Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/tkvFDjmL70jICQTRqf4StV2nP30.roa
File: tkvFDjmL70jICQTRqf4StV2nP30.roa (raw, json)
Hash identifier: 2nXVhyhWymKC63J4k6zFpZqAQpptI+ZaJb7UCz2SQds=
Subject key identifier: B6:4B:C5:0E:39:8B:EF:48:C8:09:04:D1:A9:FE:12:B5:5D:A7:3F:7D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 55D3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tkvFDjmL70jICQTRqf4StV2nP30.roa
Signing time: Mon 13 May 2024 00:24:05 +0000
ROA not before: Mon 13 May 2024 00:24:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21971 (0x55d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 13 00:24:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B64BC50E398BEF48C80904D1A9FE12B55DA73F7D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:de:55:db:6b:b7:c6:4a:3d:ad:41:ea:f7:5a:
cb:36:c3:b6:12:6e:cd:a4:9a:28:f4:d8:5c:06:6d:
1c:39:fd:72:d4:e9:59:68:5c:e1:c1:5f:b5:be:04:
4b:d2:01:90:43:5d:1a:97:53:52:82:fa:4a:55:5b:
c4:10:76:aa:03:a1:7a:df:9e:49:c4:ce:6b:e8:0c:
5c:53:71:e1:26:7d:e7:4d:19:cf:b9:52:71:42:be:
c1:02:c3:34:60:4b:fa:cd:72:33:d7:31:e6:ce:86:
6b:5d:09:7f:eb:8e:67:aa:4f:97:d8:22:86:5b:87:
46:1e:82:0f:e5:f2:8e:f7:b8:22:74:c2:57:fb:6d:
95:22:b5:9d:76:5f:8a:9e:99:fa:95:56:91:fd:91:
81:b8:65:83:73:78:3b:76:56:f9:ab:16:50:89:ea:
cc:a9:e9:bc:a5:5c:56:16:3e:61:a0:9f:93:a5:12:
c0:d8:08:c1:2d:f1:a5:65:48:13:38:53:92:04:e1:
63:16:90:70:ad:36:5f:cf:91:2e:c6:c5:3f:18:d3:
9a:d7:52:97:01:a1:99:60:35:6e:e4:d1:0f:35:1d:
e1:15:b6:51:ae:db:8d:8a:15:b2:41:24:ba:92:af:
7c:a2:b4:5b:40:50:56:51:88:41:86:15:0e:13:01:
98:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:4B:C5:0E:39:8B:EF:48:C8:09:04:D1:A9:FE:12:B5:5D:A7:3F:7D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/tkvFDjmL70jICQTRqf4StV2nP30.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
64:b6:54:4a:d7:b8:da:8a:ed:03:ee:bd:bd:d4:ad:ac:be:16:
97:44:0d:7a:f5:21:be:a0:45:cf:49:8f:8c:38:04:86:0a:a0:
ab:d1:5d:f2:42:7e:89:da:b6:91:48:51:75:63:ed:44:8a:43:
a1:31:21:a1:96:c9:97:d6:ad:73:65:82:d3:53:c6:aa:46:d0:
ed:e7:f5:f7:98:3a:5c:75:a9:4f:8a:ee:b5:21:f4:55:7a:d6:
57:1f:f1:1f:40:b8:09:50:e9:71:33:2c:3f:0c:41:cf:01:9b:
7a:50:7f:d5:74:c9:87:8a:5e:92:f1:1f:2d:40:5d:33:ae:96:
da:8a:5c:56:d1:05:0a:12:4f:54:af:1a:00:fa:ac:db:dc:3e:
06:4b:87:60:de:8e:02:4e:af:c5:e9:3f:7c:69:77:f7:f8:cd:
42:8d:3b:0b:61:95:3b:3f:68:05:9a:7d:ae:64:ef:e2:92:a1:
10:0f:3d:9d:98:3f:57:3a:10:e0:2d:7c:de:fe:1f:88:ff:ca:
5e:50:52:e7:1c:46:d0:23:6c:5b:52:96:15:8a:94:f6:ac:49:
f8:0a:9b:d6:d1:4b:d6:d3:6f:d2:47:fb:63:3d:15:3a:56:fe:
88:bc:67:da:4e:55:2b:8c:7f:4c:b9:c4:6b:dd:68:e0:fb:f3:
b6:d8:55:85
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICVdMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTMw
MDI0MDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI2NEJDNTBFMzk4QkVG
NDhDODA5MDREMUE5RkUxMkI1NURBNzNGN0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDc3lXba7fGSj2tQer3Wss2w7YSbs2kmij02FwGbRw5/XLU6Vlo
XOHBX7W+BEvSAZBDXRqXU1KC+kpVW8QQdqoDoXrfnknEzmvoDFxTceEmfedNGc+5
UnFCvsECwzRgS/rNcjPXMebOhmtdCX/rjmeqT5fYIoZbh0Yegg/l8o73uCJ0wlf7
bZUitZ12X4qemfqVVpH9kYG4ZYNzeDt2VvmrFlCJ6syp6bylXFYWPmGgn5OlEsDY
CMEt8aVlSBM4U5IE4WMWkHCtNl/PkS7GxT8Y05rXUpcBoZlgNW7k0Q81HeEVtlGu
242KFbJBJLqSr3yitFtAUFZRiEGGFQ4TAZjJAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUtkvFDjmL70jICQTRqf4StV2nP30wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3RrdkZEam1MNzBqSUNR
VFJxZjRTdFYyblAzMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAGS2VErXuNqK7QPuvb3Uray+FpdEDXr1
Ib6gRc9Jj4w4BIYKoKvRXfJCfonatpFIUXVj7USKQ6ExIaGWyZfWrXNlgtNTxqpG
0O3n9feYOlx1qU+K7rUh9FV61lcf8R9AuAlQ6XEzLD8MQc8Bm3pQf9V0yYeKXpLx
Hy1AXTOultqKXFbRBQoST1SvGgD6rNvcPgZLh2DejgJOr8XpP3xpd/f4zUKNOwth
lTs/aAWafa5k7+KSoRAPPZ2YP1c6EOAtfN7+H4j/yl5QUuccRtAjbFtSlhWKlPas
SfgKm9bRS9bTb9JH+2M9FTpW/oi8Z9pOVSuMf0y5xGvdaOD787bYVYU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:51 2024 by rpki-client on console-fra.rpki-client.org