Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/lD2pF00NwrF4mCH_uHQzzE2cCws.roa
File: lD2pF00NwrF4mCH_uHQzzE2cCws.roa (raw, json)
Hash identifier: hO7lZCXNkdhrxGAxZTqMQvCexnTez9BJFmhF89wpneg=
Subject key identifier: 94:3D:A9:17:4D:0D:C2:B1:78:98:21:FF:B8:74:33:CC:4D:9C:0B:0B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 54F3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lD2pF00NwrF4mCH_uHQzzE2cCws.roa
Signing time: Sat 11 May 2024 20:24:04 +0000
ROA not before: Sat 11 May 2024 20:24:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21747 (0x54f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 11 20:24:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=943DA9174D0DC2B1789821FFB87433CC4D9C0B0B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:6f:bf:cb:14:7a:b5:8c:c9:47:ac:d8:a8:37:
8f:85:12:a1:c5:49:2b:bb:9a:ff:44:92:61:06:e9:
45:03:8f:cd:5e:94:22:9b:6b:8b:5b:d2:5c:59:ce:
15:4d:3d:d5:97:7b:4b:ff:8b:04:43:0f:08:03:9b:
43:fc:73:77:61:ba:08:eb:d9:d6:c4:3e:b0:66:56:
e1:e8:ed:ea:e4:30:6d:c4:d3:90:ba:fb:d6:85:73:
a1:7d:6e:ce:5e:c7:0a:68:7c:12:b9:96:9e:7d:4d:
a5:ba:81:85:54:5e:06:e2:6e:1b:95:d6:44:23:67:
92:67:b1:75:30:8f:52:cb:76:ce:e2:07:31:7d:bc:
47:47:31:96:0c:6d:2d:bb:a1:72:6d:d1:59:cd:4c:
18:a5:aa:e4:32:96:08:1b:14:b7:ee:2d:bc:22:20:
36:1a:e7:cc:ba:c3:b0:ad:b8:9b:56:38:55:1b:57:
99:8d:8c:19:1d:07:8a:b9:1d:eb:94:65:50:a5:72:
ed:d7:58:2d:13:5c:b3:ba:7b:f8:09:63:1c:5c:03:
1f:bb:cf:9b:73:ee:d3:95:ae:1b:4c:eb:ad:c0:a3:
e4:59:e9:00:1e:6d:c2:66:49:3e:d9:3b:30:67:fa:
00:7c:1d:44:11:67:88:01:24:4b:5c:4d:36:b7:c0:
99:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:3D:A9:17:4D:0D:C2:B1:78:98:21:FF:B8:74:33:CC:4D:9C:0B:0B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lD2pF00NwrF4mCH_uHQzzE2cCws.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
36:8e:15:e9:da:a2:ef:44:6d:14:08:f1:4e:60:a6:a9:de:f2:
b2:09:32:a5:aa:58:8f:72:d1:45:d2:12:94:d3:89:2a:97:06:
91:9c:a4:b3:57:cc:92:37:e0:75:01:a5:e2:4e:03:cd:80:92:
c5:e7:01:65:59:88:f5:b8:a2:7f:8f:af:78:0f:7f:35:7e:85:
97:54:ad:46:d3:94:31:16:b2:5a:9f:62:df:fc:c2:25:04:78:
e7:97:1f:03:42:b8:b4:40:0b:1d:86:6d:e2:45:0a:5e:4d:25:
b9:df:40:d0:9b:1e:4b:16:68:09:66:4a:b2:9c:06:15:25:db:
89:a1:0e:b6:c9:f3:0a:84:44:02:b4:66:c4:db:76:99:20:26:
01:1c:b8:48:bc:4d:b7:93:c2:35:04:9b:ea:28:ab:c8:68:4d:
0e:d2:53:f2:ff:cc:40:d9:49:8c:8a:82:d3:a1:50:23:18:9a:
e5:ba:a9:a3:40:e1:c7:9e:97:c1:2a:5a:34:8c:ec:52:87:8b:
da:3f:46:c2:04:b0:19:32:39:a4:2f:69:fb:56:a0:df:86:d9:
07:5c:a0:c4:e5:a7:06:18:21:f8:10:21:3b:29:40:41:11:2d:
ab:e3:cc:9e:76:a1:d6:1e:38:d5:eb:86:3e:e2:17:f8:f2:e1:
87:f7:05:54
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICVPMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTEy
MDI0MDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk0M0RBOTE3NEQwREMy
QjE3ODk4MjFGRkI4NzQzM0NDNEQ5QzBCMEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLb7/LFHq1jMlHrNioN4+FEqHFSSu7mv9EkmEG6UUDj81elCKb
a4tb0lxZzhVNPdWXe0v/iwRDDwgDm0P8c3dhugjr2dbEPrBmVuHo7erkMG3E05C6
+9aFc6F9bs5exwpofBK5lp59TaW6gYVUXgbibhuV1kQjZ5JnsXUwj1LLds7iBzF9
vEdHMZYMbS27oXJt0VnNTBilquQylggbFLfuLbwiIDYa58y6w7CtuJtWOFUbV5mN
jBkdB4q5HeuUZVClcu3XWC0TXLO6e/gJYxxcAx+7z5tz7tOVrhtM663Ao+RZ6QAe
bcJmST7ZOzBn+gB8HUQRZ4gBJEtcTTa3wJmrAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUlD2pF00NwrF4mCH/uHQzzE2cCwswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2xEMnBGMDBOd3JGNG1D
SF91SFF6ekUyY0N3cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBADaOFenaou9EbRQI8U5gpqne8rIJMqWq
WI9y0UXSEpTTiSqXBpGcpLNXzJI34HUBpeJOA82AksXnAWVZiPW4on+Pr3gPfzV+
hZdUrUbTlDEWslqfYt/8wiUEeOeXHwNCuLRACx2GbeJFCl5NJbnfQNCbHksWaAlm
SrKcBhUl24mhDrbJ8wqERAK0ZsTbdpkgJgEcuEi8TbeTwjUEm+ooq8hoTQ7SU/L/
zEDZSYyKgtOhUCMYmuW6qaNA4ceel8EqWjSM7FKHi9o/RsIEsBkyOaQvaftWoN+G
2QdcoMTlpwYYIfgQITspQEERLavjzJ52odYeONXrhj7iF/jy4Yf3BVQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:44 2024 by rpki-client on console-fra.rpki-client.org