Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/rdmH-Gu4cpQxWqeqv8JLB5sqgW0.roa
File: rdmH-Gu4cpQxWqeqv8JLB5sqgW0.roa (raw, json)
Hash identifier: KopASNusZwZAZct1jor/Rm8oAaYZMmI7vE/Npk+O/aE=
Subject key identifier: AD:D9:87:F8:6B:B8:72:94:31:5A:A7:AA:BF:C2:4B:07:9B:2A:81:6D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4F1F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rdmH-Gu4cpQxWqeqv8JLB5sqgW0.roa
Signing time: Sat 04 May 2024 01:53:47 +0000
ROA not before: Sat 04 May 2024 01:53:47 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20255 (0x4f1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 4 01:53:47 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=ADD987F86BB87294315AA7AABFC24B079B2A816D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ac:74:19:05:3a:08:64:46:f8:fd:06:50:66:
7a:a6:20:64:eb:15:8d:ca:d9:dc:5c:4a:8a:9f:ab:
99:41:cf:02:80:c0:d2:7a:d9:7d:ec:66:ed:88:a9:
e9:5b:ad:93:94:c8:2e:fc:44:df:dc:d2:68:bc:5f:
ee:4e:34:62:e0:76:cb:0b:41:e5:17:0a:18:bb:16:
0b:a0:9e:6b:7a:26:83:ae:24:0b:9b:c2:bc:75:60:
ed:c4:5e:62:b2:ea:4b:82:5d:48:13:c2:8b:09:09:
ba:8d:95:19:a5:e0:d3:be:08:10:b8:e0:6d:19:cb:
c9:2e:94:93:ce:27:2e:f0:cc:13:12:1c:7a:38:b6:
3b:4b:0d:6d:de:8d:22:be:4e:55:0d:80:ef:07:28:
1e:de:1b:28:7a:bd:39:7f:f1:8a:62:9f:2a:d7:be:
33:bd:59:96:68:7e:ae:68:83:9a:66:14:a6:43:f4:
c3:f6:1d:a3:54:1e:74:21:7b:18:07:7a:28:7d:15:
b7:00:27:d5:8b:c2:2f:8a:15:75:0e:2d:bd:78:5b:
08:79:5b:c7:fd:e4:0f:e9:55:d6:24:72:67:3a:6f:
b6:85:ff:65:64:71:9a:05:8a:75:9b:9b:43:d1:58:
e9:3f:59:51:08:aa:bd:54:37:ea:7a:60:a2:37:09:
bb:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:D9:87:F8:6B:B8:72:94:31:5A:A7:AA:BF:C2:4B:07:9B:2A:81:6D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/rdmH-Gu4cpQxWqeqv8JLB5sqgW0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
76:74:5d:90:8d:20:e3:6a:89:ae:fa:07:a2:ed:73:35:1d:61:
dd:cd:9f:53:ba:4a:22:c9:dd:49:17:bd:7e:72:96:83:9b:bf:
05:5f:34:fd:d9:70:e7:04:cf:37:62:82:38:52:2c:4d:35:2a:
42:ee:a1:5e:9b:31:a0:dc:8f:55:1d:a5:b7:84:4d:e7:c6:69:
55:2f:ed:9b:8d:5e:7d:7e:ff:4c:d7:b7:81:48:16:e4:96:ad:
bb:8c:f4:3e:1c:51:3a:d4:6f:8e:7b:ea:91:e8:5b:34:f2:f5:
f2:3b:24:50:8e:b0:a4:81:44:73:25:7e:4f:af:37:fa:e0:22:
87:58:fa:c5:5d:a2:2c:36:a7:32:7e:a9:b1:4d:0c:de:87:a2:
d2:4c:4b:50:0e:ee:44:ee:19:5a:25:56:0f:53:e6:ca:d0:21:
02:eb:55:dd:11:37:b8:f2:04:eb:c0:fe:1d:fd:b5:fa:8f:1f:
4b:ae:d3:5d:b3:1c:48:ea:b1:48:3c:64:11:c7:39:fa:4f:84:
49:27:58:5b:22:85:18:84:26:d8:39:57:f3:31:9e:36:3c:8e:
8f:ca:96:21:76:d7:c2:64:0d:17:2c:9a:50:51:6d:63:94:66:
61:60:a5:92:be:c8:0d:26:24:24:9a:9e:25:cd:66:85:d3:01:
56:59:94:c4
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTx8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDQw
MTUzNDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFERDk4N0Y4NkJCODcy
OTQzMTVBQTdBQUJGQzI0QjA3OUIyQTgxNkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqrHQZBToIZEb4/QZQZnqmIGTrFY3K2dxcSoqfq5lBzwKAwNJ6
2X3sZu2IqelbrZOUyC78RN/c0mi8X+5ONGLgdssLQeUXChi7Fgugnmt6JoOuJAub
wrx1YO3EXmKy6kuCXUgTwosJCbqNlRml4NO+CBC44G0Zy8kulJPOJy7wzBMSHHo4
tjtLDW3ejSK+TlUNgO8HKB7eGyh6vTl/8YpinyrXvjO9WZZofq5og5pmFKZD9MP2
HaNUHnQhexgHeih9FbcAJ9WLwi+KFXUOLb14Wwh5W8f95A/pVdYkcmc6b7aF/2Vk
cZoFinWbm0PRWOk/WVEIqr1UN+p6YKI3CbvVAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUrdmH+Gu4cpQxWqeqv8JLB5sqgW0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3JkbUgtR3U0Y3BReFdx
ZXF2OEpMQjVzcWdXMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAHZ0XZCNIONqia76B6LtczUdYd3Nn1O6
SiLJ3UkXvX5yloObvwVfNP3ZcOcEzzdigjhSLE01KkLuoV6bMaDcj1UdpbeETefG
aVUv7ZuNXn1+/0zXt4FIFuSWrbuM9D4cUTrUb4576pHoWzTy9fI7JFCOsKSBRHMl
fk+vN/rgIodY+sVdoiw2pzJ+qbFNDN6HotJMS1AO7kTuGVolVg9T5srQIQLrVd0R
N7jyBOvA/h39tfqPH0uu012zHEjqsUg8ZBHHOfpPhEknWFsihRiEJtg5V/MxnjY8
jo/KliF218JkDRcsmlBRbWOUZmFgpZK+yA0mJCSaniXNZoXTAVZZlMQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:49 2024 by rpki-client on console-fra.rpki-client.org