Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/wRezm2Q6NzwAXZLKHGwSx4wNcVA.roa
File: wRezm2Q6NzwAXZLKHGwSx4wNcVA.roa (raw, json)
Hash identifier: ym4lcg4QOCwKDBa1TYeuHBZbrljQT/4MFKtsf2KkMMw=
Subject key identifier: C1:17:B3:9B:64:3A:37:3C:00:5D:92:CA:1C:6C:12:C7:8C:0D:71:50
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4B37
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/wRezm2Q6NzwAXZLKHGwSx4wNcVA.roa
Signing time: Sun 28 Apr 2024 20:53:32 +0000
ROA not before: Sun 28 Apr 2024 20:53:32 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19255 (0x4b37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 28 20:53:32 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C117B39B643A373C005D92CA1C6C12C78C0D7150
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b0:89:79:2e:33:c5:cd:96:3c:47:93:02:98:
63:a5:e9:8c:19:5d:73:79:90:8c:47:66:40:ca:b8:
ef:9b:76:b4:ae:0d:ff:21:53:95:24:67:00:e6:49:
32:bf:c2:01:ea:1d:cf:49:d7:44:1a:12:91:a9:07:
db:28:5c:86:94:cd:e2:a8:35:a2:e8:59:ee:fa:7f:
da:7a:f1:66:16:7b:8a:c9:7a:c9:af:fb:dc:e8:a7:
a0:e8:53:bd:5e:92:0b:3c:69:2d:f6:d1:a7:02:0f:
77:97:f1:d9:29:b0:a2:9e:24:6b:0d:e1:90:75:08:
dd:56:98:3a:3e:c3:ba:c6:70:4e:bd:bf:f2:49:f4:
9b:12:fd:50:b5:08:47:57:0b:3d:e5:5d:15:da:82:
a7:33:c5:16:0c:7a:a8:29:26:44:f3:ee:11:d4:28:
99:5c:42:47:74:09:66:5c:d1:c8:7d:55:be:8d:ba:
62:90:65:a2:bd:32:92:de:76:a0:64:6e:91:66:3d:
36:67:d3:7c:9c:2e:de:7f:4e:4b:37:de:50:8a:7e:
5d:48:59:0d:2d:40:e0:f1:0a:97:71:d1:ef:c9:49:
79:a4:27:3e:a5:0d:51:07:0e:7f:c7:7a:84:26:ec:
e0:7f:79:c1:a3:44:12:66:8e:1f:c9:14:a1:ba:0e:
c5:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:17:B3:9B:64:3A:37:3C:00:5D:92:CA:1C:6C:12:C7:8C:0D:71:50
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/wRezm2Q6NzwAXZLKHGwSx4wNcVA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
64:03:a3:6d:d5:ce:3e:06:00:2e:ee:5c:b1:7e:3c:87:fd:32:
74:11:17:0a:89:78:c7:c1:98:e7:43:e7:e9:1a:e1:84:bc:db:
9b:cc:57:8e:66:66:9e:34:32:4e:07:57:34:84:51:d3:4e:4d:
26:cd:82:c9:61:80:03:5d:b2:00:e4:a8:2b:7e:10:7b:06:12:
64:af:38:5c:28:03:8d:44:d8:e4:5f:68:3d:1a:c6:b4:f6:dd:
a2:70:09:c7:66:aa:0d:82:48:2c:7f:8f:15:40:8d:85:b8:f0:
08:5b:d3:1f:43:fa:1b:78:f1:ac:df:5a:3e:2e:be:78:33:cb:
d6:99:f4:41:11:ca:d9:de:cc:9a:d4:21:28:39:78:f1:9c:db:
3f:fb:94:90:3e:21:aa:da:5a:10:12:73:46:8a:7a:fa:a5:fd:
0c:3d:23:7e:b5:3f:33:75:08:59:43:15:01:c0:9e:cb:86:de:
52:52:4a:5b:f5:56:06:d4:68:0b:08:68:4c:e3:b2:08:47:7c:
00:5e:37:5c:fc:01:af:f6:62:bf:06:0b:f2:a8:44:f8:e4:31:
90:59:a2:cf:42:20:25:40:eb:71:5b:c1:42:d5:b0:68:9a:47:
56:0e:64:4e:c4:78:45:66:d8:8f:48:b9:2f:5f:d1:60:6e:c2:
c7:9d:89:0d
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICSzcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjgy
MDUzMzJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEMxMTdCMzlCNjQzQTM3
M0MwMDVEOTJDQTFDNkMxMkM3OEMwRDcxNTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGsIl5LjPFzZY8R5MCmGOl6YwZXXN5kIxHZkDKuO+bdrSuDf8h
U5UkZwDmSTK/wgHqHc9J10QaEpGpB9soXIaUzeKoNaLoWe76f9p68WYWe4rJesmv
+9zop6DoU71ekgs8aS320acCD3eX8dkpsKKeJGsN4ZB1CN1WmDo+w7rGcE69v/JJ
9JsS/VC1CEdXCz3lXRXagqczxRYMeqgpJkTz7hHUKJlcQkd0CWZc0ch9Vb6NumKQ
ZaK9MpLedqBkbpFmPTZn03ycLt5/Tks33lCKfl1IWQ0tQODxCpdx0e/JSXmkJz6l
DVEHDn/HeoQm7OB/ecGjRBJmjh/JFKG6DsVrAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUwRezm2Q6NzwAXZLKHGwSx4wNcVAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3dSZXptMlE2Tnp3QVha
TEtIR3dTeDR3TmNWQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAGQDo23Vzj4GAC7uXLF+PIf9MnQRFwqJ
eMfBmOdD5+ka4YS825vMV45mZp40Mk4HVzSEUdNOTSbNgslhgANdsgDkqCt+EHsG
EmSvOFwoA41E2ORfaD0axrT23aJwCcdmqg2CSCx/jxVAjYW48Ahb0x9D+ht48azf
Wj4uvngzy9aZ9EERytnezJrUISg5ePGc2z/7lJA+IaraWhASc0aKevql/Qw9I361
PzN1CFlDFQHAnsuG3lJSSlv1VgbUaAsIaEzjsghHfABeN1z8Aa/2Yr8GC/KoRPjk
MZBZos9CICVA63FbwULVsGiaR1YOZE7EeEVm2I9IuS9f0WBuwsediQ0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:54 2024 by rpki-client on console-fra.rpki-client.org