Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/iEOsD0JjB6oWOQ2QJjzbrLF4aG4.roa
File: iEOsD0JjB6oWOQ2QJjzbrLF4aG4.roa (raw, json)
Hash identifier: BM+UnHpPpFFABWpq0myFR2beWCTF7A8bXXkxLJmLnmk=
Subject key identifier: 88:43:AC:0F:42:63:07:AA:16:39:0D:90:26:3C:DB:AC:B1:78:68:6E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 44D3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/iEOsD0JjB6oWOQ2QJjzbrLF4aG4.roa
Signing time: Sat 20 Apr 2024 08:23:04 +0000
ROA not before: Sat 20 Apr 2024 08:23:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17619 (0x44d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 08:23:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8843AC0F426307AA16390D90263CDBACB178686E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:62:c2:f7:bf:33:a0:1a:b9:44:3a:0b:a3:9c:
85:eb:1e:3d:a5:41:5f:a2:22:da:b9:db:d3:3a:61:
98:aa:d3:ee:59:a6:0c:11:0d:72:44:6f:d6:48:b7:
c7:a7:65:fe:82:79:d6:2d:74:e8:5c:fd:f2:5b:08:
db:72:1d:1b:47:8c:dd:8d:c0:76:77:85:23:4c:a3:
2c:c1:55:04:f8:33:d7:90:55:38:fe:06:6a:69:34:
5c:5b:67:64:f5:af:71:d4:be:d6:e8:09:ba:8f:71:
81:c0:83:10:a6:fa:9c:94:2a:cd:2b:76:17:a6:be:
b9:f5:81:8b:d6:68:a3:76:5b:73:c2:86:ec:09:a8:
2d:c6:41:37:29:7a:b1:a1:8e:fc:21:50:7a:04:94:
67:66:c7:5e:95:27:e0:16:d3:64:5e:46:50:a4:b8:
84:c2:65:72:68:2a:ff:8a:94:05:a5:87:4b:2a:91:
21:1a:c1:dd:d4:d1:aa:92:89:dd:7b:0e:86:f2:95:
8c:5b:12:fa:7d:26:47:f1:9f:ae:b2:a6:74:78:f9:
73:6d:50:60:ab:77:a4:06:49:9c:37:6e:fa:3c:2f:
09:bd:2a:15:b0:82:95:e4:62:4b:03:17:9d:db:32:
a9:62:fe:b9:6c:36:7f:3b:e1:35:9e:fe:fe:fc:b0:
f4:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:43:AC:0F:42:63:07:AA:16:39:0D:90:26:3C:DB:AC:B1:78:68:6E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/iEOsD0JjB6oWOQ2QJjzbrLF4aG4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
63:fa:a1:66:f2:ab:11:6b:a9:43:76:8c:37:47:ee:86:2f:5b:
11:7b:a7:9b:94:9a:fe:22:f1:46:f7:06:c9:47:7e:9e:1e:d1:
30:69:84:b6:22:63:5c:4f:81:6a:e1:5b:c5:80:41:c7:bc:e6:
49:15:bf:4e:8a:00:80:8a:89:30:bd:ce:13:32:a4:5f:cc:4e:
97:09:bd:96:8f:03:92:62:5b:0a:7b:c1:bf:93:b0:da:e6:27:
d4:54:74:ca:2b:0c:8d:85:a3:30:2a:84:92:d5:6b:ec:44:6d:
88:79:8a:4d:3b:32:cc:5f:f7:0e:f5:69:5a:d2:01:27:1f:c7:
88:fa:30:cb:74:44:c4:2d:d4:83:f3:43:95:00:3a:6c:b7:35:
96:cb:30:1f:be:91:be:46:f6:ac:0e:94:78:9d:a2:61:e3:37:
c5:e3:4b:38:dc:32:a5:ea:99:ce:b7:3d:9c:94:d9:37:ce:6b:
38:ad:43:17:27:32:7b:4d:6e:c4:28:c2:a1:af:0f:da:41:cc:
92:5b:93:f9:20:b3:27:6e:c7:14:cd:0e:d1:ab:bd:0a:4b:37:
ba:07:80:fe:1e:36:f5:ee:2c:83:23:d2:b4:5f:66:99:79:26:
f2:5a:3f:d1:dd:23:aa:2a:f7:f5:e2:87:8e:1d:d1:ba:9f:de:
41:b0:10:47
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICRNMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAw
ODIzMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg4NDNBQzBGNDI2MzA3
QUExNjM5MEQ5MDI2M0NEQkFDQjE3ODY4NkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChYsL3vzOgGrlEOgujnIXrHj2lQV+iItq529M6YZiq0+5ZpgwR
DXJEb9ZIt8enZf6CedYtdOhc/fJbCNtyHRtHjN2NwHZ3hSNMoyzBVQT4M9eQVTj+
BmppNFxbZ2T1r3HUvtboCbqPcYHAgxCm+pyUKs0rdhemvrn1gYvWaKN2W3PChuwJ
qC3GQTcperGhjvwhUHoElGdmx16VJ+AW02ReRlCkuITCZXJoKv+KlAWlh0sqkSEa
wd3U0aqSid17DobylYxbEvp9Jkfxn66ypnR4+XNtUGCrd6QGSZw3bvo8Lwm9KhWw
gpXkYksDF53bMqli/rlsNn874TWe/v78sPTXAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUiEOsD0JjB6oWOQ2QJjzbrLF4aG4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2lFT3NEMEpqQjZvV09R
MlFKanpickxGNGFHNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAGP6oWbyqxFrqUN2jDdH7oYvWxF7p5uU
mv4i8Ub3BslHfp4e0TBphLYiY1xPgWrhW8WAQce85kkVv06KAICKiTC9zhMypF/M
TpcJvZaPA5JiWwp7wb+TsNrmJ9RUdMorDI2FozAqhJLVa+xEbYh5ik07Msxf9w71
aVrSAScfx4j6MMt0RMQt1IPzQ5UAOmy3NZbLMB++kb5G9qwOlHidomHjN8XjSzjc
MqXqmc63PZyU2TfOazitQxcnMntNbsQowqGvD9pBzJJbk/kgsyduxxTNDtGrvQpL
N7oHgP4eNvXuLIMj0rRfZpl5JvJaP9HdI6oq9/Xih44d0bqf3kGwEEc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:41 2024 by rpki-client on console-fra.rpki-client.org