Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/hZt9ACQmR1DZ9jak3IjDhy14H1o.roa
File: hZt9ACQmR1DZ9jak3IjDhy14H1o.roa (raw, json)
Hash identifier: NP1RIWS1qoqXdCzXMjZW2XtIfHg71FA7nQLW7faB9Hs=
Subject key identifier: 85:9B:7D:00:24:26:47:50:D9:F6:36:A4:DC:88:C3:87:2D:78:1F:5A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3E9B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hZt9ACQmR1DZ9jak3IjDhy14H1o.roa
Signing time: Fri 12 Apr 2024 01:22:52 +0000
ROA not before: Fri 12 Apr 2024 01:22:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16027 (0x3e9b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 12 01:22:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=859B7D0024264750D9F636A4DC88C3872D781F5A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:81:fa:32:59:2b:2d:38:9b:c0:4e:68:d0:12:
f7:56:9c:f5:0f:1f:c2:82:ce:48:0b:0d:ad:00:ca:
1e:e9:23:c9:56:ff:d4:8a:3f:32:7a:92:09:a0:8a:
7f:f6:68:03:10:f5:b0:14:08:7b:4e:7b:8f:36:de:
be:d3:90:f4:3e:50:ab:c4:59:96:2f:c8:50:2e:ef:
28:ad:db:bc:e1:fa:d6:98:6d:96:d0:12:ea:98:be:
d9:b4:08:70:fa:c5:d8:af:10:ba:08:74:b7:51:6d:
86:ba:85:9f:0e:d8:8e:fc:2e:45:95:47:88:d8:3d:
6b:b7:56:91:d4:e9:e2:02:9f:65:0d:fe:26:5c:42:
13:c1:4c:14:44:84:fd:d1:ad:2b:da:31:9e:01:c1:
4f:9f:33:10:2b:85:9d:f4:b6:dd:a2:a2:88:6e:af:
8e:0c:9e:b9:b1:f3:85:99:a9:55:46:bb:fa:85:45:
12:19:d4:c6:fe:44:ad:d3:0f:45:ef:16:b7:8f:65:
25:53:a7:ad:c6:ba:3f:c9:96:34:a8:33:0e:e8:32:
f0:f4:77:a4:fe:30:ec:e7:c6:31:17:8a:42:6b:59:
43:9a:4c:91:f3:02:f3:ef:1c:59:86:bf:a5:d1:1e:
f2:0a:93:c5:d6:2b:01:92:5f:8b:d8:04:77:ec:b7:
2d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:9B:7D:00:24:26:47:50:D9:F6:36:A4:DC:88:C3:87:2D:78:1F:5A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/hZt9ACQmR1DZ9jak3IjDhy14H1o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
9a:97:3f:74:06:c6:a7:47:af:7a:3b:5b:01:0e:75:bc:47:32:
b2:4f:aa:74:cf:d2:33:22:f1:87:3f:29:06:b6:14:54:a8:48:
7e:b9:4c:89:a2:1b:57:0e:d8:e7:44:fc:7c:d4:9b:18:ee:7d:
b0:71:e3:fd:0b:5b:c9:30:1a:de:e8:ff:e0:1a:88:eb:41:31:
86:13:30:3e:14:70:e5:2e:5e:5c:2f:af:14:34:51:b1:1d:b4:
26:47:bb:2e:ac:df:ea:c6:9e:fb:ae:df:89:ba:d9:67:b4:a1:
a7:fc:5a:46:ea:51:26:f5:31:65:f5:46:b8:de:a6:f3:80:d1:
36:ab:f4:22:ad:b8:c5:70:2a:53:6a:18:ed:31:8e:07:11:00:
ba:a1:96:b7:b9:57:35:c0:62:05:91:75:a2:34:9e:92:26:a1:
92:fb:6e:38:f6:ba:9f:84:9d:dc:f0:1e:e5:20:de:a7:2f:95:
91:14:fb:37:f9:7d:65:77:a4:64:b9:90:69:2c:95:5c:40:c5:
2f:22:99:af:73:4d:a6:3f:ee:8d:8f:d0:1c:8b:52:2b:57:0a:
46:21:48:d8:6d:7c:67:88:28:e6:0f:92:70:0f:1f:94:ef:85:
24:e0:4b:89:bc:d8:76:93:bc:c9:8a:cb:25:7d:ad:d9:b7:ed:
6e:8b:cd:03
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPpswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTIw
MTIyNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg1OUI3RDAwMjQyNjQ3
NTBEOUY2MzZBNERDODhDMzg3MkQ3ODFGNUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1gfoyWSstOJvATmjQEvdWnPUPH8KCzkgLDa0Ayh7pI8lW/9SK
PzJ6kgmgin/2aAMQ9bAUCHtOe4823r7TkPQ+UKvEWZYvyFAu7yit27zh+taYbZbQ
EuqYvtm0CHD6xdivELoIdLdRbYa6hZ8O2I78LkWVR4jYPWu3VpHU6eICn2UN/iZc
QhPBTBREhP3RrSvaMZ4BwU+fMxArhZ30tt2ioohur44Mnrmx84WZqVVGu/qFRRIZ
1Mb+RK3TD0XvFrePZSVTp63Guj/JljSoMw7oMvD0d6T+MOznxjEXikJrWUOaTJHz
AvPvHFmGv6XRHvIKk8XWKwGSX4vYBHfsty1pAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUhZt9ACQmR1DZ9jak3IjDhy14H1owHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2hadDlBQ1FtUjFEWjlq
YWszSWpEaHkxNEgxby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAJqXP3QGxqdHr3o7WwEOdbxHMrJPqnTP
0jMi8Yc/KQa2FFSoSH65TImiG1cO2OdE/HzUmxjufbBx4/0LW8kwGt7o/+AaiOtB
MYYTMD4UcOUuXlwvrxQ0UbEdtCZHuy6s3+rGnvuu34m62We0oaf8WkbqUSb1MWX1
RrjepvOA0Tar9CKtuMVwKlNqGO0xjgcRALqhlre5VzXAYgWRdaI0npImoZL7bjj2
up+EndzwHuUg3qcvlZEU+zf5fWV3pGS5kGkslVxAxS8ima9zTaY/7o2P0ByLUitX
CkYhSNhtfGeIKOYPknAPH5TvhSTgS4m82HaTvMmKyyV9rdm37W6LzQM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:40 2024 by rpki-client on console-fra.rpki-client.org