Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/iIBt2ZYPw-98fFkbio9xUr-c_kE.roa
File: iIBt2ZYPw-98fFkbio9xUr-c_kE.roa (raw, json)
Hash identifier: kAP2nisLoT/XfvwMSHcvrcafAORfmipuQL45en9wh+s=
Subject key identifier: 88:80:6D:D9:96:0F:C3:EF:7C:7C:59:1B:8A:8F:71:52:BF:9C:FE:41
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4DFF
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/iIBt2ZYPw-98fFkbio9xUr-c_kE.roa
Signing time: Thu 02 May 2024 13:53:42 +0000
ROA not before: Thu 02 May 2024 13:53:42 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19967 (0x4dff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 2 13:53:42 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=88806DD9960FC3EF7C7C591B8A8F7152BF9CFE41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:28:88:15:7e:0c:0b:bb:9b:42:9c:58:63:fa:
19:b0:16:67:c9:d6:3b:87:69:96:90:99:f4:3c:32:
60:0a:5e:8e:80:b8:f4:92:1d:13:0e:6e:6f:9e:21:
f4:3e:1d:e3:7e:f3:5f:96:6d:0c:c7:1a:c0:95:ed:
b0:24:97:53:a4:09:4a:37:b2:21:b9:36:44:ac:79:
41:cd:91:78:dd:81:a5:71:78:dc:a4:05:9f:09:27:
fb:4b:9c:c2:50:31:d7:1c:28:3c:ae:1f:f0:9b:8b:
30:44:52:c6:ef:d3:45:e0:4e:c5:6f:9d:8d:4d:4d:
12:ac:62:8f:e7:96:3c:4f:cf:ee:75:c9:96:f5:f0:
41:d6:5e:aa:7a:b4:6a:7f:a6:07:c1:82:f2:10:1b:
ac:b6:fc:0f:47:97:c0:ed:21:18:13:6e:d4:dd:23:
26:ad:b1:27:9d:dd:b5:d5:b3:38:b1:ec:76:44:4e:
53:cf:fe:3b:55:d4:1e:6c:55:66:be:8f:19:e3:77:
d4:5d:60:b1:06:23:a4:49:2d:e9:9d:d9:1a:4c:f0:
fd:3b:06:7b:75:64:8c:a4:ff:2d:9e:36:a6:a9:09:
9d:89:37:e2:4b:b1:df:86:58:00:24:96:91:a5:d8:
7d:ab:1a:f6:07:19:f1:b1:88:19:0c:e2:e8:ed:85:
f0:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:80:6D:D9:96:0F:C3:EF:7C:7C:59:1B:8A:8F:71:52:BF:9C:FE:41
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/iIBt2ZYPw-98fFkbio9xUr-c_kE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
48:49:9e:72:bc:25:92:90:cc:98:fb:a9:21:06:4a:25:71:a1:
f3:91:31:29:54:a6:cb:06:e8:2a:23:ae:eb:ac:93:da:ec:cb:
0d:78:e6:25:be:56:8a:1e:32:82:07:b6:0b:36:73:da:9e:fb:
76:39:21:db:66:d0:8f:5c:dd:5e:19:b1:bd:8f:9b:fd:eb:82:
65:64:95:ca:d8:51:ee:3b:b7:f8:eb:3b:6d:f3:95:d3:8d:82:
a4:c6:fd:fa:c6:d8:63:1c:32:61:d7:e1:2e:b9:b3:a0:9c:12:
ac:83:73:cc:1d:c5:76:8c:77:66:de:2f:4f:28:16:2c:18:0b:
17:73:7c:c2:e3:bc:a6:ab:02:6e:89:cb:41:a7:6e:d7:9e:23:
c0:53:fc:3e:2a:fe:6b:ff:6d:5f:20:64:ef:67:0a:fc:84:95:
7d:a0:4b:24:72:67:84:d3:ec:49:55:00:d2:ba:51:bd:f6:f7:
1d:78:d7:a8:a2:b7:11:63:b6:b0:bd:b3:46:35:f4:0f:b0:6b:
9e:30:9c:b1:ec:21:8c:90:b5:a2:97:7a:4b:67:58:8f:38:52:
9f:ab:ed:c2:29:aa:6f:1d:20:e7:c6:79:e7:4d:89:d7:24:46:
1c:95:e0:f3:00:2c:16:98:f5:ac:b5:ff:3e:50:9d:4b:d2:5a:
94:ce:c1:de
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTf8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDIx
MzUzNDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg4ODA2REQ5OTYwRkMz
RUY3QzdDNTkxQjhBOEY3MTUyQkY5Q0ZFNDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3KIgVfgwLu5tCnFhj+hmwFmfJ1juHaZaQmfQ8MmAKXo6AuPSS
HRMObm+eIfQ+HeN+81+WbQzHGsCV7bAkl1OkCUo3siG5NkSseUHNkXjdgaVxeNyk
BZ8JJ/tLnMJQMdccKDyuH/CbizBEUsbv00XgTsVvnY1NTRKsYo/nljxPz+51yZb1
8EHWXqp6tGp/pgfBgvIQG6y2/A9Hl8DtIRgTbtTdIyatsSed3bXVszix7HZETlPP
/jtV1B5sVWa+jxnjd9RdYLEGI6RJLemd2RpM8P07Bnt1ZIyk/y2eNqapCZ2JN+JL
sd+GWAAklpGl2H2rGvYHGfGxiBkM4ujthfCjAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUiIBt2ZYPw+98fFkbio9xUr+c/kEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2lJQnQyWllQdy05OGZG
a2Jpbzl4VXItY19rRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAEhJnnK8JZKQzJj7qSEGSiVxofORMSlU
pssG6Cojruusk9rsyw145iW+VooeMoIHtgs2c9qe+3Y5Idtm0I9c3V4Zsb2Pm/3r
gmVklcrYUe47t/jrO23zldONgqTG/frG2GMcMmHX4S65s6CcEqyDc8wdxXaMd2be
L08oFiwYCxdzfMLjvKarAm6Jy0GnbteeI8BT/D4q/mv/bV8gZO9nCvyElX2gSyRy
Z4TT7ElVANK6Ub329x1416iitxFjtrC9s0Y19A+wa54wnLHsIYyQtaKXektnWI84
Up+r7cIpqm8dIOfGeedNidckRhyV4PMALBaY9ay1/z5QnUvSWpTOwd4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:03 2024 by rpki-client on console-ams.rpki-client.org