Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/jau2g4khrz-tnns_8K-NqbFBEgE.roa
File: jau2g4khrz-tnns_8K-NqbFBEgE.roa (raw, json)
Hash identifier: 3hAMnL9ZGUhb4EPIUzFAtsGm0PT41cAzSBp2Ud+ZcCU=
Subject key identifier: 8D:AB:B6:83:89:21:AF:3F:AD:9E:7B:3F:F0:AF:8D:A9:B1:41:12:01
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 577B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/jau2g4khrz-tnns_8K-NqbFBEgE.roa
Signing time: Wed 15 May 2024 05:24:11 +0000
ROA not before: Wed 15 May 2024 05:24:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22395 (0x577b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 15 05:24:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8DABB6838921AF3FAD9E7B3FF0AF8DA9B1411201
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:df:57:ca:e5:0f:7f:8a:c4:b7:06:aa:25:c9:
1c:01:16:c1:27:70:0d:83:4d:51:e2:f3:c9:9e:8f:
99:c9:0f:ad:7f:92:7b:34:db:4e:8d:5f:16:9e:80:
3e:27:93:89:1e:1c:1d:f0:f3:e7:71:00:ab:c7:5a:
78:dd:5a:de:46:b2:c9:03:65:28:04:69:9a:d2:6f:
43:c7:aa:ed:32:5c:81:83:2b:1a:0e:c9:cd:c4:e1:
d8:87:ab:f2:8a:95:50:6d:b5:23:d7:06:73:b0:48:
28:26:cf:54:55:dd:44:d5:6b:ce:b6:3c:99:06:3c:
69:9b:fc:ba:63:a3:0a:b9:18:53:fe:1e:eb:3a:65:
a1:62:41:bc:15:0f:b9:0d:48:3d:d2:4f:4b:e3:5c:
69:5f:a7:d9:cb:62:de:78:4d:50:5e:d7:c1:2f:5a:
dd:cb:36:27:9a:2d:cd:56:1d:f9:15:87:41:b9:44:
8d:65:4d:c9:d0:44:7e:99:62:5d:9f:58:a3:fd:4a:
4d:a3:16:7a:23:3c:9b:f1:c3:dc:f0:9a:93:1a:a0:
d1:18:c6:ff:84:be:a8:92:53:c4:3f:9c:0b:de:ec:
f6:d6:f5:ae:ac:0d:35:32:5f:81:08:f3:71:78:ba:
c4:ef:db:43:0e:2c:39:82:1e:5d:5d:f7:6b:e7:67:
17:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:AB:B6:83:89:21:AF:3F:AD:9E:7B:3F:F0:AF:8D:A9:B1:41:12:01
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/jau2g4khrz-tnns_8K-NqbFBEgE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
45:8b:ad:5c:53:cf:4d:c2:ad:74:00:7d:03:d0:0a:d6:02:c2:
85:09:a7:d9:75:ef:cb:b3:51:60:dd:71:a9:17:9f:3a:69:8c:
d7:b7:e0:6d:84:c4:03:70:04:87:bd:f1:b6:3b:f9:4c:86:83:
0a:71:c7:4f:cf:43:4f:e3:a5:50:2b:c8:78:ee:07:35:8d:48:
d7:1d:cf:fb:77:de:80:6b:ee:bd:ed:06:32:26:ba:70:0d:a0:
82:0c:cc:33:66:10:00:98:e8:f9:ce:79:d5:f0:ac:ae:99:d4:
9e:e0:53:27:f4:c9:6b:cc:c7:e2:6b:6b:30:64:ab:25:26:70:
ed:e6:d3:6e:63:d4:23:35:4d:4d:f9:33:9f:e1:5b:2c:fa:a0:
dc:df:18:a4:ed:83:38:f2:8c:1c:63:4c:72:c7:20:84:49:65:
56:01:53:32:59:43:ad:f1:58:a2:6f:b9:09:f4:f6:96:11:3f:
1a:f3:dd:8a:2b:0e:a1:a0:00:9f:81:a5:89:bf:8c:75:29:ee:
b1:d0:01:f7:32:ac:a3:0e:6a:c8:9a:60:6c:be:98:ee:39:d8:
ce:22:1c:17:cf:be:7b:6b:86:42:9a:06:43:3d:14:83:c8:79:
05:c4:60:28:96:f9:ca:49:f9:f3:ec:ff:6f:eb:23:31:b1:c4:
4d:23:a1:66
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICV3swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTUw
NTI0MTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhEQUJCNjgzODkyMUFG
M0ZBRDlFN0IzRkYwQUY4REE5QjE0MTEyMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDL31fK5Q9/isS3BqolyRwBFsEncA2DTVHi88mej5nJD61/kns0
206NXxaegD4nk4keHB3w8+dxAKvHWnjdWt5GsskDZSgEaZrSb0PHqu0yXIGDKxoO
yc3E4diHq/KKlVBttSPXBnOwSCgmz1RV3UTVa862PJkGPGmb/Lpjowq5GFP+Hus6
ZaFiQbwVD7kNSD3ST0vjXGlfp9nLYt54TVBe18EvWt3LNieaLc1WHfkVh0G5RI1l
TcnQRH6ZYl2fWKP9Sk2jFnojPJvxw9zwmpMaoNEYxv+EvqiSU8Q/nAve7PbW9a6s
DTUyX4EI83F4usTv20MOLDmCHl1d92vnZxdvAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUjau2g4khrz+tnns/8K+NqbFBEgEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2phdTJnNGtocnotdG5u
c184Sy1OcWJGQkVnRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAEWLrVxTz03CrXQAfQPQCtYCwoUJp9l1
78uzUWDdcakXnzppjNe34G2ExANwBIe98bY7+UyGgwpxx0/PQ0/jpVAryHjuBzWN
SNcdz/t33oBr7r3tBjImunANoIIMzDNmEACY6PnOedXwrK6Z1J7gUyf0yWvMx+Jr
azBkqyUmcO3m025j1CM1TU35M5/hWyz6oNzfGKTtgzjyjBxjTHLHIIRJZVYBUzJZ
Q63xWKJvuQn09pYRPxrz3YorDqGgAJ+BpYm/jHUp7rHQAfcyrKMOasiaYGy+mO45
2M4iHBfPvntrhkKaBkM9FIPIeQXEYCiW+cpJ+fPs/2/rIzGxxE0joWY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:42 2024 by rpki-client on console-fra.rpki-client.org