Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/n3huUQtxqwh-eRgRjSMkjryseYk.roa
File: n3huUQtxqwh-eRgRjSMkjryseYk.roa (raw, json)
Hash identifier: WI8xRlyKe+jDGAeK8Is2HPeWF/rfYErx3Ipn7az3vPg=
Subject key identifier: 9F:78:6E:51:0B:71:AB:08:7E:79:18:11:8D:23:24:8E:BC:AC:79:89
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 340B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/n3huUQtxqwh-eRgRjSMkjryseYk.roa
Signing time: Thu 28 Mar 2024 23:22:04 +0000
ROA not before: Thu 28 Mar 2024 23:22:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13323 (0x340b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 28 23:22:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9F786E510B71AB087E7918118D23248EBCAC7989
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:90:b9:d6:db:49:a3:52:c8:57:11:c3:2e:92:
4d:e8:c2:dd:f6:11:da:96:8c:e1:26:be:34:96:f6:
33:c3:b3:62:b6:b8:43:fd:4d:71:d9:0c:bc:e9:69:
0f:e1:73:7c:52:e3:9e:5b:ae:09:bb:16:5d:44:b9:
bc:da:4f:eb:c1:69:fd:13:bf:a2:94:0d:d6:8f:90:
ae:b2:d9:44:99:ba:3f:75:5a:e2:76:0e:4a:bf:cc:
1e:fd:d8:ce:18:b6:8d:0e:82:20:0d:a7:32:12:70:
fe:a3:52:cd:99:c2:d1:45:bd:f9:54:08:8a:ee:03:
4e:a5:50:1f:f3:0f:4f:d6:82:1d:24:cb:ef:88:54:
d0:df:5c:69:cd:d2:87:5c:65:35:ad:33:7d:a3:73:
57:46:48:4e:ab:d2:63:1e:0c:20:86:e6:44:8a:24:
82:38:43:1c:ae:77:eb:f7:4b:17:d8:e2:c7:9b:3a:
d8:9f:db:4a:54:3b:d3:19:99:30:06:60:6e:5c:72:
6d:61:0e:7a:02:f0:fe:76:05:18:1a:70:72:66:90:
95:c1:b6:29:e1:3e:28:de:8f:83:b9:1c:8b:7b:e9:
ab:0b:d5:7b:d5:31:7d:7f:07:ba:22:e6:2b:f4:de:
36:66:e5:66:bc:03:b3:48:5a:85:a5:15:5f:fa:2c:
b4:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:78:6E:51:0B:71:AB:08:7E:79:18:11:8D:23:24:8E:BC:AC:79:89
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/n3huUQtxqwh-eRgRjSMkjryseYk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
28:00:f3:e9:39:53:94:d6:67:6f:e3:02:09:6d:3d:47:3a:f7:
18:ca:d4:36:75:71:81:99:59:08:a7:79:30:09:e2:2a:57:f1:
98:be:2d:6d:fa:ab:33:a8:e8:bb:ef:0d:b3:60:c2:3c:8b:44:
9a:91:c5:50:06:2e:b5:00:3f:49:c1:89:c2:13:f2:09:65:d6:
0b:4d:c5:79:47:e6:5f:79:c0:1f:a3:e4:ac:40:a1:fa:34:e6:
6f:03:1f:ba:44:27:f6:70:85:0c:2f:35:17:02:7f:c7:9e:41:
e2:61:35:98:f3:e2:11:d7:ce:77:c9:83:39:24:b1:30:2f:cb:
c9:c4:73:53:da:b1:ff:d8:9b:37:a1:fe:e2:79:9a:d1:4e:9e:
c0:f3:8b:37:cb:c8:b1:9c:72:71:fb:5f:e1:0d:d6:cf:77:e2:
52:ee:35:76:f1:b0:f1:de:ba:84:55:ea:4f:5b:fb:d7:3a:d2:
d6:9d:70:c1:14:6b:32:63:ef:0b:5c:ac:51:24:28:6b:63:49:
6e:e2:b2:9a:41:6c:f3:98:3a:d1:f0:89:c1:a4:2d:d4:86:3e:
aa:ad:6d:67:97:60:bf:80:3d:4e:fc:c3:c2:c4:a2:11:c2:c4:
08:c8:a8:95:b7:ce:87:0c:f0:73:eb:46:ff:fd:1c:0e:fc:75:
38:3d:3b:2b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNAswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjgy
MzIyMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlGNzg2RTUxMEI3MUFC
MDg3RTc5MTgxMThEMjMyNDhFQkNBQzc5ODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCikLnW20mjUshXEcMukk3owt32EdqWjOEmvjSW9jPDs2K2uEP9
TXHZDLzpaQ/hc3xS455brgm7Fl1EubzaT+vBaf0Tv6KUDdaPkK6y2USZuj91WuJ2
Dkq/zB792M4Yto0OgiANpzIScP6jUs2ZwtFFvflUCIruA06lUB/zD0/Wgh0ky++I
VNDfXGnN0odcZTWtM32jc1dGSE6r0mMeDCCG5kSKJII4Qxyud+v3SxfY4sebOtif
20pUO9MZmTAGYG5ccm1hDnoC8P52BRgacHJmkJXBtinhPijej4O5HIt76asL1XvV
MX1/B7oi5iv03jZm5Wa8A7NIWoWlFV/6LLRxAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUn3huUQtxqwh+eRgRjSMkjryseYkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L24zaHVVUXR4cXdoLWVS
Z1JqU01ranJ5c2VZay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBACgA8+k5U5TWZ2/jAgltPUc69xjK1DZ1
cYGZWQineTAJ4ipX8Zi+LW36qzOo6LvvDbNgwjyLRJqRxVAGLrUAP0nBicIT8gll
1gtNxXlH5l95wB+j5KxAofo05m8DH7pEJ/ZwhQwvNRcCf8eeQeJhNZjz4hHXznfJ
gzkksTAvy8nEc1Pasf/Ymzeh/uJ5mtFOnsDzizfLyLGccnH7X+EN1s934lLuNXbx
sPHeuoRV6k9b+9c60tadcMEUazJj7wtcrFEkKGtjSW7isppBbPOYOtHwicGkLdSG
PqqtbWeXYL+APU78w8LEohHCxAjIqJW3zocM8HPrRv/9HA78dTg9Oys=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:08 2024 by rpki-client on console-ams.rpki-client.org