Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/qivfFKhcYfmFMBNhipPIHBtCiw8.roa
File: qivfFKhcYfmFMBNhipPIHBtCiw8.roa (raw, json)
Hash identifier: hHyifzDzJ0sMSGmB3W2S3EdfSDMkF1n5xPSucY6nHpE=
Subject key identifier: AA:2B:DF:14:A8:5C:61:F9:85:30:13:61:8A:93:C8:1C:1B:42:8B:0F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4053
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/qivfFKhcYfmFMBNhipPIHBtCiw8.roa
Signing time: Sun 14 Apr 2024 08:22:53 +0000
ROA not before: Sun 14 Apr 2024 08:22:53 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16467 (0x4053)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 08:22:53 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AA2BDF14A85C61F9853013618A93C81C1B428B0F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:dd:c4:e1:b9:7b:96:3d:18:64:66:4e:b7:59:
08:e7:89:29:04:5f:23:5c:1e:33:63:8d:68:11:b8:
a5:e3:8f:65:2a:5d:6f:52:41:7c:21:6f:fa:4e:c2:
19:0c:0a:58:95:f1:b3:c1:be:7a:bb:99:52:60:5c:
5e:89:21:e0:eb:83:3e:7f:b8:f5:89:0f:34:2b:10:
72:4b:46:89:cb:4c:ff:5d:37:80:ca:66:e6:f4:97:
66:e7:7a:a6:98:96:a3:d5:36:d4:c2:32:0d:6a:e6:
a4:60:13:52:f1:0a:9a:e3:ee:e8:4f:28:ac:9e:29:
02:ef:34:23:19:eb:2d:7e:3f:3a:0f:67:d7:fc:d6:
b8:aa:19:99:19:12:44:16:eb:89:c0:58:7d:48:c7:
10:50:65:a7:e1:48:88:46:18:7b:ee:42:2a:83:d0:
55:81:e2:0f:41:27:c1:5f:be:90:23:b9:b1:e0:9c:
c7:62:1e:86:e3:1c:d3:0d:36:07:dd:b1:7c:4d:ff:
ec:fd:b1:99:ee:b4:c0:6a:12:76:e0:e6:9a:84:80:
b0:1e:74:b3:11:fb:31:a0:9f:8a:44:e0:15:0b:43:
fa:be:11:74:1e:7d:79:02:a5:90:d5:d0:e2:14:44:
4d:bc:92:6c:f8:27:bf:27:2f:dd:d6:32:cc:48:f0:
84:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:2B:DF:14:A8:5C:61:F9:85:30:13:61:8A:93:C8:1C:1B:42:8B:0F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/qivfFKhcYfmFMBNhipPIHBtCiw8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
b4:88:ca:66:86:ba:63:a8:30:21:1e:7a:81:0f:34:79:72:70:
c5:3c:03:a0:04:8e:64:62:23:b9:ca:50:30:c3:56:88:72:d0:
ef:17:ba:a3:5e:a6:65:f4:09:84:38:57:3a:09:94:bb:77:d5:
f2:dd:59:3c:28:74:6f:a9:32:6e:98:f3:f3:86:fa:8e:94:f2:
96:a5:a7:3b:29:23:6f:e1:ee:0d:f7:31:d7:06:c9:4b:93:1a:
e1:c8:c8:a2:06:3b:e9:dd:d1:2e:b9:4c:51:eb:9c:d1:86:59:
0d:c1:81:8e:99:85:04:ad:bb:6f:07:4c:56:3e:96:6d:d1:15:
60:44:8f:4a:ba:cb:05:d3:45:17:65:74:73:70:ce:b8:67:5b:
98:18:35:1a:46:2e:5b:2b:c1:8d:ff:27:84:4c:32:f3:9e:9e:
cb:e3:e9:a3:b0:88:12:50:ac:79:a8:1c:f7:88:42:25:e3:33:
96:80:4f:79:82:91:16:ad:df:f0:18:3f:69:7f:0f:a1:52:59:
15:5b:7c:4a:b9:6e:6a:2b:85:c4:4e:cd:68:f8:5f:81:98:9c:
b9:78:f2:c8:91:da:7c:a9:3e:31:c8:ef:b0:37:6a:27:28:3e:
2c:64:5d:a8:0a:43:b6:7e:92:f6:73:4a:1d:52:55:59:d8:1f:
47:50:c8:58
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQFMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQw
ODIyNTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFBMkJERjE0QTg1QzYx
Rjk4NTMwMTM2MThBOTNDODFDMUI0MjhCMEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCm3cThuXuWPRhkZk63WQjniSkEXyNcHjNjjWgRuKXjj2UqXW9S
QXwhb/pOwhkMCliV8bPBvnq7mVJgXF6JIeDrgz5/uPWJDzQrEHJLRonLTP9dN4DK
Zub0l2bneqaYlqPVNtTCMg1q5qRgE1LxCprj7uhPKKyeKQLvNCMZ6y1+PzoPZ9f8
1riqGZkZEkQW64nAWH1IxxBQZafhSIhGGHvuQiqD0FWB4g9BJ8FfvpAjubHgnMdi
HobjHNMNNgfdsXxN/+z9sZnutMBqEnbg5pqEgLAedLMR+zGgn4pE4BULQ/q+EXQe
fXkCpZDV0OIURE28kmz4J78nL93WMsxI8ITDAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUqivfFKhcYfmFMBNhipPIHBtCiw8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3FpdmZGS2hjWWZtRk1C
TmhpcFBJSEJ0Q2l3OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALSIymaGumOoMCEeeoEPNHlycMU8A6AE
jmRiI7nKUDDDVohy0O8XuqNepmX0CYQ4VzoJlLt31fLdWTwodG+pMm6Y8/OG+o6U
8palpzspI2/h7g33MdcGyUuTGuHIyKIGO+nd0S65TFHrnNGGWQ3BgY6ZhQStu28H
TFY+lm3RFWBEj0q6ywXTRRdldHNwzrhnW5gYNRpGLlsrwY3/J4RMMvOensvj6aOw
iBJQrHmoHPeIQiXjM5aAT3mCkRat3/AYP2l/D6FSWRVbfEq5bmorhcROzWj4X4GY
nLl48siR2nypPjHI77A3aicoPixkXagKQ7Z+kvZzSh1SVVnYH0dQyFg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:48 2024 by rpki-client on console-fra.rpki-client.org