Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ndMr4FRO_c7lmAJdOY_79Z4R-_Q.roa
File: ndMr4FRO_c7lmAJdOY_79Z4R-_Q.roa (raw, json)
Hash identifier: R/a+nGmofDTHtOHD8MmA3BSKCNGHyJ4bNardoocAcUQ=
Subject key identifier: 9D:D3:2B:E0:54:4E:FD:CE:E5:98:02:5D:39:8F:FB:F5:9E:11:FB:F4
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3DFB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ndMr4FRO_c7lmAJdOY_79Z4R-_Q.roa
Signing time: Thu 11 Apr 2024 05:22:46 +0000
ROA not before: Thu 11 Apr 2024 05:22:46 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15867 (0x3dfb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 11 05:22:46 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9DD32BE0544EFDCEE598025D398FFBF59E11FBF4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:70:cc:66:2e:2e:cf:ee:81:2c:d4:41:2a:0a:
b0:2f:bc:05:98:24:06:0e:0a:ca:d7:33:da:76:1d:
f1:39:67:d2:5a:34:f8:33:22:51:e9:58:3f:46:10:
ea:a2:6b:1c:60:bb:e0:ae:c9:ea:59:50:28:9b:10:
e2:d4:69:3c:7b:95:dc:24:11:5e:d4:f5:1a:9d:6b:
67:1b:c2:21:51:7c:f5:4c:3c:b6:b1:0a:ca:9c:4b:
bb:7e:9d:7b:cf:b5:75:f4:d7:46:7a:2f:8d:6e:51:
41:a3:4d:94:ed:5c:f3:84:6e:62:5b:79:63:80:1c:
4d:80:c6:67:14:97:06:85:e0:c5:1f:c3:fa:2c:71:
a7:d1:89:0d:4e:d2:c7:5e:22:7c:f2:13:2b:32:78:
09:9d:95:ce:0f:d6:ff:77:e7:89:a8:67:bc:3c:de:
8a:33:8a:d3:37:89:42:0e:e6:8b:c3:31:e6:19:76:
53:22:8f:10:e1:89:9c:e4:65:82:2e:9d:30:29:a6:
03:69:d2:4e:8f:af:af:45:16:6c:2e:03:f1:74:0e:
d3:63:b1:f2:55:1f:51:5e:87:b8:7f:26:ac:79:20:
61:4a:8c:cf:4b:c4:88:c7:d5:e1:04:ce:92:8c:7b:
22:64:44:cd:88:81:1f:ce:71:df:9a:dc:0a:8a:e1:
8b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:D3:2B:E0:54:4E:FD:CE:E5:98:02:5D:39:8F:FB:F5:9E:11:FB:F4
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ndMr4FRO_c7lmAJdOY_79Z4R-_Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
73:51:52:ea:c3:1e:de:59:2b:bb:cf:e5:43:12:84:97:a4:75:
12:9e:e6:5d:7c:11:c6:36:10:29:46:86:d8:8c:62:7f:0c:d0:
ca:f5:a2:ac:3b:54:9c:18:8a:65:ea:60:22:82:02:18:ad:dc:
e1:ec:13:5b:c3:b7:35:ce:04:c9:d6:f1:cb:91:ea:dc:f0:96:
bd:19:a9:bd:7d:f4:ea:0b:a6:3a:41:ea:4a:c0:7b:0d:6a:17:
62:6c:7f:e9:5c:bc:31:61:3e:0d:b8:24:b6:15:54:2e:73:04:
67:cd:6e:ee:7a:3f:af:ee:3e:ee:e3:61:1b:63:e5:cd:0a:39:
86:8f:50:38:76:81:46:73:a6:5c:c6:b9:95:c1:68:8f:ff:09:
58:ae:ef:f3:72:d3:0e:f3:68:7f:a6:b7:bf:b4:35:5a:d3:c2:
8c:5d:7b:68:74:8a:ff:19:d2:06:f2:01:8b:7e:ef:1f:07:dc:
54:a4:a2:ad:7f:9f:a4:81:c3:64:66:27:ae:1d:90:7f:46:39:
1f:a2:78:d9:2e:ab:4f:4a:78:4f:17:83:d7:e3:8b:d4:8d:ae:
f0:ce:b0:e4:f8:66:e5:4b:1d:2c:26:46:4f:56:b0:0a:48:5d:
a1:0e:35:59:3c:9c:17:a8:a8:b5:57:bf:c8:e2:1b:be:31:dd:
4d:1c:24:be
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPfswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTEw
NTIyNDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlERDMyQkUwNTQ0RUZE
Q0VFNTk4MDI1RDM5OEZGQkY1OUUxMUZCRjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/cMxmLi7P7oEs1EEqCrAvvAWYJAYOCsrXM9p2HfE5Z9JaNPgz
IlHpWD9GEOqiaxxgu+CuyepZUCibEOLUaTx7ldwkEV7U9Rqda2cbwiFRfPVMPLax
CsqcS7t+nXvPtXX010Z6L41uUUGjTZTtXPOEbmJbeWOAHE2AxmcUlwaF4MUfw/os
cafRiQ1O0sdeInzyEysyeAmdlc4P1v9354moZ7w83oozitM3iUIO5ovDMeYZdlMi
jxDhiZzkZYIunTAppgNp0k6Pr69FFmwuA/F0DtNjsfJVH1Feh7h/Jqx5IGFKjM9L
xIjH1eEEzpKMeyJkRM2IgR/Ocd+a3AqK4YtLAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUndMr4FRO/c7lmAJdOY/79Z4R+/QwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L25kTXI0RlJPX2M3bG1B
SmRPWV83OVo0Ui1fUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAHNRUurDHt5ZK7vP5UMShJekdRKe5l18
EcY2EClGhtiMYn8M0Mr1oqw7VJwYimXqYCKCAhit3OHsE1vDtzXOBMnW8cuR6tzw
lr0Zqb199OoLpjpB6krAew1qF2Jsf+lcvDFhPg24JLYVVC5zBGfNbu56P6/uPu7j
YRtj5c0KOYaPUDh2gUZzplzGuZXBaI//CViu7/Ny0w7zaH+mt7+0NVrTwoxde2h0
iv8Z0gbyAYt+7x8H3FSkoq1/n6SBw2RmJ64dkH9GOR+ieNkuq09KeE8Xg9fji9SN
rvDOsOT4ZuVLHSwmRk9WsApIXaEONVk8nBeoqLVXv8jiG74x3U0cJL4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:09 2024 by rpki-client on console-ams.rpki-client.org