Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/tRTZeA7qLyhWy7BsuR0PictvBlQ.roa
File: tRTZeA7qLyhWy7BsuR0PictvBlQ.roa (raw, json)
Hash identifier: zAh1D+eoiow0S/xrdUJsoxfHhC6tw0LDyY5iv+cen34=
Subject key identifier: B5:14:D9:78:0E:EA:2F:28:56:CB:B0:6C:B9:1D:0F:89:CB:6F:06:54
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3DEF
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tRTZeA7qLyhWy7BsuR0PictvBlQ.roa
Signing time: Thu 11 Apr 2024 03:52:46 +0000
ROA not before: Thu 11 Apr 2024 03:52:46 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15855 (0x3def)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 11 03:52:46 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B514D9780EEA2F2856CBB06CB91D0F89CB6F0654
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:bd:da:42:ba:59:fb:b5:f6:3f:f4:7e:a2:8d:
1f:a4:d2:ca:ac:39:fd:c2:86:cc:99:d9:9b:13:fd:
fc:b3:eb:34:5b:5c:13:00:ee:72:68:68:e7:e3:76:
50:5f:61:38:93:e1:81:b2:f5:3d:82:e5:c2:13:86:
f1:1d:fe:3b:da:b0:33:1c:4c:85:a1:53:ba:d2:c2:
6e:7f:50:1c:86:c2:4e:98:d6:83:06:7d:fc:8a:12:
2c:08:7f:ee:09:7e:c7:16:ec:08:4d:d9:08:2d:a1:
23:b3:5f:7d:12:0a:b6:50:c4:e6:5a:e3:05:46:7f:
bb:a0:4d:dd:c0:b6:f8:f5:d0:cd:dc:59:87:d5:93:
a9:9e:6d:48:e5:58:86:73:78:31:37:07:8c:e4:0e:
20:fa:07:15:f6:a3:0b:1d:1c:07:4e:f3:a7:26:16:
65:a8:01:ad:cc:84:77:85:ae:eb:4e:01:7b:41:8e:
60:2a:d5:18:f3:df:77:a9:18:c0:7d:f2:e4:36:aa:
5d:8c:07:a4:a2:37:ff:3f:ed:89:43:67:a6:a5:3b:
28:8a:8a:6e:a6:6e:12:58:53:8b:78:51:dd:ca:4a:
38:60:fc:3e:f5:5f:cc:b0:73:1a:6e:41:84:b0:e3:
d1:67:ac:b5:06:d1:6a:47:d0:1b:28:67:2a:42:1a:
61:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:14:D9:78:0E:EA:2F:28:56:CB:B0:6C:B9:1D:0F:89:CB:6F:06:54
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tRTZeA7qLyhWy7BsuR0PictvBlQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
b4:45:93:e5:bb:2d:e1:b3:af:e2:1b:1a:1c:ba:08:77:70:ce:
9a:76:99:5a:2a:6f:cb:60:af:db:5f:eb:33:cd:39:dc:a1:a6:
1b:2d:46:90:a9:77:44:0c:2e:90:55:3b:28:d3:f7:34:20:93:
b0:4a:6e:f3:fe:23:fb:8f:f9:e1:b8:63:18:55:05:c2:17:8a:
11:2c:c9:d8:e7:83:c0:da:de:4a:fb:3a:ca:00:44:fa:07:22:
57:de:71:a7:71:9a:15:20:68:a6:be:8e:39:e6:3e:74:82:90:
28:41:7e:9a:7e:c0:21:ae:f8:cd:14:06:d6:9c:dc:15:a6:7d:
97:a5:91:97:33:b5:d3:88:70:a4:7a:c1:cb:57:09:a5:c9:04:
b7:a6:da:44:19:24:49:79:c4:4c:9c:6d:11:a2:ed:d6:05:80:
ee:20:52:ad:e8:e2:38:20:29:be:e5:c5:d0:5f:58:80:87:f9:
d9:5e:cc:b8:09:3e:80:c6:ac:99:6a:0e:b1:7e:6f:d0:88:3e:
d5:9e:e4:07:5d:cc:48:10:69:27:bf:f0:9e:76:e3:5d:44:0c:
d1:87:5d:4f:e9:f1:24:46:89:d5:ea:7e:e9:d2:14:bc:55:c1:
93:71:3b:35:dc:92:78:b4:2f:48:a0:49:c9:e4:5a:75:c4:8f:
da:78:1f:54
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPe8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTEw
MzUyNDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI1MTREOTc4MEVFQTJG
Mjg1NkNCQjA2Q0I5MUQwRjg5Q0I2RjA2NTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5vdpCuln7tfY/9H6ijR+k0sqsOf3ChsyZ2ZsT/fyz6zRbXBMA
7nJoaOfjdlBfYTiT4YGy9T2C5cIThvEd/jvasDMcTIWhU7rSwm5/UByGwk6Y1oMG
ffyKEiwIf+4JfscW7AhN2QgtoSOzX30SCrZQxOZa4wVGf7ugTd3Atvj10M3cWYfV
k6mebUjlWIZzeDE3B4zkDiD6BxX2owsdHAdO86cmFmWoAa3MhHeFrutOAXtBjmAq
1Rjz33epGMB98uQ2ql2MB6SiN/8/7YlDZ6alOyiKim6mbhJYU4t4Ud3KSjhg/D71
X8ywcxpuQYSw49FnrLUG0WpH0BsoZypCGmGZAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUtRTZeA7qLyhWy7BsuR0PictvBlQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3RSVFplQTdxTHloV3k3
QnN1UjBQaWN0dkJsUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALRFk+W7LeGzr+IbGhy6CHdwzpp2mVoq
b8tgr9tf6zPNOdyhphstRpCpd0QMLpBVOyjT9zQgk7BKbvP+I/uP+eG4YxhVBcIX
ihEsydjng8Da3kr7OsoARPoHIlfecadxmhUgaKa+jjnmPnSCkChBfpp+wCGu+M0U
Btac3BWmfZelkZcztdOIcKR6wctXCaXJBLem2kQZJEl5xEycbRGi7dYFgO4gUq3o
4jggKb7lxdBfWICH+dlezLgJPoDGrJlqDrF+b9CIPtWe5AddzEgQaSe/8J52411E
DNGHXU/p8SRGidXqfunSFLxVwZNxOzXckni0L0igScnkWnXEj9p4H1Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:51 2024 by rpki-client on console-fra.rpki-client.org