Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/xXNfcuzlA0ql6PFQlyL6nRs89_4.roa
File: xXNfcuzlA0ql6PFQlyL6nRs89_4.roa (raw, json)
Hash identifier: /ZVnMzHPmqSzRVggm56zm55jROgl96h4XNKEKQvN1ms=
Subject key identifier: C5:73:5F:72:EC:E5:03:4A:A5:E8:F1:50:97:22:FA:9D:1B:3C:F7:FE
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 43F7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xXNfcuzlA0ql6PFQlyL6nRs89_4.roa
Signing time: Fri 19 Apr 2024 04:53:01 +0000
ROA not before: Fri 19 Apr 2024 04:53:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17399 (0x43f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 19 04:53:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C5735F72ECE5034AA5E8F1509722FA9D1B3CF7FE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:90:5a:3a:3e:0b:7e:b7:0c:fe:4f:f3:16:8a:
f1:dc:db:ac:5a:28:2a:84:7c:7a:c3:ef:41:5b:b4:
ff:6a:a5:8b:b2:7c:1f:95:6d:83:a2:a6:e9:21:ad:
27:17:1e:de:bc:f6:c5:ab:e2:e4:15:d5:12:25:b6:
62:54:7e:75:a2:a3:da:0c:67:8a:3a:e1:20:4f:07:
56:c9:d2:d9:ad:0a:7b:39:d6:18:57:7b:c1:2e:4f:
b6:94:73:fb:fa:c0:b7:51:5f:0e:14:f7:08:a2:1a:
e7:f9:05:c9:bd:2a:83:4a:f4:3b:a3:65:bc:9c:dd:
fc:46:32:b3:e5:e8:25:4f:dc:80:05:57:d8:81:ed:
3f:40:d1:10:5e:e1:aa:2d:e2:00:65:5a:ed:df:1d:
55:9e:8c:2d:16:ea:9e:ae:b4:29:04:58:8b:f2:39:
19:98:bf:9a:ed:83:ac:37:c1:2f:3d:16:b9:5e:46:
f9:9d:54:99:d2:bc:d5:76:11:5c:99:d6:2b:41:e6:
ce:4c:61:bf:f1:a3:e6:89:69:41:86:f4:f8:67:b3:
e9:23:93:93:a4:00:a3:e9:d3:e0:1f:fe:34:27:f0:
fe:45:6f:ca:47:41:25:41:cf:65:f6:7a:25:24:21:
c4:41:09:7d:4c:61:ac:58:38:bf:1e:09:df:ae:5e:
33:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:73:5F:72:EC:E5:03:4A:A5:E8:F1:50:97:22:FA:9D:1B:3C:F7:FE
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xXNfcuzlA0ql6PFQlyL6nRs89_4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
54:2c:56:cb:01:a2:ed:23:23:a7:41:bf:35:02:b4:98:d5:f5:
7d:f1:b9:af:f8:62:16:c8:0c:bb:e0:be:f1:47:ee:b3:d9:84:
bf:8a:32:ce:6c:f1:69:27:bd:e5:ed:64:e9:d2:e9:7d:94:57:
13:3e:e6:c3:5e:bc:93:fc:1f:38:14:cb:a8:6a:b0:b1:fe:f1:
d0:32:b8:c6:6b:a0:95:c0:f2:22:30:95:da:ee:9c:98:ae:9e:
dd:71:55:fa:e6:13:de:93:c2:95:f5:36:e5:bd:6e:62:32:41:
f6:2d:39:3e:30:bc:8d:70:08:8b:24:07:0a:4b:c9:2f:74:8d:
39:b3:97:ac:c0:8d:4c:6f:38:c8:b8:25:e6:47:e1:21:67:da:
e7:f8:4f:46:e4:80:aa:71:20:37:54:35:c9:e2:3b:7f:2a:67:
c7:9c:e2:dc:97:ea:01:a4:82:21:4c:a2:b2:02:21:a8:c0:62:
b6:18:3f:81:93:36:eb:4e:69:2e:3a:e9:cb:0c:a9:77:23:d8:
ca:93:b3:5b:85:0c:d7:8a:49:9e:2e:18:8d:2f:53:ec:22:a1:
b9:61:20:d6:a4:b3:f8:e2:c7:c5:5b:7d:db:b4:f2:30:32:2d:
74:fc:e5:f5:a4:e6:d6:50:e1:84:3c:26:39:08:e7:b2:7e:61:
09:5d:be:8b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQ/cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTkw
NDUzMDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM1NzM1RjcyRUNFNTAz
NEFBNUU4RjE1MDk3MjJGQTlEMUIzQ0Y3RkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlkFo6Pgt+twz+T/MWivHc26xaKCqEfHrD70FbtP9qpYuyfB+V
bYOipukhrScXHt689sWr4uQV1RIltmJUfnWio9oMZ4o64SBPB1bJ0tmtCns51hhX
e8EuT7aUc/v6wLdRXw4U9wiiGuf5Bcm9KoNK9DujZbyc3fxGMrPl6CVP3IAFV9iB
7T9A0RBe4aot4gBlWu3fHVWejC0W6p6utCkEWIvyORmYv5rtg6w3wS89FrleRvmd
VJnSvNV2EVyZ1itB5s5MYb/xo+aJaUGG9Phns+kjk5OkAKPp0+Af/jQn8P5Fb8pH
QSVBz2X2eiUkIcRBCX1MYaxYOL8eCd+uXjOVAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUxXNfcuzlA0ql6PFQlyL6nRs89/4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3hYTmZjdXpsQTBxbDZQ
RlFseUw2blJzODlfNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAFQsVssBou0jI6dBvzUCtJjV9X3xua/4
YhbIDLvgvvFH7rPZhL+KMs5s8WknveXtZOnS6X2UVxM+5sNevJP8HzgUy6hqsLH+
8dAyuMZroJXA8iIwldrunJiunt1xVfrmE96TwpX1NuW9bmIyQfYtOT4wvI1wCIsk
BwpLyS90jTmzl6zAjUxvOMi4JeZH4SFn2uf4T0bkgKpxIDdUNcniO38qZ8ec4tyX
6gGkgiFMorICIajAYrYYP4GTNutOaS466csMqXcj2MqTs1uFDNeKSZ4uGI0vU+wi
oblhINaks/jix8Vbfdu08jAyLXT85fWk5tZQ4YQ8JjkI57J+YQldvos=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:55 2024 by rpki-client on console-fra.rpki-client.org