Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/tafKBqXo-8b4vK5dM2S-9xle2XA.roa
File: tafKBqXo-8b4vK5dM2S-9xle2XA.roa (raw, json)
Hash identifier: B0elaZ3KdYwQzyLOxoHCBB3w5OH0s5ncTSStmxlV7yE=
Subject key identifier: B5:A7:CA:06:A5:E8:FB:C6:F8:BC:AE:5D:33:64:BE:F7:19:5E:D9:70
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 369B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tafKBqXo-8b4vK5dM2S-9xle2XA.roa
Signing time: Mon 01 Apr 2024 09:22:17 +0000
ROA not before: Mon 01 Apr 2024 09:22:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13979 (0x369b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 1 09:22:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B5A7CA06A5E8FBC6F8BCAE5D3364BEF7195ED970
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c4:a9:26:91:d8:d5:dd:11:ae:ce:90:2f:63:
bc:69:87:f1:82:43:75:11:73:db:8f:d6:e7:6c:59:
94:d9:3e:7b:25:df:da:d1:96:b4:6e:75:fc:c2:9a:
9a:7c:47:96:12:90:b3:b8:81:77:37:90:05:de:91:
b4:e6:ed:9a:df:ea:f6:50:7a:a1:6f:66:53:48:2a:
c3:f9:96:d6:5a:a8:db:9f:5d:0e:20:42:16:79:13:
2f:96:97:02:c8:1c:83:bb:df:8f:6d:cd:56:a4:a4:
3d:e6:60:99:37:6f:b1:e2:ee:98:12:a4:cb:af:e6:
11:25:ba:26:b2:ad:a5:06:c7:6e:bd:38:00:0b:e4:
5f:5b:f4:d6:a0:a4:fd:2f:d6:60:c4:30:0f:c5:f8:
7b:d7:b2:0b:a2:10:0c:d3:41:b0:dc:79:36:92:cf:
4a:ae:25:45:d6:27:56:f8:21:4b:53:1f:89:de:c0:
ab:84:1f:09:39:fa:d6:e4:26:b6:12:34:e4:a7:7a:
a6:7a:64:c9:12:e0:13:88:9d:5a:4a:d6:a6:58:a3:
0c:44:0e:06:15:a9:7e:ba:28:fc:9e:d1:29:19:57:
54:6f:0c:e9:35:ac:c5:ab:35:ab:94:92:76:d0:83:
ff:61:bb:57:19:db:a4:b8:9e:58:0a:b7:8c:fb:44:
86:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:A7:CA:06:A5:E8:FB:C6:F8:BC:AE:5D:33:64:BE:F7:19:5E:D9:70
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tafKBqXo-8b4vK5dM2S-9xle2XA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
6a:34:25:e3:41:46:4a:a9:61:7d:92:a7:19:70:1d:11:3e:3b:
74:29:c6:50:1b:cf:73:55:06:79:ee:28:0b:0d:4f:7a:57:96:
5c:49:d4:cf:34:2a:20:d2:40:69:50:2d:5a:87:48:b7:b6:71:
18:8f:a5:d0:20:d6:7e:f7:c1:36:9a:74:22:7e:05:63:50:71:
92:50:d8:c6:cc:1a:c0:9b:2e:d6:51:4c:ea:0e:3f:06:f6:b0:
c1:76:cc:6c:08:a7:8a:a3:3c:1e:f0:3a:ed:ff:64:32:d6:2f:
d8:f5:51:22:bf:14:f5:40:94:d0:95:32:6c:16:e0:10:4c:f9:
46:e8:06:97:b9:c5:c8:8f:58:c3:93:d4:73:ca:72:88:e1:c5:
f1:09:c9:e8:26:c3:88:c0:a4:c4:71:1a:83:a8:ba:d8:d3:10:
c8:18:5b:9f:02:d1:f1:df:33:a2:a9:8f:5f:b2:7b:af:9f:74:
a0:f7:a2:9d:54:a0:7a:53:b0:08:12:5e:a2:a8:14:98:b0:65:
f4:3a:ad:52:75:33:7b:cb:7b:60:7e:6a:99:ad:06:da:b0:a8:
b6:07:91:82:ba:d7:3c:8d:c2:b9:04:2a:ed:f1:e9:76:5b:96:
16:e4:07:38:a4:1f:91:89:91:f3:27:94:85:43:64:d3:31:53:
67:62:4a:a7
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNpswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDEw
OTIyMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI1QTdDQTA2QTVFOEZC
QzZGOEJDQUU1RDMzNjRCRUY3MTk1RUQ5NzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDExKkmkdjV3RGuzpAvY7xph/GCQ3URc9uP1udsWZTZPnsl39rR
lrRudfzCmpp8R5YSkLO4gXc3kAXekbTm7Zrf6vZQeqFvZlNIKsP5ltZaqNufXQ4g
QhZ5Ey+WlwLIHIO7349tzVakpD3mYJk3b7Hi7pgSpMuv5hEluiayraUGx269OAAL
5F9b9NagpP0v1mDEMA/F+HvXsguiEAzTQbDceTaSz0quJUXWJ1b4IUtTH4newKuE
Hwk5+tbkJrYSNOSneqZ6ZMkS4BOInVpK1qZYowxEDgYVqX66KPye0SkZV1RvDOk1
rMWrNauUknbQg/9hu1cZ26S4nlgKt4z7RIYNAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUtafKBqXo+8b4vK5dM2S+9xle2XAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3RhZktCcVhvLThiNHZL
NWRNMlMtOXhsZTJYQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAGo0JeNBRkqpYX2SpxlwHRE+O3QpxlAb
z3NVBnnuKAsNT3pXllxJ1M80KiDSQGlQLVqHSLe2cRiPpdAg1n73wTaadCJ+BWNQ
cZJQ2MbMGsCbLtZRTOoOPwb2sMF2zGwIp4qjPB7wOu3/ZDLWL9j1USK/FPVAlNCV
MmwW4BBM+UboBpe5xciPWMOT1HPKcojhxfEJyegmw4jApMRxGoOoutjTEMgYW58C
0fHfM6Kpj1+ye6+fdKD3op1UoHpTsAgSXqKoFJiwZfQ6rVJ1M3vLe2B+apmtBtqw
qLYHkYK61zyNwrkEKu3x6XZblhbkBzikH5GJkfMnlIVDZNMxU2diSqc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:51 2024 by rpki-client on console-fra.rpki-client.org