Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/kPBqNdXS-TBzDU38day60WMPhdE.roa
File: kPBqNdXS-TBzDU38day60WMPhdE.roa (raw, json)
Hash identifier: 7JlAifhVlETqaGMq3G+AqVHXxSbMNQBuVjXvygYcuZU=
Subject key identifier: 90:F0:6A:35:D5:D2:F9:30:73:0D:4D:FC:75:AC:BA:D1:63:0F:85:D1
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 475F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kPBqNdXS-TBzDU38day60WMPhdE.roa
Signing time: Tue 23 Apr 2024 17:53:13 +0000
ROA not before: Tue 23 Apr 2024 17:53:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18271 (0x475f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 23 17:53:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=90F06A35D5D2F930730D4DFC75ACBAD1630F85D1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:dd:90:98:61:50:1f:78:ea:7f:f5:8d:53:f2:
17:64:b3:d6:51:3b:bd:c7:cf:8a:86:47:39:99:ad:
e1:a3:90:df:09:ea:15:5d:25:11:6d:d1:0f:e9:fa:
13:88:60:c0:8a:41:94:98:cb:07:d6:be:13:66:53:
4a:b7:f4:88:e3:1e:ee:63:fd:81:9a:51:3b:6d:0f:
77:38:2a:bb:65:0e:eb:10:4b:8b:d4:cb:2c:81:3d:
f8:95:b9:96:d1:a5:7a:15:20:1d:bc:7c:b5:bd:8e:
82:c9:c1:6d:85:3b:0d:75:04:a8:13:ca:d5:07:f8:
52:d1:5f:16:a7:d7:e8:6f:c7:b8:1f:6b:8e:15:85:
95:f9:be:6b:68:18:b5:f7:20:05:5d:3d:b2:24:4a:
30:be:3a:d9:23:3f:28:3e:8f:63:6d:8c:88:71:8d:
cd:f5:01:4e:81:07:55:e1:a3:04:b7:92:12:d0:18:
1c:e8:20:3b:e0:44:a9:85:e5:b8:0a:af:7c:25:cb:
d4:89:69:26:5b:fd:d5:a5:a0:aa:bd:2d:f0:61:54:
d0:6b:d5:d8:6a:39:ae:c0:b1:92:50:21:cc:2a:0f:
17:39:27:b1:7d:6c:30:c8:04:60:50:2c:f9:9a:0b:
19:4a:a0:a1:23:a2:57:dd:b5:31:ad:eb:97:39:53:
05:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:F0:6A:35:D5:D2:F9:30:73:0D:4D:FC:75:AC:BA:D1:63:0F:85:D1
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kPBqNdXS-TBzDU38day60WMPhdE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
52:34:ad:f0:00:12:f5:22:fe:61:2b:d7:e1:b7:ac:18:ed:a4:
52:82:88:32:2d:d4:8e:5b:3f:9c:b2:37:8c:23:01:18:4b:2c:
f6:8e:f2:c4:ff:43:1b:64:6d:6b:a8:24:ef:ad:00:f2:b2:97:
a1:b4:6b:1c:d2:03:71:3a:4f:73:1e:2e:52:48:37:1e:c8:7f:
56:3c:dd:14:7d:bf:df:2c:51:0c:3d:6c:4a:48:43:e3:34:ff:
9d:25:ef:62:aa:63:ba:6b:41:36:fc:9c:fc:ec:7b:78:03:f2:
5c:bf:7b:df:1d:87:b3:4f:95:50:10:46:d9:5b:e9:e3:c4:21:
fb:b0:74:ee:6e:24:2e:a6:8c:d5:c8:dc:b7:60:a0:62:4d:b5:
69:e0:96:25:bc:e8:84:2d:76:2a:44:dc:36:94:b4:96:bd:0a:
8e:d0:e5:4d:ef:30:8d:bb:41:8e:85:1f:dc:74:a2:fa:4f:3d:
6f:54:5b:ae:e7:4d:c4:c6:5f:6b:3c:d3:33:43:cc:23:a7:ae:
51:ae:8d:c1:4a:44:cc:ab:0a:53:67:c6:43:8b:70:c4:7b:4d:
d3:d3:b0:de:b9:0f:f9:d5:9c:74:c7:6c:dc:80:2f:99:5d:de:
f1:26:91:85:ec:d4:76:b3:7a:7d:10:9b:b4:ba:1e:a9:de:73:
d0:87:eb:26
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICR18wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjMx
NzUzMTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkwRjA2QTM1RDVEMkY5
MzA3MzBENERGQzc1QUNCQUQxNjMwRjg1RDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC43ZCYYVAfeOp/9Y1T8hdks9ZRO73Hz4qGRzmZreGjkN8J6hVd
JRFt0Q/p+hOIYMCKQZSYywfWvhNmU0q39IjjHu5j/YGaUTttD3c4KrtlDusQS4vU
yyyBPfiVuZbRpXoVIB28fLW9joLJwW2FOw11BKgTytUH+FLRXxan1+hvx7gfa44V
hZX5vmtoGLX3IAVdPbIkSjC+OtkjPyg+j2NtjIhxjc31AU6BB1XhowS3khLQGBzo
IDvgRKmF5bgKr3wly9SJaSZb/dWloKq9LfBhVNBr1dhqOa7AsZJQIcwqDxc5J7F9
bDDIBGBQLPmaCxlKoKEjolfdtTGt65c5UwXVAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUkPBqNdXS+TBzDU38day60WMPhdEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2tQQnFOZFhTLVRCekRV
MzhkYXk2MFdNUGhkRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFI0rfAAEvUi/mEr1+G3rBjtpFKCiDIt
1I5bP5yyN4wjARhLLPaO8sT/QxtkbWuoJO+tAPKyl6G0axzSA3E6T3MeLlJINx7I
f1Y83RR9v98sUQw9bEpIQ+M0/50l72KqY7prQTb8nPzse3gD8ly/e98dh7NPlVAQ
Rtlb6ePEIfuwdO5uJC6mjNXI3LdgoGJNtWngliW86IQtdipE3DaUtJa9Co7Q5U3v
MI27QY6FH9x0ovpPPW9UW67nTcTGX2s80zNDzCOnrlGujcFKRMyrClNnxkOLcMR7
TdPTsN65D/nVnHTHbNyAL5ld3vEmkYXs1Hazen0Qm7S6Hqnec9CH6yY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:05 2024 by rpki-client on console-ams.rpki-client.org