Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/hGZw4vNn3fwQF1TAlxXiXmAPwqo.roa
File: hGZw4vNn3fwQF1TAlxXiXmAPwqo.roa (raw, json)
Hash identifier: 2DR5sNprAluBTCk/Z1EJdCeKW6qlEIWLDAsu4HX82cI=
Subject key identifier: 84:66:70:E2:F3:67:DD:FC:10:17:54:C0:97:15:E2:5E:60:0F:C2:AA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5803
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hGZw4vNn3fwQF1TAlxXiXmAPwqo.roa
Signing time: Wed 15 May 2024 22:24:15 +0000
ROA not before: Wed 15 May 2024 22:24:15 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22531 (0x5803)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 15 22:24:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=846670E2F367DDFC101754C09715E25E600FC2AA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ca:1c:66:4b:ca:4a:8c:21:4a:28:a1:2c:30:
64:b6:e6:e8:ab:0c:16:b8:07:73:5d:c9:e7:66:56:
04:ed:fa:ce:ab:da:03:af:77:a7:d6:45:b8:56:0c:
f1:7c:2e:f1:43:3e:0b:d6:31:a0:2b:08:4b:a5:d3:
bc:cd:bd:99:a8:50:6a:07:81:44:3c:82:f9:15:bc:
2e:fc:8c:76:0d:37:a2:8f:01:dd:e7:df:3d:e7:d4:
58:56:46:e9:aa:8b:5a:20:22:c3:0a:b1:8e:6b:b2:
f8:31:80:c2:8e:dd:fd:8d:88:ab:74:73:6a:9e:74:
28:19:e8:c7:df:ee:ef:1e:df:eb:ca:65:45:b6:c9:
c7:3d:0b:21:31:ad:3f:6b:85:4c:1a:6d:1b:66:9e:
b9:14:b5:96:13:4f:39:56:7d:4b:18:60:31:19:b6:
e5:f1:e7:a3:af:74:b8:c3:45:82:14:43:bd:c1:b4:
be:e7:29:9a:18:3c:bc:e0:1b:7b:20:5e:10:a6:3a:
3d:f5:14:4b:14:bb:3b:ef:33:39:8f:01:d0:04:31:
6d:4e:45:25:2e:04:75:84:5e:f0:6d:28:d1:7a:ba:
27:58:b5:3b:b2:1e:fd:8d:e0:2b:04:25:48:66:fc:
13:1e:25:b5:b3:22:85:b1:1e:db:a6:ef:72:5b:0a:
f5:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:66:70:E2:F3:67:DD:FC:10:17:54:C0:97:15:E2:5E:60:0F:C2:AA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hGZw4vNn3fwQF1TAlxXiXmAPwqo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
25:b5:cd:ca:41:d3:2f:2a:4c:81:d7:0c:45:b0:51:c8:63:a6:
80:0d:6c:a4:c8:f9:91:91:d7:aa:c2:2d:a5:7b:32:80:0d:68:
cd:00:a5:2e:72:d3:c3:b1:40:c2:5c:a2:19:99:82:14:8a:ae:
8e:65:fc:3e:bc:32:3f:6f:4f:16:02:dc:f4:c2:bf:80:a3:f1:
d4:c9:e7:84:51:35:b7:4a:6f:3c:61:56:2e:ad:1a:c7:c4:5e:
0b:da:84:0f:0e:45:1b:3e:77:f6:7c:2e:6b:20:b7:9c:e9:b4:
b9:e6:a2:5a:f0:fb:65:44:04:2d:06:cb:d7:03:fd:61:b5:71:
0f:db:d4:54:19:c2:41:01:40:e1:9d:53:cb:4a:c6:13:c0:76:
83:92:a8:dd:47:d6:0c:22:46:34:34:91:a3:26:9b:ec:2e:4a:
43:40:e7:12:b2:77:c8:3d:4b:bf:97:70:47:d2:1b:f7:3b:84:
29:55:de:7a:f7:6f:e5:5a:1c:59:2a:68:ee:59:c2:2e:1b:d2:
18:de:54:43:b4:b4:96:93:28:ab:a9:4f:29:dd:84:92:42:19:
0f:3b:a8:b2:12:26:4f:c1:17:b1:04:96:ca:3f:b9:9d:b5:a5:
f8:11:b2:eb:d2:0e:9b:30:9f:12:8e:b8:14:f3:7f:3a:d8:5a:
e5:a3:8a:64
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICWAMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTUy
MjI0MTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg0NjY3MEUyRjM2N0RE
RkMxMDE3NTRDMDk3MTVFMjVFNjAwRkMyQUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7yhxmS8pKjCFKKKEsMGS25uirDBa4B3NdyedmVgTt+s6r2gOv
d6fWRbhWDPF8LvFDPgvWMaArCEul07zNvZmoUGoHgUQ8gvkVvC78jHYNN6KPAd3n
3z3n1FhWRumqi1ogIsMKsY5rsvgxgMKO3f2NiKt0c2qedCgZ6Mff7u8e3+vKZUW2
ycc9CyExrT9rhUwabRtmnrkUtZYTTzlWfUsYYDEZtuXx56OvdLjDRYIUQ73BtL7n
KZoYPLzgG3sgXhCmOj31FEsUuzvvMzmPAdAEMW1ORSUuBHWEXvBtKNF6uidYtTuy
Hv2N4CsEJUhm/BMeJbWzIoWxHtum73JbCvVNAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUhGZw4vNn3fwQF1TAlxXiXmAPwqowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2hHWnc0dk5uM2Z3UUYx
VEFseFhpWG1BUHdxby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBACW1zcpB0y8qTIHXDEWwUchjpoANbKTI
+ZGR16rCLaV7MoANaM0ApS5y08OxQMJcohmZghSKro5l/D68Mj9vTxYC3PTCv4Cj
8dTJ54RRNbdKbzxhVi6tGsfEXgvahA8ORRs+d/Z8Lmsgt5zptLnmolrw+2VEBC0G
y9cD/WG1cQ/b1FQZwkEBQOGdU8tKxhPAdoOSqN1H1gwiRjQ0kaMmm+wuSkNA5xKy
d8g9S7+XcEfSG/c7hClV3nr3b+VaHFkqaO5Zwi4b0hjeVEO0tJaTKKupTyndhJJC
GQ87qLISJk/BF7EElso/uZ21pfgRsuvSDpswnxKOuBTzfzrYWuWjimQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:40 2024 by rpki-client on console-fra.rpki-client.org