Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/jFjFrfXWJCNYywZwQfIrKAjLltc.roa
File: jFjFrfXWJCNYywZwQfIrKAjLltc.roa (raw, json)
Hash identifier: 4oC2mXlCFp6l88L0g9PqCK2+JynAf3HagRpqDXMlHT0=
Subject key identifier: 8C:58:C5:AD:F5:D6:24:23:58:CB:06:70:41:F2:2B:28:08:CB:96:D7
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3453
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/jFjFrfXWJCNYywZwQfIrKAjLltc.roa
Signing time: Fri 29 Mar 2024 08:22:04 +0000
ROA not before: Fri 29 Mar 2024 08:22:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13395 (0x3453)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 08:22:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8C58C5ADF5D6242358CB067041F22B2808CB96D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:96:2a:d4:f5:58:1a:c6:9d:6c:fd:6f:c5:88:
9f:88:67:1a:91:e9:25:f8:0c:42:29:68:0b:5d:3b:
7e:90:99:a5:fb:80:ca:b4:04:98:7b:65:45:56:1f:
cd:6b:6a:72:55:77:6a:bc:b4:42:36:86:0d:52:49:
d0:2a:bf:3f:7e:f2:09:8e:60:f7:c2:b1:7c:4a:c5:
8d:80:75:e0:7b:f3:7b:59:85:a2:0b:60:c0:e4:23:
75:b4:bc:02:2d:8e:da:c4:0e:57:96:e6:c4:06:4d:
62:bc:5d:c3:05:f6:76:bc:d6:16:e3:75:37:2e:cc:
42:39:0b:8f:ed:11:b2:3e:fd:02:4a:26:c7:31:b6:
88:ac:4e:eb:a5:3b:54:3e:17:47:5c:00:cd:e4:f2:
bc:42:36:77:7f:d5:8b:92:e4:f7:f6:50:ae:91:13:
56:e9:90:e1:60:7d:c6:6c:e8:51:c8:b8:36:3d:86:
7c:1b:78:66:ae:9f:24:2c:d2:e7:52:68:f2:e0:9a:
e8:a0:25:62:3c:ea:15:36:f2:50:6c:79:0a:21:33:
9d:ec:d1:19:ca:63:ae:fe:98:cd:3f:52:94:b0:fc:
83:33:ab:e3:6d:27:76:12:8a:65:56:24:e6:53:3b:
0f:60:93:b3:7a:81:e1:57:41:f4:e0:db:05:f2:dc:
af:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:58:C5:AD:F5:D6:24:23:58:CB:06:70:41:F2:2B:28:08:CB:96:D7
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/jFjFrfXWJCNYywZwQfIrKAjLltc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
2a:39:80:55:1f:8e:83:e3:76:fe:98:28:ed:d4:c8:c7:74:05:
4d:a9:07:3e:d5:cc:83:d7:6c:67:64:a4:0e:af:07:01:5f:28:
16:13:61:66:97:5c:1c:29:9d:aa:a0:59:48:bf:33:04:4c:87:
27:f0:26:f9:f5:da:8b:dd:bb:91:8f:0e:97:63:4a:ac:96:c6:
0d:bd:10:7d:8f:38:a2:53:e2:05:8c:c6:4c:30:dd:e5:5a:55:
62:a0:77:65:ca:aa:79:db:48:79:f9:61:92:93:f0:22:9e:28:
55:96:24:90:be:7e:ba:65:05:53:d9:4b:5b:a4:2e:8d:06:dd:
23:56:8a:c7:4b:bc:80:95:0b:ff:3f:50:25:43:51:3f:c8:f3:
b4:0d:13:00:57:3a:22:49:c0:93:30:e9:26:da:94:b5:f6:b5:
46:b0:3e:e4:e9:60:08:ca:9f:6d:b7:64:f4:15:0f:51:ae:94:
dc:cd:e6:f1:c3:d4:71:48:2d:b9:f2:00:35:b7:25:a7:3a:0e:
13:61:89:46:76:6e:6e:a0:a8:bd:5b:cf:9c:89:a2:76:d6:f3:
2c:36:81:0d:f3:c7:71:fd:d8:65:d9:af:59:57:d0:da:33:66:
74:5b:3c:6b:01:75:3f:33:c1:2c:18:71:7b:bc:97:62:ec:70:
46:27:d6:da
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNFMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjkw
ODIyMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhDNThDNUFERjVENjI0
MjM1OENCMDY3MDQxRjIyQjI4MDhDQjk2RDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQlirU9Vgaxp1s/W/FiJ+IZxqR6SX4DEIpaAtdO36QmaX7gMq0
BJh7ZUVWH81ranJVd2q8tEI2hg1SSdAqvz9+8gmOYPfCsXxKxY2AdeB783tZhaIL
YMDkI3W0vAItjtrEDleW5sQGTWK8XcMF9na81hbjdTcuzEI5C4/tEbI+/QJKJscx
toisTuulO1Q+F0dcAM3k8rxCNnd/1YuS5Pf2UK6RE1bpkOFgfcZs6FHIuDY9hnwb
eGaunyQs0udSaPLgmuigJWI86hU28lBseQohM53s0RnKY67+mM0/UpSw/IMzq+Nt
J3YSimVWJOZTOw9gk7N6geFXQfTg2wXy3K8XAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUjFjFrfXWJCNYywZwQfIrKAjLltcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2pGakZyZlhXSkNOWXl3
WndRZklyS0FqTGx0Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBACo5gFUfjoPjdv6YKO3UyMd0BU2pBz7V
zIPXbGdkpA6vBwFfKBYTYWaXXBwpnaqgWUi/MwRMhyfwJvn12ovdu5GPDpdjSqyW
xg29EH2POKJT4gWMxkww3eVaVWKgd2XKqnnbSHn5YZKT8CKeKFWWJJC+frplBVPZ
S1ukLo0G3SNWisdLvICVC/8/UCVDUT/I87QNEwBXOiJJwJMw6SbalLX2tUawPuTp
YAjKn223ZPQVD1GulNzN5vHD1HFILbnyADW3Jac6DhNhiUZ2bm6gqL1bz5yJonbW
8yw2gQ3zx3H92GXZr1lX0NozZnRbPGsBdT8zwSwYcXu8l2LscEYn1to=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:42 2024 by rpki-client on console-fra.rpki-client.org