Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/kMrZAYu9DhswsGSEab4FyfyTOeQ.roa
File: kMrZAYu9DhswsGSEab4FyfyTOeQ.roa (raw, json)
Hash identifier: nRM1y89BdgUlA/LBVWOnPNqIfBoGYdAI/0qhr9HboB0=
Subject key identifier: 90:CA:D9:01:8B:BD:0E:1B:30:B0:64:84:69:BE:05:C9:FC:93:39:E4
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3617
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kMrZAYu9DhswsGSEab4FyfyTOeQ.roa
Signing time: Sun 31 Mar 2024 16:52:36 +0000
ROA not before: Sun 31 Mar 2024 16:52:36 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13847 (0x3617)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 16:52:36 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=90CAD9018BBD0E1B30B0648469BE05C9FC9339E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d9:a9:54:b6:ae:1e:55:ca:a6:92:b5:2f:ea:
3b:1c:c1:b0:9f:82:68:8d:e8:3e:aa:a5:f5:81:19:
30:35:24:fc:88:ab:2a:f3:07:44:ef:42:d7:b1:4d:
9e:33:56:09:8c:56:6a:a4:81:0a:40:ac:ae:62:53:
d6:26:ee:0b:31:a6:d9:ca:5d:f1:ce:f0:f0:63:90:
10:04:4a:b7:fe:59:e3:9d:ff:0d:d6:68:7c:f2:7c:
2f:e3:8f:41:19:c6:ad:5c:fe:da:6b:4b:32:a6:42:
e0:b6:27:89:04:4b:0a:f1:bd:ff:69:59:d2:80:b8:
39:ef:77:79:22:41:ac:55:25:e6:56:92:86:e4:b6:
eb:79:27:3e:06:43:5d:ca:9b:23:15:c3:fa:4f:57:
da:a8:a1:b7:a9:2e:ed:68:26:9d:04:8f:2b:c1:85:
7f:c3:92:2b:14:b2:1b:da:19:ef:5f:53:88:87:f8:
57:d9:ed:77:dd:0f:8b:d0:1b:aa:81:93:c9:57:fe:
9d:ee:64:8e:7e:37:ab:f3:d8:c5:77:1b:65:cf:be:
6b:68:b0:fb:6f:74:5f:54:f5:ed:a3:c2:af:c0:bf:
1d:03:98:be:3f:f9:2a:e2:a2:44:47:24:98:30:93:
98:8c:fe:55:e2:1c:30:17:a2:fa:57:c1:39:8d:a9:
b7:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:CA:D9:01:8B:BD:0E:1B:30:B0:64:84:69:BE:05:C9:FC:93:39:E4
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kMrZAYu9DhswsGSEab4FyfyTOeQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
47:74:ee:81:64:31:fc:23:59:1f:f6:be:cc:1e:0c:26:ba:7b:
b2:00:c7:07:a9:60:50:dc:d5:2e:22:20:b4:00:d0:79:26:33:
75:87:9e:a6:9f:0c:1b:39:52:76:df:b8:78:c1:e2:8d:4f:6d:
a3:28:de:83:5e:b7:bf:e2:e9:67:2c:2d:b7:8b:f6:d7:ca:78:
be:2c:5b:69:58:1e:f1:dd:09:1c:14:66:6a:4f:51:43:b2:66:
86:b0:01:56:44:1a:44:40:c3:fb:17:77:a7:1f:3a:14:95:a1:
8d:c7:5a:5c:e5:01:19:ef:cb:51:9f:6d:15:11:04:1d:39:eb:
48:db:bd:3d:b1:95:9a:56:a3:40:0d:c1:91:f6:8b:3d:9e:04:
0c:8c:82:eb:ca:b3:39:ed:a1:0b:25:51:e5:fa:ae:e6:25:8f:
55:57:35:31:28:85:8c:ee:43:7f:9c:30:c4:72:c4:e5:1e:e0:
9b:b5:bc:b1:54:4d:c0:da:dc:8f:71:76:51:69:2f:c2:ba:46:
7d:bb:f5:f7:74:05:e9:f4:17:20:54:29:9c:a3:cf:70:8f:b5:
eb:b1:e2:1f:4b:6a:85:01:e4:5d:f0:ff:f4:ea:60:db:36:df:
0b:ab:c4:f0:02:84:6f:5d:94:23:c9:5b:6c:7a:5d:58:92:de:
de:04:74:37
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNhcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEx
NjUyMzZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkwQ0FEOTAxOEJCRDBF
MUIzMEIwNjQ4NDY5QkUwNUM5RkM5MzM5RTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDE2alUtq4eVcqmkrUv6jscwbCfgmiN6D6qpfWBGTA1JPyIqyrz
B0TvQtexTZ4zVgmMVmqkgQpArK5iU9Ym7gsxptnKXfHO8PBjkBAESrf+WeOd/w3W
aHzyfC/jj0EZxq1c/tprSzKmQuC2J4kESwrxvf9pWdKAuDnvd3kiQaxVJeZWkobk
tut5Jz4GQ13KmyMVw/pPV9qoobepLu1oJp0EjyvBhX/DkisUshvaGe9fU4iH+FfZ
7XfdD4vQG6qBk8lX/p3uZI5+N6vz2MV3G2XPvmtosPtvdF9U9e2jwq/Avx0DmL4/
+SriokRHJJgwk5iM/lXiHDAXovpXwTmNqbcRAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUkMrZAYu9DhswsGSEab4FyfyTOeQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2tNclpBWXU5RGhzd3NH
U0VhYjRGeWZ5VE9lUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAEd07oFkMfwjWR/2vsweDCa6e7IAxwep
YFDc1S4iILQA0HkmM3WHnqafDBs5UnbfuHjB4o1PbaMo3oNet7/i6WcsLbeL9tfK
eL4sW2lYHvHdCRwUZmpPUUOyZoawAVZEGkRAw/sXd6cfOhSVoY3HWlzlARnvy1Gf
bRURBB0560jbvT2xlZpWo0ANwZH2iz2eBAyMguvKszntoQslUeX6ruYlj1VXNTEo
hYzuQ3+cMMRyxOUe4Ju1vLFUTcDa3I9xdlFpL8K6Rn279fd0Ben0FyBUKZyjz3CP
teux4h9LaoUB5F3w//TqYNs23wurxPAChG9dlCPJW2x6XViS3t4EdDc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:05 2024 by rpki-client on console-ams.rpki-client.org