Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/sq_PGLLhQ6QV7gDxXvWy5A0g8eU.roa
File: sq_PGLLhQ6QV7gDxXvWy5A0g8eU.roa (raw, json)
Hash identifier: x0Hv+RVd8FTK/NEA5KA2Nuqwm+pWC1/dHfCzOK2iOBA=
Subject key identifier: B2:AF:CF:18:B2:E1:43:A4:15:EE:00:F1:5E:F5:B2:E4:0D:20:F1:E5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3D7F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sq_PGLLhQ6QV7gDxXvWy5A0g8eU.roa
Signing time: Wed 10 Apr 2024 13:52:46 +0000
ROA not before: Wed 10 Apr 2024 13:52:46 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15743 (0x3d7f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 10 13:52:46 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B2AFCF18B2E143A415EE00F15EF5B2E40D20F1E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:59:a4:1c:05:a0:40:ff:9b:40:2c:f2:30:89:
e3:2a:fc:d1:ac:1b:29:3c:54:77:6c:45:82:36:a1:
ae:e3:2f:bb:79:82:6e:b0:c8:60:be:33:eb:29:b4:
5f:b0:bb:c2:a9:f0:ae:89:a2:aa:75:45:cc:54:ab:
98:d0:cb:de:e9:bf:fb:2d:e1:cf:27:bc:ff:a7:16:
d4:f0:4f:49:60:03:23:5d:86:5e:a0:6c:56:8f:25:
8b:65:18:70:e5:13:46:3d:f5:6d:91:de:58:67:7f:
47:a3:9b:42:e8:c5:6b:43:bd:d1:10:67:9e:ff:a8:
35:1a:2e:a9:7d:b5:fc:2f:e0:47:77:18:68:4f:77:
7a:8d:bb:4f:01:1c:ed:a4:95:59:95:aa:d8:18:70:
8d:02:ca:bf:91:cf:2d:b7:bc:1a:a9:42:bc:ae:da:
c5:eb:cc:4f:d0:cd:e9:d8:ad:b4:52:3c:25:68:09:
fe:09:e3:60:4e:e6:6e:c3:c4:c9:6f:90:fb:7e:0f:
d3:34:ab:25:78:59:fb:86:ae:f8:8b:fa:df:8e:dc:
da:a0:6d:bc:09:9c:45:6c:9e:24:bc:b7:64:dc:65:
ee:a1:f2:cb:51:e3:b5:e8:b6:ba:72:55:7d:5d:55:
6a:53:9a:2d:f2:bf:e9:6d:9b:26:4f:c9:d8:94:6f:
2c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:AF:CF:18:B2:E1:43:A4:15:EE:00:F1:5E:F5:B2:E4:0D:20:F1:E5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sq_PGLLhQ6QV7gDxXvWy5A0g8eU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
36:41:2d:ef:d7:17:ad:b1:ea:9b:65:59:72:d1:ed:49:0b:71:
c9:ed:e9:f9:e6:ed:b6:85:57:63:a2:19:9d:48:09:58:52:7c:
85:cc:d4:15:65:19:3d:b5:4a:ce:91:45:ec:f3:bd:67:17:55:
6e:fa:7f:ba:f0:9d:17:33:e4:8e:56:54:8f:fe:c7:3c:cb:38:
a7:11:4a:4a:62:fa:00:d8:36:c3:b5:95:95:02:d5:0c:b6:02:
18:fd:a9:fd:80:37:77:fa:ef:d9:8c:c4:52:65:26:90:4f:b4:
37:0a:b5:ed:d6:dc:18:30:7b:f3:c9:f3:88:8c:db:c5:06:9e:
e9:21:80:50:2a:d2:7d:81:27:19:4f:5c:e7:f4:33:34:97:f2:
58:db:8e:e7:ad:87:7d:65:fb:b2:6b:f5:74:de:98:e7:d8:76:
06:28:05:b1:fe:ed:ae:cd:76:ed:08:48:ce:5d:69:b5:cb:c8:
f1:0a:d8:e5:86:db:44:cc:9e:47:ae:96:74:b5:d9:54:a2:ee:
af:23:92:52:77:b1:f2:4a:bb:db:23:45:65:46:8b:90:88:f7:
ac:72:8e:c9:95:79:00:eb:2c:f2:a0:f0:e3:3c:9e:7e:a5:74:
88:00:9b:c2:6e:42:e1:a8:34:2a:cb:ff:20:91:79:ef:8f:7a:
d1:58:49:56
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPX8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTAx
MzUyNDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIyQUZDRjE4QjJFMTQz
QTQxNUVFMDBGMTVFRjVCMkU0MEQyMEYxRTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrWaQcBaBA/5tALPIwieMq/NGsGyk8VHdsRYI2oa7jL7t5gm6w
yGC+M+sptF+wu8Kp8K6Joqp1RcxUq5jQy97pv/st4c8nvP+nFtTwT0lgAyNdhl6g
bFaPJYtlGHDlE0Y99W2R3lhnf0ejm0LoxWtDvdEQZ57/qDUaLql9tfwv4Ed3GGhP
d3qNu08BHO2klVmVqtgYcI0Cyr+Rzy23vBqpQryu2sXrzE/QzenYrbRSPCVoCf4J
42BO5m7DxMlvkPt+D9M0qyV4WfuGrviL+t+O3NqgbbwJnEVsniS8t2TcZe6h8stR
47XotrpyVX1dVWpTmi3yv+ltmyZPydiUbyzHAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUsq/PGLLhQ6QV7gDxXvWy5A0g8eUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3NxX1BHTExoUTZRVjdn
RHhYdld5NUEwZzhlVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBADZBLe/XF62x6ptlWXLR7UkLccnt6fnm
7baFV2OiGZ1ICVhSfIXM1BVlGT21Ss6RRezzvWcXVW76f7rwnRcz5I5WVI/+xzzL
OKcRSkpi+gDYNsO1lZUC1Qy2Ahj9qf2AN3f679mMxFJlJpBPtDcKte3W3Bgwe/PJ
84iM28UGnukhgFAq0n2BJxlPXOf0MzSX8ljbjueth31l+7Jr9XTemOfYdgYoBbH+
7a7Ndu0ISM5dabXLyPEK2OWG20TMnkeulnS12VSi7q8jklJ3sfJKu9sjRWVGi5CI
96xyjsmVeQDrLPKg8OM8nn6ldIgAm8JuQuGoNCrL/yCRee+PetFYSVY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:51 2024 by rpki-client on console-fra.rpki-client.org