Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/j43Z4zfrTe7PHZxuXRUtXhSVtjY.roa
File: j43Z4zfrTe7PHZxuXRUtXhSVtjY.roa (raw, json)
Hash identifier: uVTdx9e20NwpZHeFDa6CfxO/JN0djbeip80G7eB9l/s=
Subject key identifier: 8F:8D:D9:E3:37:EB:4D:EE:CF:1D:9C:6E:5D:15:2D:5E:14:95:B6:36
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3F23
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/j43Z4zfrTe7PHZxuXRUtXhSVtjY.roa
Signing time: Fri 12 Apr 2024 18:22:49 +0000
ROA not before: Fri 12 Apr 2024 18:22:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16163 (0x3f23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 12 18:22:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8F8DD9E337EB4DEECF1D9C6E5D152D5E1495B636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:98:b0:0f:ea:ec:bc:fb:dd:8b:41:9a:8b:72:
7e:f9:e0:4e:f1:b1:95:0c:7d:c8:ba:75:ac:0d:fd:
a2:d8:37:f3:dc:12:84:61:e0:6f:2b:bb:f9:1e:74:
f0:ca:fb:90:8b:dc:f4:32:d8:7e:8e:18:c6:38:2b:
f2:ff:d2:65:54:5a:8f:5d:7e:d5:aa:91:06:02:47:
9e:1b:dd:57:ce:04:4b:1a:75:76:bf:4f:7c:9b:18:
7b:0b:a6:d0:1f:c6:17:14:b4:4c:29:94:b8:0e:dd:
35:09:89:d0:1c:0c:c4:cc:e9:cd:27:7e:f1:91:aa:
65:36:f8:88:f4:e1:30:40:95:e9:2d:de:54:fa:d6:
93:17:17:84:26:2c:cb:69:8a:6a:64:c9:fa:61:a4:
05:4b:28:3e:32:12:cf:67:bc:5c:af:bf:d7:f4:88:
a0:cd:4b:a1:de:22:21:04:8e:91:19:36:a9:dd:92:
c7:76:16:3c:38:bf:29:43:aa:a9:0c:fe:e3:24:5d:
4e:cc:28:6b:ff:bf:bc:b8:ca:58:7c:23:9a:fd:d2:
ba:30:22:05:f5:a1:f5:cc:5e:60:13:99:70:b7:08:
18:aa:19:73:89:f0:2d:ec:29:df:e6:a3:4a:5f:01:
67:f8:f2:5d:ca:5f:31:b7:90:19:40:b4:d7:66:cd:
02:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:8D:D9:E3:37:EB:4D:EE:CF:1D:9C:6E:5D:15:2D:5E:14:95:B6:36
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/j43Z4zfrTe7PHZxuXRUtXhSVtjY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
66:52:bd:8b:35:26:26:4c:32:f4:e6:22:8e:ec:27:1f:3a:7f:
23:38:1f:1f:e5:eb:eb:76:4c:42:57:15:6b:6e:6b:31:19:02:
88:6c:0c:3a:d3:91:82:eb:9f:d9:a8:e4:3e:e3:db:42:d5:5f:
84:91:22:50:0c:c5:c3:c6:ed:30:9f:9b:86:be:68:0c:3b:9f:
d5:58:0f:b8:4b:78:bf:42:48:ae:34:b8:20:95:54:be:e8:4d:
bb:aa:17:5d:24:f3:84:d5:af:64:e5:d6:a4:fc:59:1b:66:1f:
7e:36:b9:bb:7e:d2:69:d8:ce:15:76:08:7e:b7:84:05:35:01:
6c:a2:99:5f:c7:95:d4:1e:fe:4b:4c:1e:c6:20:e4:9e:40:b5:
9d:60:92:df:49:7f:94:0a:9a:15:10:bc:30:9b:1e:a9:18:0b:
b6:eb:e8:98:26:20:d6:67:a6:56:74:74:19:45:be:38:24:98:
7b:bf:df:8f:ce:c1:d1:3f:29:fc:68:80:bf:13:10:25:e8:a0:
cf:5e:e3:28:41:8c:e2:9c:92:d8:44:61:9e:ea:2f:36:d7:3e:
e5:3e:ce:87:9f:89:c5:6e:2f:34:c4:0f:74:58:21:4e:89:80:
b4:5c:df:cf:d7:b0:6b:71:c7:0e:3c:f3:20:d9:4a:95:d4:9b:
e9:22:7c:68
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPyMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTIx
ODIyNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhGOEREOUUzMzdFQjRE
RUVDRjFEOUM2RTVEMTUyRDVFMTQ5NUI2MzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtmLAP6uy8+92LQZqLcn754E7xsZUMfci6dawN/aLYN/PcEoRh
4G8ru/kedPDK+5CL3PQy2H6OGMY4K/L/0mVUWo9dftWqkQYCR54b3VfOBEsadXa/
T3ybGHsLptAfxhcUtEwplLgO3TUJidAcDMTM6c0nfvGRqmU2+Ij04TBAlekt3lT6
1pMXF4QmLMtpimpkyfphpAVLKD4yEs9nvFyvv9f0iKDNS6HeIiEEjpEZNqndksd2
Fjw4vylDqqkM/uMkXU7MKGv/v7y4ylh8I5r90rowIgX1ofXMXmATmXC3CBiqGXOJ
8C3sKd/mo0pfAWf48l3KXzG3kBlAtNdmzQJRAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUj43Z4zfrTe7PHZxuXRUtXhSVtjYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2o0M1o0emZyVGU3UEha
eHVYUlV0WGhTVnRqWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAGZSvYs1JiZMMvTmIo7sJx86fyM4Hx/l
6+t2TEJXFWtuazEZAohsDDrTkYLrn9mo5D7j20LVX4SRIlAMxcPG7TCfm4a+aAw7
n9VYD7hLeL9CSK40uCCVVL7oTbuqF10k84TVr2Tl1qT8WRtmH342ubt+0mnYzhV2
CH63hAU1AWyimV/HldQe/ktMHsYg5J5AtZ1gkt9Jf5QKmhUQvDCbHqkYC7br6Jgm
INZnplZ0dBlFvjgkmHu/34/OwdE/KfxogL8TECXooM9e4yhBjOKckthEYZ7qLzbX
PuU+zoeficVuLzTED3RYIU6JgLRc38/XsGtxxw488yDZSpXUm+kifGg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:42 2024 by rpki-client on console-fra.rpki-client.org