Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/xYQ7rFIL81BOXUHayazCOHeriQ0.roa
File: xYQ7rFIL81BOXUHayazCOHeriQ0.roa (raw, json)
Hash identifier: dGZMrKgoQDu32BbGWY+8/HFWHQ05z1QDthL6+NimeIw=
Subject key identifier: C5:84:3B:AC:52:0B:F3:50:4E:5D:41:DA:C9:AC:C2:38:77:AB:89:0D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 354B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xYQ7rFIL81BOXUHayazCOHeriQ0.roa
Signing time: Sat 30 Mar 2024 15:22:14 +0000
ROA not before: Sat 30 Mar 2024 15:22:14 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13643 (0x354b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 15:22:14 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C5843BAC520BF3504E5D41DAC9ACC23877AB890D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:57:ae:c2:c7:cf:cb:ba:eb:9c:b0:2a:27:70:
78:a4:87:b6:ef:5f:33:6c:67:b5:91:63:e3:6e:ef:
48:e1:00:bd:ce:93:67:50:6b:61:a7:c8:05:41:76:
31:d5:01:80:05:bb:95:57:41:4b:d7:f9:ba:8c:a6:
0e:3b:41:f2:bd:75:75:af:14:d2:80:2a:f1:09:4d:
06:80:6d:16:9a:23:98:e1:3a:80:48:2a:43:51:9b:
2a:02:c2:d4:33:05:bd:df:6f:61:4d:6c:05:22:ef:
10:0e:13:b4:3e:47:9a:ee:c0:c7:3a:3c:50:75:f4:
ea:7c:83:be:21:c2:44:eb:40:45:c9:93:55:e9:c0:
2f:38:a9:34:b8:c3:e7:01:bb:f8:0a:4d:06:9e:7f:
ce:73:90:f2:83:78:4f:d7:4c:31:32:95:b9:e7:4f:
99:26:6b:66:02:a1:1d:d6:8e:07:90:3f:d5:d7:23:
20:a0:ee:2e:ab:94:a9:72:4d:31:32:62:59:2d:2a:
c7:ee:11:d4:2c:f2:0e:50:1d:0d:ca:85:ad:4b:94:
68:ef:94:53:89:91:4b:25:da:57:ae:e6:10:de:7f:
27:26:10:20:8b:ed:df:3a:c4:6f:e9:d5:46:e2:bf:
b3:8b:03:0d:76:98:7f:ee:ad:30:d4:85:a8:2e:73:
1a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:84:3B:AC:52:0B:F3:50:4E:5D:41:DA:C9:AC:C2:38:77:AB:89:0D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xYQ7rFIL81BOXUHayazCOHeriQ0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
7e:b4:41:37:95:78:e9:c2:ad:54:36:f2:7d:50:9d:ae:98:aa:
af:6f:b0:1d:c4:61:62:ac:27:54:a1:59:d9:0a:4e:10:22:09:
5c:bb:15:b6:b2:0e:4b:15:9a:20:5b:a4:72:3e:74:02:66:d0:
83:6b:5b:b2:4d:60:6b:50:e5:87:f2:df:48:d4:a9:4c:46:d5:
39:d3:2e:54:21:0b:e7:79:43:e2:98:c2:80:b2:a5:6b:a5:17:
5e:af:28:98:97:d2:7d:c2:74:bf:35:21:cb:1a:c6:e5:d4:b9:
db:23:1a:42:0f:71:c4:d8:19:2c:e3:3d:ba:61:a4:53:45:82:
42:b8:17:eb:39:35:7c:fa:57:ef:f1:ec:f7:b0:5f:24:e3:48:
20:04:6e:14:95:c0:f4:91:1a:72:18:dd:a6:dd:4e:d3:58:37:
fa:e8:df:38:76:36:bc:fc:a8:ef:23:43:1e:7f:ff:d1:36:8a:
6a:e0:87:ce:54:17:68:67:44:5e:9c:9c:a9:27:70:b7:60:f4:
02:a9:99:98:24:48:d0:cd:d6:43:66:11:ce:51:e8:e3:2d:b0:
1d:5e:ee:7b:dd:77:61:a0:a9:0c:43:26:20:38:be:6d:e6:27:
6b:92:e0:46:7c:29:c6:71:4f:33:42:30:03:33:e0:f9:f4:dd:
e8:f5:cd:a6
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNUswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAx
NTIyMTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM1ODQzQkFDNTIwQkYz
NTA0RTVENDFEQUM5QUNDMjM4NzdBQjg5MEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOV67Cx8/LuuucsConcHikh7bvXzNsZ7WRY+Nu70jhAL3Ok2dQ
a2GnyAVBdjHVAYAFu5VXQUvX+bqMpg47QfK9dXWvFNKAKvEJTQaAbRaaI5jhOoBI
KkNRmyoCwtQzBb3fb2FNbAUi7xAOE7Q+R5ruwMc6PFB19Op8g74hwkTrQEXJk1Xp
wC84qTS4w+cBu/gKTQaef85zkPKDeE/XTDEylbnnT5kma2YCoR3WjgeQP9XXIyCg
7i6rlKlyTTEyYlktKsfuEdQs8g5QHQ3Kha1LlGjvlFOJkUsl2leu5hDefycmECCL
7d86xG/p1Ubiv7OLAw12mH/urTDUhagucxo7AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUxYQ7rFIL81BOXUHayazCOHeriQ0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3hZUTdyRklMODFCT1hV
SGF5YXpDT0hlcmlRMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAH60QTeVeOnCrVQ28n1Qna6Yqq9vsB3E
YWKsJ1ShWdkKThAiCVy7FbayDksVmiBbpHI+dAJm0INrW7JNYGtQ5Yfy30jUqUxG
1TnTLlQhC+d5Q+KYwoCypWulF16vKJiX0n3CdL81IcsaxuXUudsjGkIPccTYGSzj
PbphpFNFgkK4F+s5NXz6V+/x7PewXyTjSCAEbhSVwPSRGnIY3abdTtNYN/ro3zh2
Nrz8qO8jQx5//9E2imrgh85UF2hnRF6cnKkncLdg9AKpmZgkSNDN1kNmEc5R6OMt
sB1e7nvdd2GgqQxDJiA4vm3mJ2uS4EZ8KcZxTzNCMAMz4Pn03ej1zaY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:55 2024 by rpki-client on console-fra.rpki-client.org