Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/jd8L0ZwqIP0N6vvRB99-CLyfMLQ.roa
File: jd8L0ZwqIP0N6vvRB99-CLyfMLQ.roa (raw, json)
Hash identifier: 8LMukHzo0RRFqkmWhMD+C8YPRyVUn/c60ui/VU930/w=
Subject key identifier: 8D:DF:0B:D1:9C:2A:20:FD:0D:EA:FB:D1:07:DF:7E:08:BC:9F:30:B4
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3B8B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/jd8L0ZwqIP0N6vvRB99-CLyfMLQ.roa
Signing time: Sun 07 Apr 2024 23:22:34 +0000
ROA not before: Sun 07 Apr 2024 23:22:34 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15243 (0x3b8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 7 23:22:34 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8DDF0BD19C2A20FD0DEAFBD107DF7E08BC9F30B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:57:98:9a:fd:89:4a:12:95:91:e0:81:8a:78:
52:5a:14:e0:cc:96:47:43:ce:9c:79:29:2c:a6:44:
0a:25:fb:20:e6:1d:b0:6f:e4:2a:09:75:51:b9:67:
cd:24:81:37:ad:12:f0:ad:25:1c:4b:10:1c:2f:4a:
f0:ae:ce:34:aa:59:fa:21:a3:93:0b:1f:75:8c:f6:
9e:8c:fd:dc:a9:8b:2d:de:5b:fd:f1:2c:b5:24:ac:
b5:6a:4f:60:78:2b:2d:cf:a3:fa:b1:76:24:d4:bf:
0c:d3:4d:b3:43:d8:33:09:1d:3d:a6:a0:64:27:3b:
cf:7e:cf:5f:e6:41:b2:af:5c:b8:cf:34:68:99:c0:
c3:5c:f0:b3:a7:ea:04:b8:cd:d1:6a:65:25:18:7c:
a3:f5:65:ed:50:f5:6b:cf:38:73:5b:24:27:cd:6f:
07:f0:fd:66:10:bf:a2:e1:40:93:44:52:fb:75:ed:
ec:dc:74:7c:64:06:e9:b9:e1:78:44:b5:f3:a9:97:
01:b6:4f:8d:71:53:c8:a8:ad:c7:e5:3e:28:41:94:
e5:ff:61:3f:58:a1:4c:52:65:cb:10:3e:44:21:03:
26:ec:98:8f:12:b4:25:54:76:54:6e:92:e2:70:10:
c7:83:ad:86:8f:d4:84:e2:c6:07:be:1c:52:26:2e:
e7:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:DF:0B:D1:9C:2A:20:FD:0D:EA:FB:D1:07:DF:7E:08:BC:9F:30:B4
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/jd8L0ZwqIP0N6vvRB99-CLyfMLQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
8b:b4:cc:ac:c1:21:55:19:10:16:8e:95:42:38:1f:b7:9d:f9:
27:be:84:fa:05:93:be:20:e8:6e:40:4d:5f:21:98:7b:aa:d8:
6d:5d:22:8b:80:a6:fa:6d:6f:5a:b9:11:01:49:0b:8d:ff:12:
98:a9:54:08:da:77:01:e6:3e:ac:57:8b:b8:b2:dc:0f:0f:1a:
9a:bf:6b:52:cb:a4:75:29:40:86:06:70:57:57:ff:5f:14:8a:
92:22:32:18:44:81:97:68:16:1b:21:8a:19:ec:b2:29:0e:68:
02:b5:a9:19:7d:8d:e0:49:6d:ea:92:a5:3c:be:e9:4e:47:57:
86:8e:45:77:67:e0:96:14:5c:cd:51:a6:ad:24:45:45:cc:48:
cb:5c:07:36:49:58:dd:e9:cb:0e:e9:ac:35:e6:4c:b1:3d:64:
6b:56:00:cc:76:8b:6d:2a:d3:5b:1f:6f:2a:b0:4e:e3:1c:81:
00:b1:a7:4e:bc:52:65:20:31:f2:73:8a:6e:de:b5:a4:03:2b:
f7:94:82:fb:3e:64:d7:1a:6b:4c:4c:40:72:b0:8c:8a:6c:24:
6e:98:af:89:c6:54:c5:4a:79:00:1b:49:04:ac:bf:c7:0b:ef:
f2:da:ef:c7:9f:a9:e7:93:d5:c4:18:a4:8b:0e:40:fb:21:b6:
c7:cb:ca:2e
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICO4swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDcy
MzIyMzRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhEREYwQkQxOUMyQTIw
RkQwREVBRkJEMTA3REY3RTA4QkM5RjMwQjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+V5ia/YlKEpWR4IGKeFJaFODMlkdDzpx5KSymRAol+yDmHbBv
5CoJdVG5Z80kgTetEvCtJRxLEBwvSvCuzjSqWfoho5MLH3WM9p6M/dypiy3eW/3x
LLUkrLVqT2B4Ky3Po/qxdiTUvwzTTbND2DMJHT2moGQnO89+z1/mQbKvXLjPNGiZ
wMNc8LOn6gS4zdFqZSUYfKP1Ze1Q9WvPOHNbJCfNbwfw/WYQv6LhQJNEUvt17ezc
dHxkBum54XhEtfOplwG2T41xU8iorcflPihBlOX/YT9YoUxSZcsQPkQhAybsmI8S
tCVUdlRukuJwEMeDrYaP1ITixge+HFImLudZAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUjd8L0ZwqIP0N6vvRB99+CLyfMLQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2pkOEwwWndxSVAwTjZ2
dlJCOTktQ0x5Zk1MUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAIu0zKzBIVUZEBaOlUI4H7ed+Se+hPoF
k74g6G5ATV8hmHuq2G1dIouApvptb1q5EQFJC43/EpipVAjadwHmPqxXi7iy3A8P
Gpq/a1LLpHUpQIYGcFdX/18UipIiMhhEgZdoFhshihnssikOaAK1qRl9jeBJbeqS
pTy+6U5HV4aORXdn4JYUXM1Rpq0kRUXMSMtcBzZJWN3pyw7prDXmTLE9ZGtWAMx2
i20q01sfbyqwTuMcgQCxp068UmUgMfJzim7etaQDK/eUgvs+ZNcaa0xMQHKwjIps
JG6Yr4nGVMVKeQAbSQSsv8cL7/La78efqeeT1cQYpIsOQPshtsfLyi4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:42 2024 by rpki-client on console-fra.rpki-client.org