Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/iTgjOpSJVI9NPLxUnrsvF17MVUU.roa
File: iTgjOpSJVI9NPLxUnrsvF17MVUU.roa (raw, json)
Hash identifier: nAxsVgTPi8I8g4S+wKXbG9Frcog++dQQvDfBlZ0o614=
Subject key identifier: 89:38:23:3A:94:89:54:8F:4D:3C:BC:54:9E:BB:2F:17:5E:CC:55:45
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 535B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/iTgjOpSJVI9NPLxUnrsvF17MVUU.roa
Signing time: Thu 09 May 2024 17:23:57 +0000
ROA not before: Thu 09 May 2024 17:23:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21339 (0x535b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 9 17:23:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8938233A9489548F4D3CBC549EBB2F175ECC5545
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:d7:ef:c1:00:02:03:11:a1:8d:a4:f9:f4:c6:
86:aa:b2:57:db:08:92:55:b0:09:72:a2:2b:c7:2a:
e1:45:10:80:ac:d0:a3:54:6a:50:b6:a5:1d:03:7e:
a2:df:56:e4:08:20:75:75:65:8d:a1:be:59:31:f2:
8b:13:9b:13:be:46:1c:ee:f1:39:e3:33:ba:68:13:
aa:85:85:60:41:70:20:f3:5b:66:88:31:eb:fe:23:
0c:54:e4:a0:bc:28:da:4f:32:7b:7b:f2:f4:67:c3:
c9:b2:44:01:ea:dc:67:fe:d5:d9:0b:ee:07:eb:7a:
a7:27:ae:0d:87:11:4d:a5:51:0b:75:82:c7:c7:78:
b1:80:9d:9e:eb:d0:53:40:3f:1a:d3:f0:b0:fc:ff:
ae:7e:b3:6e:88:c6:62:d0:49:1e:d5:5d:e5:cf:ab:
7e:ce:93:89:1e:c4:fd:a7:e7:1b:12:7c:96:bc:94:
20:6f:4d:db:73:bf:d7:42:79:45:f6:01:7a:1a:16:
c4:3e:f8:d4:a9:5d:63:8a:23:76:06:4b:11:f8:74:
d8:b6:0a:e0:29:87:d2:32:cd:71:cd:e0:ea:43:e8:
33:37:2b:e7:ae:e5:9b:ee:c6:35:72:95:dd:72:99:
8d:87:e5:53:58:c0:de:08:62:31:b7:00:f2:36:a9:
e5:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:38:23:3A:94:89:54:8F:4D:3C:BC:54:9E:BB:2F:17:5E:CC:55:45
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/iTgjOpSJVI9NPLxUnrsvF17MVUU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
41:ae:ed:b6:43:9e:64:0f:fa:4e:f6:05:e5:11:d2:bb:94:fb:
70:8a:15:ff:25:df:4a:0d:4f:8f:8c:43:2c:44:42:9f:58:bb:
10:65:7f:cc:1b:40:aa:56:62:71:0e:54:96:96:e7:8a:a5:72:
ab:80:3e:53:d4:a8:c4:59:ae:ba:26:02:f5:19:99:31:e3:30:
c6:c5:24:1e:83:45:c2:65:4e:2e:45:aa:40:6d:78:ce:99:d0:
7d:99:7a:01:4e:4c:0e:a5:16:2e:6b:9a:88:fb:f2:7e:b4:b9:
72:7e:98:14:e2:fd:01:e3:9a:85:68:45:a4:87:f3:10:eb:92:
5c:94:c7:80:74:a9:ed:0b:74:75:23:85:0e:5e:37:45:86:55:
59:3a:12:5e:22:19:ab:06:2d:fb:e9:a5:c1:36:ac:ab:be:4a:
98:fa:b3:93:29:68:56:0c:41:1f:ec:ef:55:96:11:37:86:9c:
82:29:a2:ca:2d:e9:4e:30:ca:80:6b:b4:1c:b2:b4:a3:13:5f:
e8:40:0c:ca:30:83:b9:14:f6:79:61:f2:7b:b6:01:bf:ea:21:
c4:05:da:02:e3:6b:fc:57:0e:a5:5b:c7:63:8c:ca:91:8c:f2:
60:f3:13:31:7e:18:cc:3d:c9:b5:f6:05:fe:86:9c:ca:15:40:
25:fc:49:6e
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICU1swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDkx
NzIzNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg5MzgyMzNBOTQ4OTU0
OEY0RDNDQkM1NDlFQkIyRjE3NUVDQzU1NDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDu1+/BAAIDEaGNpPn0xoaqslfbCJJVsAlyoivHKuFFEICs0KNU
alC2pR0DfqLfVuQIIHV1ZY2hvlkx8osTmxO+Rhzu8TnjM7poE6qFhWBBcCDzW2aI
Mev+IwxU5KC8KNpPMnt78vRnw8myRAHq3Gf+1dkL7gfreqcnrg2HEU2lUQt1gsfH
eLGAnZ7r0FNAPxrT8LD8/65+s26IxmLQSR7VXeXPq37Ok4kexP2n5xsSfJa8lCBv
Tdtzv9dCeUX2AXoaFsQ++NSpXWOKI3YGSxH4dNi2CuAph9IyzXHN4OpD6DM3K+eu
5ZvuxjVyld1ymY2H5VNYwN4IYjG3API2qeXhAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUiTgjOpSJVI9NPLxUnrsvF17MVUUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2lUZ2pPcFNKVkk5TlBM
eFVucnN2RjE3TVZVVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAEGu7bZDnmQP+k72BeUR0ruU+3CKFf8l
30oNT4+MQyxEQp9YuxBlf8wbQKpWYnEOVJaW54qlcquAPlPUqMRZrromAvUZmTHj
MMbFJB6DRcJlTi5FqkBteM6Z0H2ZegFOTA6lFi5rmoj78n60uXJ+mBTi/QHjmoVo
RaSH8xDrklyUx4B0qe0LdHUjhQ5eN0WGVVk6El4iGasGLfvppcE2rKu+Spj6s5Mp
aFYMQR/s71WWETeGnIIposot6U4wyoBrtByytKMTX+hADMowg7kU9nlh8nu2Ab/q
IcQF2gLja/xXDqVbx2OMypGM8mDzEzF+GMw9ybX2Bf6GnMoVQCX8SW4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:41 2024 by rpki-client on console-fra.rpki-client.org