Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/t2jqOw-S_slkxDYglk77nCrTsQc.roa
File: t2jqOw-S_slkxDYglk77nCrTsQc.roa (raw, json)
Hash identifier: MFmE+6x0R0qd9PmZJ5T91+BxeBam9b8B13tGPfT99yE=
Subject key identifier: B7:68:EA:3B:0F:92:FE:C9:64:C4:36:20:96:4E:FB:9C:2A:D3:B1:07
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4493
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/t2jqOw-S_slkxDYglk77nCrTsQc.roa
Signing time: Sat 20 Apr 2024 00:23:03 +0000
ROA not before: Sat 20 Apr 2024 00:23:03 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17555 (0x4493)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 00:23:03 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B768EA3B0F92FEC964C43620964EFB9C2AD3B107
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:77:cd:9b:6f:75:35:86:a1:14:92:4a:bd:3b:
94:18:eb:91:87:d1:ee:7e:61:8e:b8:a8:ae:23:62:
b0:41:ed:ce:d6:e4:0d:dd:3e:1a:43:7c:b6:09:9c:
f4:f8:32:51:a1:93:16:78:9c:3e:fb:92:87:c2:88:
da:76:f5:a5:f9:70:66:71:a3:fb:1c:70:73:b2:5e:
1c:c1:9e:34:b8:d1:d7:66:b1:60:6f:60:a3:00:63:
fd:aa:93:de:cd:bd:ba:c5:db:95:96:ac:b7:ef:bd:
e8:5d:8b:e5:14:24:66:f7:bb:f3:7e:88:89:fc:6f:
12:40:38:45:c6:9b:42:da:c9:c8:ff:f0:a4:cb:4f:
11:c8:d8:73:11:56:81:09:92:f4:fb:98:0a:9b:05:
9e:ee:fc:5b:6e:7b:1f:0d:c3:ce:02:39:0e:ca:97:
5a:49:f3:3a:76:1d:0a:c4:44:b5:9f:c8:4d:47:19:
00:26:81:45:35:23:c2:26:5f:3c:3f:88:35:df:71:
80:1c:83:db:56:7f:1f:61:34:4d:1a:3f:ba:de:9e:
da:f1:97:ab:f8:86:bc:98:90:8b:3b:9e:9c:63:47:
3e:41:be:7e:de:e6:ad:00:91:3d:51:9c:34:54:a4:
85:34:fd:9c:4f:30:b3:91:75:e0:00:1a:cf:63:fb:
0c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:68:EA:3B:0F:92:FE:C9:64:C4:36:20:96:4E:FB:9C:2A:D3:B1:07
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/t2jqOw-S_slkxDYglk77nCrTsQc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
52:33:35:92:d6:6d:9e:63:92:6a:77:3f:28:c1:e1:68:07:44:
ac:f4:2b:cd:96:67:d2:eb:c0:b3:9f:ef:64:15:2d:1c:36:4f:
8c:ac:18:27:d3:f0:43:7f:fe:1c:1a:e4:42:74:7e:5b:1c:3b:
d5:fd:a4:cd:53:46:36:96:d7:45:18:28:04:4d:45:97:79:3d:
57:33:84:93:52:47:0d:65:44:7f:fb:ad:53:55:85:c7:e0:f2:
be:88:7f:28:71:47:ec:26:ed:6b:ab:7b:ea:43:0a:e9:c8:a9:
a3:86:16:5c:a4:f9:09:30:fd:40:e5:9b:e0:71:49:f4:37:a5:
97:4a:49:df:3f:f1:0b:67:5e:12:44:2f:3c:55:86:61:f4:75:
35:66:ce:8c:b4:c6:7b:be:bd:6e:1f:ed:a6:d0:c8:67:8a:c6:
fa:63:4d:8f:34:da:4e:86:25:59:ca:c9:24:84:ff:39:3e:d5:
80:9e:bd:f4:9c:a9:6e:99:9c:a9:47:9a:62:2b:b6:f7:b7:f2:
f1:e2:5e:4d:09:db:09:80:bb:5e:e5:45:a1:96:78:6f:ff:9a:
8b:32:3b:64:1a:e9:68:3b:d6:e4:31:39:56:5e:db:79:22:e3:
3b:40:fe:91:7e:36:ec:54:a4:25:44:b0:5e:c0:db:ff:66:8b:
fa:29:33:1d
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICRJMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAw
MDIzMDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI3NjhFQTNCMEY5MkZF
Qzk2NEM0MzYyMDk2NEVGQjlDMkFEM0IxMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvd82bb3U1hqEUkkq9O5QY65GH0e5+YY64qK4jYrBB7c7W5A3d
PhpDfLYJnPT4MlGhkxZ4nD77kofCiNp29aX5cGZxo/sccHOyXhzBnjS40ddmsWBv
YKMAY/2qk97NvbrF25WWrLfvvehdi+UUJGb3u/N+iIn8bxJAOEXGm0Laycj/8KTL
TxHI2HMRVoEJkvT7mAqbBZ7u/Ftuex8Nw84COQ7Kl1pJ8zp2HQrERLWfyE1HGQAm
gUU1I8ImXzw/iDXfcYAcg9tWfx9hNE0aP7rentrxl6v4hryYkIs7npxjRz5Bvn7e
5q0AkT1RnDRUpIU0/ZxPMLORdeAAGs9j+wx7AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUt2jqOw+S/slkxDYglk77nCrTsQcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3QyanFPdy1TX3Nsa3hE
WWdsazc3bkNyVHNRYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFIzNZLWbZ5jkmp3PyjB4WgHRKz0K82W
Z9LrwLOf72QVLRw2T4ysGCfT8EN//hwa5EJ0flscO9X9pM1TRjaW10UYKARNRZd5
PVczhJNSRw1lRH/7rVNVhcfg8r6IfyhxR+wm7Wure+pDCunIqaOGFlyk+Qkw/UDl
m+BxSfQ3pZdKSd8/8QtnXhJELzxVhmH0dTVmzoy0xnu+vW4f7abQyGeKxvpjTY80
2k6GJVnKySSE/zk+1YCevfScqW6ZnKlHmmIrtve38vHiXk0J2wmAu17lRaGWeG//
mosyO2Qa6Wg71uQxOVZe23ki4ztA/pF+NuxUpCVEsF7A2/9mi/opMx0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:51 2024 by rpki-client on console-fra.rpki-client.org