Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/lmw1QDsHOfrG9cP4EGaR2y50Jak.roa
File: lmw1QDsHOfrG9cP4EGaR2y50Jak.roa (raw, json)
Hash identifier: R3yHZ4JUb+rFXF15OC5CybPAcknMBNBHBDCSbVK3MHk=
Subject key identifier: 96:6C:35:40:3B:07:39:FA:C6:F5:C3:F8:10:66:91:DB:2E:74:25:A9
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 404B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lmw1QDsHOfrG9cP4EGaR2y50Jak.roa
Signing time: Sun 14 Apr 2024 07:22:52 +0000
ROA not before: Sun 14 Apr 2024 07:22:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16459 (0x404b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 07:22:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=966C35403B0739FAC6F5C3F8106691DB2E7425A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f1:f3:93:41:01:a2:e0:69:df:ae:ba:89:f0:
a1:56:88:b5:fd:3b:aa:8d:3a:e2:84:f1:0e:ed:3f:
51:09:e4:f1:d1:cd:e8:8b:44:d9:60:b6:aa:2b:a0:
d3:2d:c5:ee:c4:c1:a4:ec:c0:c1:fa:c4:c0:7c:b0:
34:20:78:3d:a2:48:7b:11:7f:24:ef:b6:82:a8:3a:
bc:d5:fa:11:51:b1:d6:d9:f3:1c:2d:59:d2:d0:0b:
9b:85:07:46:a0:f1:e8:f3:fe:fe:14:9f:da:27:65:
de:86:56:f3:5c:50:8b:6f:fd:e6:24:c6:eb:d2:89:
cc:4c:6c:11:e2:33:df:96:9f:e1:88:48:0f:0c:3d:
8c:be:fd:2c:1a:a2:65:0d:37:a7:7e:1a:c5:09:f5:
c6:b7:02:8b:83:81:fe:5a:83:b4:90:a1:11:36:75:
01:19:37:ee:3d:68:cd:a7:d9:1f:24:92:8f:a2:d0:
8e:da:1c:bc:28:eb:1c:5b:09:51:2e:09:33:5b:96:
3c:76:7f:1b:9a:7b:a6:00:eb:3b:da:a3:30:43:17:
96:c4:67:37:2d:f2:df:73:27:ed:cb:ec:93:bf:c5:
c8:4e:54:2a:6b:a6:39:0a:1d:1d:dd:07:ef:32:25:
b2:ca:c9:89:5c:7e:2e:95:c9:d4:fc:1c:5f:33:67:
1b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:6C:35:40:3B:07:39:FA:C6:F5:C3:F8:10:66:91:DB:2E:74:25:A9
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lmw1QDsHOfrG9cP4EGaR2y50Jak.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
31:bd:d9:fb:56:61:74:66:da:ed:a8:4a:92:28:68:14:38:71:
82:93:ca:bf:79:e0:27:3c:e7:91:f9:39:84:e0:2e:50:49:40:
a0:6a:36:f7:51:8f:36:5b:44:7d:ab:a1:85:65:84:f6:06:74:
cf:5e:93:d7:6f:58:41:d0:c2:b4:8d:49:57:92:86:8f:f2:f1:
f1:32:7a:f5:33:5b:9d:23:69:d1:28:7f:7d:c1:e9:ca:7c:fc:
e1:22:92:04:04:dd:2f:f3:2c:71:06:5f:65:c0:cb:a4:b5:b4:
a9:a1:96:cd:ad:00:2b:11:b6:15:db:f5:45:ed:16:61:09:94:
b1:cd:d6:35:17:93:17:de:a2:19:24:3c:cc:45:76:2e:89:cc:
0b:f7:07:c6:0a:b7:3d:98:ea:33:30:3a:a7:17:b8:ff:c6:60:
ae:f0:08:a6:15:2f:ea:c2:74:52:f9:85:27:b6:1f:47:32:6b:
00:d7:60:e9:b3:37:34:b6:67:68:d2:c0:ed:28:db:91:0c:3e:
76:b9:ed:14:3d:65:7a:78:4f:5a:08:e8:6e:98:fd:6f:69:c9:
71:0b:bf:16:1a:de:ae:bf:1f:76:58:ce:63:13:8d:95:98:6c:
59:79:a1:0a:87:6e:b8:80:66:e6:7f:69:06:15:56:23:f6:62:
91:26:6e:cd
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQEswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQw
NzIyNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk2NkMzNTQwM0IwNzM5
RkFDNkY1QzNGODEwNjY5MURCMkU3NDI1QTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCz8fOTQQGi4GnfrrqJ8KFWiLX9O6qNOuKE8Q7tP1EJ5PHRzeiL
RNlgtqoroNMtxe7EwaTswMH6xMB8sDQgeD2iSHsRfyTvtoKoOrzV+hFRsdbZ8xwt
WdLQC5uFB0ag8ejz/v4Un9onZd6GVvNcUItv/eYkxuvSicxMbBHiM9+Wn+GISA8M
PYy+/SwaomUNN6d+GsUJ9ca3AouDgf5ag7SQoRE2dQEZN+49aM2n2R8kko+i0I7a
HLwo6xxbCVEuCTNbljx2fxuae6YA6zvaozBDF5bEZzct8t9zJ+3L7JO/xchOVCpr
pjkKHR3dB+8yJbLKyYlcfi6VydT8HF8zZxu9AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUlmw1QDsHOfrG9cP4EGaR2y50JakwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2xtdzFRRHNIT2ZyRzlj
UDRFR2FSMnk1MEphay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBADG92ftWYXRm2u2oSpIoaBQ4cYKTyr95
4Cc855H5OYTgLlBJQKBqNvdRjzZbRH2roYVlhPYGdM9ek9dvWEHQwrSNSVeSho/y
8fEyevUzW50jadEof33B6cp8/OEikgQE3S/zLHEGX2XAy6S1tKmhls2tACsRthXb
9UXtFmEJlLHN1jUXkxfeohkkPMxFdi6JzAv3B8YKtz2Y6jMwOqcXuP/GYK7wCKYV
L+rCdFL5hSe2H0cyawDXYOmzNzS2Z2jSwO0o25EMPna57RQ9ZXp4T1oI6G6Y/W9p
yXELvxYa3q6/H3ZYzmMTjZWYbFl5oQqHbriAZuZ/aQYVViP2YpEmbs0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:44 2024 by rpki-client on console-fra.rpki-client.org