Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/gBPMKJVqM3-xwdMFJCHlcs-He38.roa
File: gBPMKJVqM3-xwdMFJCHlcs-He38.roa (raw, json)
Hash identifier: 9thTpoSVrpAAZJQL1z076N+8VhlSfqVXYCr5qY0e3W8=
Subject key identifier: 80:13:CC:28:95:6A:33:7F:B1:C1:D3:05:24:21:E5:72:CF:87:7B:7F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4FFB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/gBPMKJVqM3-xwdMFJCHlcs-He38.roa
Signing time: Sun 05 May 2024 05:24:06 +0000
ROA not before: Sun 05 May 2024 05:24:06 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20475 (0x4ffb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 5 05:24:06 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8013CC28956A337FB1C1D3052421E572CF877B7F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:75:6d:e7:c5:e4:d1:46:bc:98:0e:5d:8f:3f:
9a:af:2b:f6:f7:96:b7:f0:e3:0d:79:f0:76:82:5e:
10:4f:37:2c:3b:95:54:e3:25:c4:93:0d:81:56:d6:
21:4e:75:0d:3d:6c:f2:6b:8f:6c:c1:79:f2:f5:07:
6b:5f:a0:2d:f0:c0:b0:9f:35:78:2b:b7:35:73:f9:
85:0d:7c:64:d3:54:fb:aa:df:68:b3:0f:5e:ed:5f:
33:ac:ed:bd:40:42:94:2d:1a:0d:02:d5:9d:27:e8:
ab:3c:1e:40:24:99:e3:16:ae:b8:b3:8e:30:44:fc:
d6:5e:f2:15:34:91:4f:7b:8e:ff:62:e7:1c:60:57:
7a:c5:0a:59:11:69:f9:5d:40:3d:fd:92:99:e6:0c:
9e:9b:99:68:4f:c7:43:cf:97:12:8e:e5:1d:ea:a3:
37:59:9b:7c:d4:de:11:84:d8:ed:bb:02:c6:a2:25:
8a:93:4a:5b:82:b5:5f:5b:3a:30:2e:b9:c9:a1:b8:
ba:ba:79:9b:6b:13:2a:ef:47:1c:8c:72:8d:be:78:
9d:da:6e:44:ec:95:33:fb:bd:03:c8:91:70:34:0a:
fa:34:27:a0:cd:e9:38:d2:46:82:ea:c3:2c:d4:0a:
2b:0b:42:58:05:a1:d0:f3:5b:01:f2:8a:a8:21:f5:
c1:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:13:CC:28:95:6A:33:7F:B1:C1:D3:05:24:21:E5:72:CF:87:7B:7F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/gBPMKJVqM3-xwdMFJCHlcs-He38.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
29:9d:3f:46:88:7e:09:60:0b:3c:6b:18:b9:30:19:36:07:7c:
e3:ed:0c:50:ab:d5:1b:52:4f:9f:20:84:3b:56:a2:38:6f:b4:
e8:cf:cc:0d:03:4a:83:0c:c7:f4:88:cc:71:7d:e2:0f:80:27:
81:53:59:18:0f:5a:c5:8a:a6:60:2d:06:11:0d:36:19:47:c3:
46:91:92:26:1c:88:9f:a0:29:e8:08:e8:6a:9b:79:d0:57:15:
06:4a:2c:11:0b:a7:bd:c4:84:7d:dd:ef:30:dd:6a:7a:e2:27:
e8:f3:dc:58:e8:be:3f:22:14:08:68:18:e4:d0:2e:cb:41:88:
31:9c:6e:d0:aa:02:76:fe:29:5f:d9:69:00:d6:72:b8:82:26:
c0:11:cb:40:e7:a3:42:86:cf:58:01:fb:77:17:3c:fc:a0:0d:
e2:6f:5e:39:85:6a:e7:91:9b:d7:72:ea:c8:5a:b7:fe:8b:6e:
68:6c:a2:39:da:ac:4a:7b:dd:0b:e0:fc:30:14:1c:3c:95:0e:
d7:13:e0:2a:cf:aa:78:8a:58:b4:a4:3b:1f:eb:6d:df:e8:f7:
80:ab:1a:83:b1:7a:a0:6a:d2:19:ae:ea:c9:6f:4e:89:a9:00:
43:45:0d:ce:88:ae:80:73:ab:b2:b8:87:85:6b:37:88:3f:30:
7e:b3:02:bf
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICT/swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDUw
NTI0MDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDgwMTNDQzI4OTU2QTMz
N0ZCMUMxRDMwNTI0MjFFNTcyQ0Y4NzdCN0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCcdW3nxeTRRryYDl2PP5qvK/b3lrfw4w158HaCXhBPNyw7lVTj
JcSTDYFW1iFOdQ09bPJrj2zBefL1B2tfoC3wwLCfNXgrtzVz+YUNfGTTVPuq32iz
D17tXzOs7b1AQpQtGg0C1Z0n6Ks8HkAkmeMWrrizjjBE/NZe8hU0kU97jv9i5xxg
V3rFClkRafldQD39kpnmDJ6bmWhPx0PPlxKO5R3qozdZm3zU3hGE2O27AsaiJYqT
SluCtV9bOjAuucmhuLq6eZtrEyrvRxyMco2+eJ3abkTslTP7vQPIkXA0Cvo0J6DN
6TjSRoLqwyzUCisLQlgFodDzWwHyiqgh9cEXAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUgBPMKJVqM3+xwdMFJCHlcs+He38wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2dCUE1LSlZxTTMteHdk
TUZKQ0hsY3MtSGUzOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBACmdP0aIfglgCzxrGLkwGTYHfOPtDFCr
1RtST58ghDtWojhvtOjPzA0DSoMMx/SIzHF94g+AJ4FTWRgPWsWKpmAtBhENNhlH
w0aRkiYciJ+gKegI6GqbedBXFQZKLBELp73EhH3d7zDdanriJ+jz3Fjovj8iFAho
GOTQLstBiDGcbtCqAnb+KV/ZaQDWcriCJsARy0Dno0KGz1gB+3cXPPygDeJvXjmF
aueRm9dy6shat/6LbmhsojnarEp73Qvg/DAUHDyVDtcT4CrPqniKWLSkOx/rbd/o
94CrGoOxeqBq0hmu6slvTompAENFDc6IroBzq7K4h4VrN4g/MH6zAr8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:39 2024 by rpki-client on console-fra.rpki-client.org