Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ueGzpquOww6EeplA7njnR59AKeA.roa
File: ueGzpquOww6EeplA7njnR59AKeA.roa (raw, json)
Hash identifier: yPaNylrA9yQXYKl0RgpjDm+w0d1fUPrUfg3ccR5eIs4=
Subject key identifier: B9:E1:B3:A6:AB:8E:C3:0E:84:7A:99:40:EE:78:E7:47:9F:40:29:E0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4B33
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ueGzpquOww6EeplA7njnR59AKeA.roa
Signing time: Sun 28 Apr 2024 20:23:28 +0000
ROA not before: Sun 28 Apr 2024 20:23:28 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19251 (0x4b33)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 28 20:23:28 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B9E1B3A6AB8EC30E847A9940EE78E7479F4029E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:ff:47:5d:8a:83:ba:d0:8f:5d:c6:f0:d3:5e:
df:b0:62:03:11:31:82:40:09:2a:66:b9:64:4a:0b:
92:34:60:a2:96:aa:29:27:ab:9d:33:54:f7:0d:37:
69:72:63:7d:04:00:eb:8e:fe:38:2f:71:bb:59:8d:
22:e2:30:a2:75:eb:f6:0c:aa:03:31:47:e7:98:fe:
83:bf:e4:6c:58:16:14:7a:73:fd:89:a2:31:2d:06:
53:37:49:a9:c6:ca:92:fa:ea:43:21:53:79:51:36:
d4:f7:15:ac:24:3f:67:32:59:cd:eb:7b:fc:d7:ba:
5a:36:c1:54:70:22:3a:ea:a0:a5:f2:d0:70:02:29:
4f:93:35:4c:e0:3d:9d:48:cb:97:0e:bc:f6:8b:78:
41:8e:5a:24:3f:bd:aa:bd:7f:86:15:7c:ee:40:6e:
da:5d:87:06:1d:e7:f9:aa:9c:b9:43:09:f6:1a:40:
7a:c8:9f:dd:16:cc:e1:7b:aa:4c:f7:e2:4e:b6:33:
d0:3e:e0:d7:a0:2c:53:33:ea:9f:85:96:a5:33:c7:
12:67:45:e8:f9:c8:ab:44:09:aa:8c:b8:e5:ad:f4:
3b:ed:da:48:b5:fd:11:c6:6a:b0:5f:51:f7:d2:e2:
c8:ef:09:11:c9:79:2d:0a:9a:5d:fa:95:61:c5:fa:
39:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:E1:B3:A6:AB:8E:C3:0E:84:7A:99:40:EE:78:E7:47:9F:40:29:E0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ueGzpquOww6EeplA7njnR59AKeA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
5b:3c:cf:38:14:4c:ae:88:8e:a5:40:13:82:a7:ed:89:18:9a:
2f:da:56:eb:fb:c1:5a:3c:35:b7:ef:3b:e6:64:e5:08:8e:d1:
ec:1f:f5:79:99:d3:ea:bb:4c:74:74:ec:15:36:a1:bd:bd:a0:
b1:66:54:cd:c8:b4:a5:d5:16:18:e6:6e:d3:da:41:30:b0:24:
71:3c:ae:d0:11:f4:07:d2:5e:db:70:59:4a:05:e5:d8:5d:2e:
6b:0a:dc:44:d1:da:fc:59:27:93:e8:16:aa:cd:d7:9d:2a:0b:
02:3e:3b:fd:62:7f:ea:d8:7b:d9:6f:04:8a:1c:8e:e4:f7:40:
6b:aa:4e:ce:20:18:c2:9d:0d:16:f6:7c:13:a6:52:6e:4d:57:
e0:f0:e9:3c:fd:ac:6f:14:18:62:7d:cc:2a:ea:24:ef:fa:64:
f5:fb:09:ef:a1:e5:d5:46:ce:2a:61:9a:56:e8:0a:2d:30:63:
b5:49:dc:26:cc:cd:b5:07:09:50:06:71:c0:f4:ba:a7:0f:11:
8a:dc:49:64:cb:d3:7f:85:ad:72:0d:5e:41:fa:18:61:f6:da:
2d:a3:0c:24:da:a9:58:1c:12:a9:31:29:bc:bd:c1:af:09:b3:
7e:4d:44:e2:6d:6b:59:26:c4:d7:62:8c:5b:d6:49:ca:15:73:
f0:ba:ea:ae
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICSzMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjgy
MDIzMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI5RTFCM0E2QUI4RUMz
MEU4NDdBOTk0MEVFNzhFNzQ3OUY0MDI5RTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDv/0ddioO60I9dxvDTXt+wYgMRMYJACSpmuWRKC5I0YKKWqikn
q50zVPcNN2lyY30EAOuO/jgvcbtZjSLiMKJ16/YMqgMxR+eY/oO/5GxYFhR6c/2J
ojEtBlM3SanGypL66kMhU3lRNtT3FawkP2cyWc3re/zXulo2wVRwIjrqoKXy0HAC
KU+TNUzgPZ1Iy5cOvPaLeEGOWiQ/vaq9f4YVfO5AbtpdhwYd5/mqnLlDCfYaQHrI
n90WzOF7qkz34k62M9A+4NegLFMz6p+FlqUzxxJnRej5yKtECaqMuOWt9Dvt2ki1
/RHGarBfUffS4sjvCRHJeS0Kml36lWHF+jmbAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUueGzpquOww6EeplA7njnR59AKeAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3VlR3pwcXVPd3c2RWVw
bEE3bmpuUjU5QUtlQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFs8zzgUTK6IjqVAE4Kn7YkYmi/aVuv7
wVo8NbfvO+Zk5QiO0ewf9XmZ0+q7THR07BU2ob29oLFmVM3ItKXVFhjmbtPaQTCw
JHE8rtAR9AfSXttwWUoF5dhdLmsK3ETR2vxZJ5PoFqrN150qCwI+O/1if+rYe9lv
BIocjuT3QGuqTs4gGMKdDRb2fBOmUm5NV+Dw6Tz9rG8UGGJ9zCrqJO/6ZPX7Ce+h
5dVGziphmlboCi0wY7VJ3CbMzbUHCVAGccD0uqcPEYrcSWTL03+FrXINXkH6GGH2
2i2jDCTaqVgcEqkxKby9wa8Js35NROJta1kmxNdijFvWScoVc/C66q4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:52 2024 by rpki-client on console-fra.rpki-client.org