Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/xpImiLckdtep-naTH93MmueD9Yo.roa
File: xpImiLckdtep-naTH93MmueD9Yo.roa (raw, json)
Hash identifier: FknYBk/qrChXvJ+Zzqkd9xuqRYN61qwZFoCWOvx+/yc=
Subject key identifier: C6:92:26:88:B7:24:76:D7:A9:FA:76:93:1F:DD:CC:9A:E7:83:F5:8A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 538F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xpImiLckdtep-naTH93MmueD9Yo.roa
Signing time: Thu 09 May 2024 23:54:05 +0000
ROA not before: Thu 09 May 2024 23:54:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21391 (0x538f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 9 23:54:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C6922688B72476D7A9FA76931FDDCC9AE783F58A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:80:11:e2:ba:d9:9a:6c:3d:d0:a6:33:44:ba:
14:38:5a:69:2e:67:87:3c:a7:e3:b5:8f:4f:24:f7:
4a:26:49:4c:7c:d7:3c:11:ba:6b:25:1a:19:5e:d7:
05:57:22:65:26:54:0c:76:21:a8:74:74:ac:18:61:
01:32:3c:fc:25:33:4f:3e:03:ba:46:6d:a2:97:e1:
3a:9a:6d:72:b9:1d:26:ce:74:6c:36:17:e1:ea:5b:
91:a5:58:72:51:c5:3b:50:62:c8:5a:03:ba:94:be:
05:30:2f:5c:6c:71:1c:ac:4a:4a:13:46:0e:f0:86:
24:bd:17:64:c2:8d:2c:f7:f8:8d:7d:f5:a1:a1:2a:
e4:ec:31:6e:54:74:f8:55:2b:18:75:87:cc:77:04:
9e:0d:95:fe:8b:1f:fb:be:99:e3:be:78:ca:51:85:
1e:41:ec:73:84:31:3d:66:42:f4:e2:4e:76:67:bc:
57:63:dc:81:86:2a:6e:96:13:4c:cc:14:54:22:59:
aa:e1:97:a7:1b:0b:b4:aa:4e:73:73:74:4a:01:b9:
a6:cb:c7:3b:c4:7f:b6:9c:8b:96:f8:2b:2e:05:e4:
9c:b4:43:0d:58:2c:2d:72:a4:db:1a:3a:5f:62:f0:
55:8e:71:52:42:8e:11:26:aa:4e:e6:dd:65:28:21:
80:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:92:26:88:B7:24:76:D7:A9:FA:76:93:1F:DD:CC:9A:E7:83:F5:8A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/xpImiLckdtep-naTH93MmueD9Yo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
81:05:e0:54:ed:9b:be:25:d4:c2:89:fb:21:73:e0:ed:64:ef:
3f:13:68:2e:f3:0a:ca:83:5f:fe:a0:45:6a:de:cd:d7:b9:ad:
09:97:7b:2d:fb:30:61:9d:8d:87:8f:09:ee:aa:66:0a:20:df:
b4:7c:31:ae:e5:36:52:f5:98:6a:40:2e:c9:ad:f2:c6:99:8a:
3a:2f:ff:89:19:9b:57:98:96:7e:94:57:a8:89:30:ad:28:28:
6c:3f:87:2b:9d:1e:77:af:02:f5:0f:36:ac:36:27:3b:03:2c:
67:05:6f:99:a9:10:b5:79:7a:2f:28:04:2d:db:e8:58:30:c4:
67:3e:d1:1c:36:c5:5f:c3:34:5d:18:00:15:96:61:2a:ba:ab:
f7:ba:e5:93:f7:f4:51:8d:67:66:47:a1:3e:94:d1:75:ce:73:
ec:9b:3a:19:eb:17:94:86:29:3f:1a:0d:45:d6:77:03:ee:2d:
ef:1d:4b:01:00:b8:e4:ee:44:1f:c3:3b:50:92:8d:0f:2d:d4:
aa:0c:b0:0e:9f:6a:e2:3c:15:28:1a:da:a1:11:02:52:a0:9a:
97:f6:d7:8c:75:be:19:a9:4a:2b:73:6b:eb:5e:8c:97:89:a8:
d0:cd:26:98:14:ce:db:fd:08:2e:f6:3b:83:7e:93:ae:e0:65:
6a:34:95:d6
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICU48wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDky
MzU0MDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM2OTIyNjg4QjcyNDc2
RDdBOUZBNzY5MzFGRERDQzlBRTc4M0Y1OEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpgBHiutmabD3QpjNEuhQ4WmkuZ4c8p+O1j08k90omSUx81zwR
umslGhle1wVXImUmVAx2Iah0dKwYYQEyPPwlM08+A7pGbaKX4TqabXK5HSbOdGw2
F+HqW5GlWHJRxTtQYshaA7qUvgUwL1xscRysSkoTRg7whiS9F2TCjSz3+I199aGh
KuTsMW5UdPhVKxh1h8x3BJ4Nlf6LH/u+meO+eMpRhR5B7HOEMT1mQvTiTnZnvFdj
3IGGKm6WE0zMFFQiWarhl6cbC7SqTnNzdEoBuabLxzvEf7aci5b4Ky4F5Jy0Qw1Y
LC1ypNsaOl9i8FWOcVJCjhEmqk7m3WUoIYBTAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUxpImiLckdtep+naTH93MmueD9YowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3hwSW1pTGNrZHRlcC1u
YVRIOTNNbXVlRDlZby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAIEF4FTtm74l1MKJ+yFz4O1k7z8TaC7z
CsqDX/6gRWrezde5rQmXey37MGGdjYePCe6qZgog37R8Ma7lNlL1mGpALsmt8saZ
ijov/4kZm1eYln6UV6iJMK0oKGw/hyudHnevAvUPNqw2JzsDLGcFb5mpELV5ei8o
BC3b6FgwxGc+0Rw2xV/DNF0YABWWYSq6q/e65ZP39FGNZ2ZHoT6U0XXOc+ybOhnr
F5SGKT8aDUXWdwPuLe8dSwEAuOTuRB/DO1CSjQ8t1KoMsA6fauI8FSga2qERAlKg
mpf214x1vhmpSitza+tejJeJqNDNJpgUztv9CC72O4N+k67gZWo0ldY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:20 2024 by rpki-client on console-ams.rpki-client.org