Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/kTsfyvAWyomp5nhbD1qhj2ggFik.roa
File: kTsfyvAWyomp5nhbD1qhj2ggFik.roa (raw, json)
Hash identifier: ou/F01IrT6KVUbirtLz7llPQXVA27vZn9rBkPFnZRUI=
Subject key identifier: 91:3B:1F:CA:F0:16:CA:89:A9:E6:78:5B:0F:5A:A1:8F:68:20:16:29
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3F3B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kTsfyvAWyomp5nhbD1qhj2ggFik.roa
Signing time: Fri 12 Apr 2024 21:22:49 +0000
ROA not before: Fri 12 Apr 2024 21:22:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16187 (0x3f3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 12 21:22:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=913B1FCAF016CA89A9E6785B0F5AA18F68201629
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:77:de:a1:bc:b9:73:db:44:3b:53:05:39:8c:
50:ec:44:f3:06:85:d1:cd:dc:47:c8:dd:71:b1:89:
cc:a7:46:4c:12:07:92:16:4e:12:29:3b:e8:ca:88:
bd:3d:d3:f6:a8:46:79:a3:47:ac:0d:da:29:34:a0:
7c:27:a9:e8:3b:55:03:47:41:75:91:63:c0:be:ea:
33:27:9a:14:c7:e4:c3:33:ef:2e:ff:f8:12:f3:0d:
b9:b5:3f:a5:21:4a:0d:d7:0b:ec:4d:4e:d4:81:9b:
66:78:6f:a3:b6:54:bb:08:c6:5b:0e:b7:69:61:27:
03:cd:86:ef:06:cb:01:ba:f1:3d:9a:b0:d1:fd:8e:
d9:1d:68:b0:e5:b0:10:0d:53:5e:8d:3c:2b:f3:96:
41:7c:bd:d1:4f:02:19:98:52:c1:30:89:bf:d3:d1:
78:cf:a4:3d:7a:03:05:ec:40:2b:33:b4:82:74:de:
69:47:e8:92:a8:17:97:7d:1f:e9:a0:09:7c:c4:1f:
f5:27:17:81:1f:bc:82:e6:e4:8d:f0:0b:db:50:c0:
b1:3c:6e:3c:de:b2:3e:e5:6e:3c:66:a4:a4:0f:23:
61:eb:6f:8a:a8:95:40:1a:e7:ea:29:b5:36:b1:be:
f7:63:6b:78:bc:0a:ea:b0:f4:9f:61:3f:78:eb:d6:
2e:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:3B:1F:CA:F0:16:CA:89:A9:E6:78:5B:0F:5A:A1:8F:68:20:16:29
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/kTsfyvAWyomp5nhbD1qhj2ggFik.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
6a:c9:76:bd:66:a5:5c:e5:a7:b2:20:44:f4:f2:b5:fa:39:37:
ea:34:b3:a6:ab:49:a4:16:9f:1f:c2:01:42:20:36:70:f7:41:
f4:57:25:41:78:db:90:2e:58:50:c2:71:2d:a1:94:88:cd:f0:
41:3a:81:e8:31:47:bf:ed:71:3e:e6:59:7d:17:b4:95:69:82:
ba:89:25:db:1e:a3:70:53:d4:3e:e0:64:99:b9:be:04:1f:0e:
28:01:57:7b:12:25:52:59:1f:91:45:d6:be:84:82:de:5e:89:
86:fc:b1:03:69:be:52:66:40:aa:55:51:0e:df:9f:b7:65:b9:
de:de:a9:9f:a4:83:06:10:4e:0b:55:65:30:6e:bf:25:16:ae:
cf:e5:0d:17:de:cc:24:ca:9a:e7:7b:4a:5c:0b:47:8f:c9:13:
e6:11:cc:04:42:db:57:65:f2:15:43:1e:5d:b8:0a:4b:c4:86:
49:48:76:89:a9:e4:3f:41:94:14:2b:42:21:41:95:9d:19:4b:
b2:b0:ed:17:a3:a9:36:7d:81:23:3b:1a:a4:c0:b9:8a:c2:52:
04:5f:1e:65:72:b3:a1:de:c2:12:78:6c:49:14:68:87:96:d1:
00:96:97:0f:b8:27:e9:15:d4:df:f1:20:1f:16:38:8d:4a:ff:
26:19:b4:07
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPzswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTIy
MTIyNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkxM0IxRkNBRjAxNkNB
ODlBOUU2Nzg1QjBGNUFBMThGNjgyMDE2MjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQd96hvLlz20Q7UwU5jFDsRPMGhdHN3EfI3XGxicynRkwSB5IW
ThIpO+jKiL090/aoRnmjR6wN2ik0oHwnqeg7VQNHQXWRY8C+6jMnmhTH5MMz7y7/
+BLzDbm1P6UhSg3XC+xNTtSBm2Z4b6O2VLsIxlsOt2lhJwPNhu8GywG68T2asNH9
jtkdaLDlsBANU16NPCvzlkF8vdFPAhmYUsEwib/T0XjPpD16AwXsQCsztIJ03mlH
6JKoF5d9H+mgCXzEH/UnF4EfvILm5I3wC9tQwLE8bjzesj7lbjxmpKQPI2Hrb4qo
lUAa5+optTaxvvdja3i8Cuqw9J9hP3jr1i6tAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUkTsfyvAWyomp5nhbD1qhj2ggFikwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2tUc2Z5dkFXeW9tcDVu
aGJEMXFoajJnZ0Zpay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAGrJdr1mpVzlp7IgRPTytfo5N+o0s6ar
SaQWnx/CAUIgNnD3QfRXJUF425AuWFDCcS2hlIjN8EE6gegxR7/tcT7mWX0XtJVp
grqJJdseo3BT1D7gZJm5vgQfDigBV3sSJVJZH5FF1r6Egt5eiYb8sQNpvlJmQKpV
UQ7fn7dlud7eqZ+kgwYQTgtVZTBuvyUWrs/lDRfezCTKmud7SlwLR4/JE+YRzARC
21dl8hVDHl24CkvEhklIdomp5D9BlBQrQiFBlZ0ZS7Kw7RejqTZ9gSM7GqTAuYrC
UgRfHmVys6HewhJ4bEkUaIeW0QCWlw+4J+kV1N/xIB8WOI1K/yYZtAc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:43 2024 by rpki-client on console-fra.rpki-client.org