Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/qjIwV25VmPIX9mDZUYkcOGk6FFQ.roa
File: qjIwV25VmPIX9mDZUYkcOGk6FFQ.roa (raw, json)
Hash identifier: cVYyV1pAiXJMuuvMJ1pgCSU4T94bBaqucuf6ei7u5kA=
Subject key identifier: AA:32:30:57:6E:55:98:F2:17:F6:60:D9:51:89:1C:38:69:3A:14:54
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 52EB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/qjIwV25VmPIX9mDZUYkcOGk6FFQ.roa
Signing time: Thu 09 May 2024 03:24:02 +0000
ROA not before: Thu 09 May 2024 03:24:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21227 (0x52eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 9 03:24:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AA3230576E5598F217F660D951891C38693A1454
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:9f:32:b6:4c:4d:e4:92:96:ec:73:4a:a2:e8:
29:2e:95:54:37:5a:2b:95:67:4c:33:11:93:3a:b3:
8e:e0:ec:08:a9:c3:df:84:68:ee:4b:c8:00:19:3a:
a9:d9:2d:0c:aa:f5:8f:90:e7:77:82:3d:1d:4e:ca:
e3:50:bd:5b:ba:cf:7f:66:d3:33:1d:29:45:6e:53:
27:ab:bd:a3:d6:83:54:52:3b:55:55:5f:bc:e4:dc:
83:c0:cc:c7:8b:c3:3e:25:2b:4c:90:6b:fb:21:20:
84:cf:81:8c:b8:ce:85:cd:d3:69:ed:2c:8f:a2:01:
85:73:9e:50:f3:a6:10:9b:56:f8:73:21:04:18:46:
3d:6d:85:28:12:57:c8:b6:58:a3:10:31:47:62:68:
ea:fe:91:70:fd:6d:c9:c5:02:b6:ce:86:13:42:cf:
0c:8f:cd:40:eb:ca:cb:30:f5:a6:0e:a0:f4:0e:9a:
25:82:a0:60:1b:41:df:a2:95:fb:0c:d9:04:7f:e8:
7b:df:8d:b9:71:f8:09:75:b5:c7:e5:3c:96:b1:9f:
11:ed:50:a1:2f:7f:d0:71:12:9e:c6:81:56:58:f3:
52:20:62:3c:a0:78:2c:69:90:a0:bb:67:eb:99:96:
53:31:13:30:66:78:2b:fd:31:1b:92:c7:0b:fd:73:
76:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:32:30:57:6E:55:98:F2:17:F6:60:D9:51:89:1C:38:69:3A:14:54
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/qjIwV25VmPIX9mDZUYkcOGk6FFQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
22:76:c1:1b:24:a5:36:1a:0a:db:e7:bb:34:2d:ef:f8:ed:49:
57:19:91:5a:be:e5:09:e4:03:cb:cf:f9:9a:0c:ca:d3:ce:b5:
81:1c:a9:17:d1:cd:4e:3e:b0:e7:a5:0c:8a:bc:c3:bf:06:8f:
89:1f:a0:00:d6:4d:5c:b9:d1:37:f9:c7:5a:c7:b9:17:08:d2:
01:8d:43:18:6d:29:a9:d3:25:1f:77:a8:75:78:32:a4:36:08:
47:2a:14:ff:4d:54:d4:d7:9f:43:44:4c:af:1a:49:f3:f5:e1:
ac:60:41:9f:9a:33:b8:0b:a5:ce:09:9d:33:b6:90:e4:1f:ab:
28:bd:a7:a8:2a:a2:84:a8:97:23:48:0a:10:7c:fb:b5:33:97:
ed:37:40:7f:9e:40:58:01:87:ff:da:bc:6c:b9:f9:1c:2d:52:
ee:f9:44:9d:d9:38:c2:1c:48:bb:87:ab:69:62:b9:39:9c:7f:
fb:ac:a9:71:75:dc:a4:61:0c:e6:7c:c9:ad:f3:f3:e3:aa:69:
c0:11:f4:32:52:da:2e:f7:f8:f1:8e:b8:ed:98:b5:55:be:e6:
48:8b:d5:93:ea:fe:4c:1b:0e:1a:80:6b:b1:ea:ac:91:70:b1:
96:f2:99:95:7a:fa:7d:3a:66:6b:7d:ed:a4:47:c9:1e:d4:73:
0b:cc:42:f6
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICUuswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDkw
MzI0MDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFBMzIzMDU3NkU1NTk4
RjIxN0Y2NjBEOTUxODkxQzM4NjkzQTE0NTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhnzK2TE3kkpbsc0qi6CkulVQ3WiuVZ0wzEZM6s47g7Aipw9+E
aO5LyAAZOqnZLQyq9Y+Q53eCPR1OyuNQvVu6z39m0zMdKUVuUyervaPWg1RSO1VV
X7zk3IPAzMeLwz4lK0yQa/shIITPgYy4zoXN02ntLI+iAYVznlDzphCbVvhzIQQY
Rj1thSgSV8i2WKMQMUdiaOr+kXD9bcnFArbOhhNCzwyPzUDryssw9aYOoPQOmiWC
oGAbQd+ilfsM2QR/6Hvfjblx+Al1tcflPJaxnxHtUKEvf9BxEp7GgVZY81IgYjyg
eCxpkKC7Z+uZllMxEzBmeCv9MRuSxwv9c3Z3AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUqjIwV25VmPIX9mDZUYkcOGk6FFQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3FqSXdWMjVWbVBJWDlt
RFpVWWtjT0drNkZGUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBACJ2wRskpTYaCtvnuzQt7/jtSVcZkVq+
5QnkA8vP+ZoMytPOtYEcqRfRzU4+sOelDIq8w78Gj4kfoADWTVy50Tf5x1rHuRcI
0gGNQxhtKanTJR93qHV4MqQ2CEcqFP9NVNTXn0NETK8aSfP14axgQZ+aM7gLpc4J
nTO2kOQfqyi9p6gqooSolyNIChB8+7Uzl+03QH+eQFgBh//avGy5+RwtUu75RJ3Z
OMIcSLuHq2liuTmcf/usqXF13KRhDOZ8ya3z8+OqacAR9DJS2i73+PGOuO2YtVW+
5kiL1ZPq/kwbDhqAa7HqrJFwsZbymZV6+n06Zmt97aRHyR7UcwvMQvY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:48 2024 by rpki-client on console-fra.rpki-client.org