7:94:2d:
6d:41:03:a3:ff:f5:5d:f7:34:85:34:ad:1b:fa:ae:f1:4c:5f:
21:7f:fd:a5:3c:46:18:9b:1b:4d:a3:df:b3:2f:72:a1:69:9f:
29:9d:1a:6c:ec:17:45:7a:be:8e:61:59:b5:41:97:88:80:1c:
4b:ce:8d:4d:7b:2b:93:a8:2a:11:3c:23:2b:b5:77:79:9c:86:
dd:fb:2f:08:57:5f:db:b8:bb:c8:e5:14:9c:13:31:ae:c6:72:
eb:12:78:b8:61:83:b1:99:8b:aa:e2:63:06:66:31:cd:38:06:
c5:38:57:be:c5:da:5c:4e:fc:38:ae:17:3d:40:f6:14:4c:cf:
21:3f:37:82:3b:96:72:22:2e:ae:3d:02:23:06:08:a3:4e:3b:
68:80:c3:ea
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNmcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDEw
MjUyMDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDczMzZDN0ExRTUwMTJD
NjA0NDU4NTBFQUNFREI1NUJFMUFBMDYyRDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvoGoTHsF1jTZniadn6zi4q5a0IrYiDWFrPLB37r/LJ2f72mr+
1raDEYVgre+1NhEUvbpUkU+FnqDo3z01PM2J0MZfXXGeln9vMy6SbJe+AOhzbIID
z5Llb2LhLDD7sFzGrZwVe0aiYlKfoaG/KddS3LWY5ZsaCtnTmv6MUpbyd/xHQa+4
50mqgqXjE9AWXf/3x7hFTMKKBxY4jdrb4Df1QhBlG8iU4seGDxNmQh8NOojuejXh
mLbed+1eGHopEWkXrKeVgpKIPu/Dqyz+bkOjlA+tCrYCexYyjYiH6KaWYjyWnsRw
UnlGDlXtKwhoAmaBOXX7Xj5wKrms9q1AvAzJAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUczbHoeUBLGBEWFDqzttVvhqgYtcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2N6YkhvZVVCTEdCRVdG
RHF6dHRWdmhxZ1l0Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAICd7KHR5lHppkIEvdSHqAMvYqouycIy
vZYxXr36Tb2SDJUYLB10YOA48AOtMb3g0H6y1I6jWRGNMUgRaxKnapLHgbWKVznI
DU6wjToIqaztM2hlKSET0+zkElBNWXdwPf7Yam1a6zbUOMeULW1BA6P/9V33NIU0
rRv6rvFMXyF//aU8RhibG02j37MvcqFpnymdGmzsF0V6vo5hWbVBl4iAHEvOjU17
K5OoKhE8Iyu1d3mcht37LwhXX9u4u8jlFJwTMa7GcusSeLhhg7GZi6riYwZmMc04
BsU4V77F2lxO/DiuFz1A9hRMzyE/N4I7lnIiLq49AiMGCKNOO2iAw+o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:56 2024 by rpki-client on console-ams.rpki-client.org