Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/z5vvzNiEzetYdPduuNfF9RBTeB4.roa
File: z5vvzNiEzetYdPduuNfF9RBTeB4.roa (raw, json)
Hash identifier: ygRcLerS948Zgq7owun75RzCSerBEUZZWz6F/00YfWs=
Subject key identifier: CF:9B:EF:CC:D8:84:CD:EB:58:74:F7:6E:B8:D7:C5:F5:10:53:78:1E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 48DF
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/z5vvzNiEzetYdPduuNfF9RBTeB4.roa
Signing time: Thu 25 Apr 2024 17:53:19 +0000
ROA not before: Thu 25 Apr 2024 17:53:19 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18655 (0x48df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 25 17:53:19 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CF9BEFCCD884CDEB5874F76EB8D7C5F51053781E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:94:03:bc:98:34:0e:b1:6d:38:60:7b:47:92:
10:2f:d3:31:60:a0:c6:02:93:d6:5c:0e:7f:7d:b7:
64:4f:dc:d6:cd:bd:8a:45:c1:e6:1e:c5:9d:6f:4d:
77:c5:ec:83:f2:b4:92:ea:a8:d1:61:53:17:a1:9a:
7c:b3:9b:0b:0f:5e:4e:a1:ad:a3:b9:0b:9a:6a:92:
b3:46:cb:cd:bf:70:12:73:27:eb:16:86:68:09:b9:
69:c3:9f:34:1f:4d:e6:4e:37:b9:48:b7:c9:42:4f:
f3:7d:d8:f0:c8:49:da:03:b7:c5:16:11:69:c4:6a:
bf:1c:ed:51:bb:88:10:29:08:85:a5:df:f9:eb:2b:
c8:6e:92:03:e7:d2:87:2b:c5:e8:66:b1:3f:a7:39:
36:16:bc:21:5b:05:03:6b:95:26:af:4e:d7:2a:99:
73:7f:87:7f:dc:43:f1:33:76:4f:65:6e:36:3f:dc:
db:d2:8a:5e:40:d2:9b:58:9d:59:7e:10:f3:5f:9b:
a4:f6:c3:38:b1:00:d1:ab:7f:12:b5:09:0d:b6:0a:
4c:a3:ce:c8:d7:11:6c:d0:60:36:ae:1a:3e:16:87:
d6:10:39:98:48:0f:57:69:a9:01:01:3a:da:5b:a5:
89:43:01:de:9e:99:9b:ec:ef:8e:ec:e9:5f:74:50:
95:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:9B:EF:CC:D8:84:CD:EB:58:74:F7:6E:B8:D7:C5:F5:10:53:78:1E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/z5vvzNiEzetYdPduuNfF9RBTeB4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
bc:cb:5e:cf:8f:f2:4f:c2:f2:2c:25:fb:f9:75:4f:60:36:39:
ce:ba:f7:e2:81:4f:0c:1e:4a:fd:3d:57:eb:b6:90:62:5d:b8:
82:fa:6c:10:53:78:9f:a8:35:95:b6:d8:59:15:9d:3a:46:f2:
df:3c:27:33:6b:a2:7d:a8:74:d9:b5:6a:dc:ce:1e:cc:21:d3:
bd:22:9c:d9:cb:84:f8:69:cd:b1:56:dc:da:83:d9:09:e9:05:
65:8c:a5:a4:78:a6:26:87:3b:d8:24:cc:33:0d:18:46:89:97:
57:6b:58:10:be:09:ca:22:ed:26:f1:ac:0b:a7:de:f6:0f:0b:
46:a6:e5:77:15:e8:a4:cb:08:b9:7a:b2:eb:9f:09:08:38:e7:
06:98:8d:0a:d3:31:d9:be:cc:db:cf:65:09:c0:ac:76:bf:01:
dd:2e:3d:6e:61:f4:e3:ec:5e:d2:9e:0d:b2:23:24:d7:09:5b:
04:e2:98:ac:5e:36:88:a9:d8:10:44:bc:c9:05:ef:59:50:69:
6e:56:79:8f:bb:8d:8a:0d:59:e1:32:3f:ee:e9:18:20:27:71:
9f:5f:80:85:43:f2:26:db:b9:a2:d1:7f:4d:7d:2a:31:94:d3:
a7:7a:08:a3:a0:2c:a7:85:5a:84:de:e4:94:9b:a2:42:38:89:
1a:a5:28:bf
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICSN8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjUx
NzUzMTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENGOUJFRkNDRDg4NENE
RUI1ODc0Rjc2RUI4RDdDNUY1MTA1Mzc4MUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvlAO8mDQOsW04YHtHkhAv0zFgoMYCk9ZcDn99t2RP3NbNvYpF
weYexZ1vTXfF7IPytJLqqNFhUxehmnyzmwsPXk6hraO5C5pqkrNGy82/cBJzJ+sW
hmgJuWnDnzQfTeZON7lIt8lCT/N92PDISdoDt8UWEWnEar8c7VG7iBApCIWl3/nr
K8hukgPn0ocrxehmsT+nOTYWvCFbBQNrlSavTtcqmXN/h3/cQ/Ezdk9lbjY/3NvS
il5A0ptYnVl+EPNfm6T2wzixANGrfxK1CQ22CkyjzsjXEWzQYDauGj4Wh9YQOZhI
D1dpqQEBOtpbpYlDAd6emZvs747s6V90UJUrAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUz5vvzNiEzetYdPduuNfF9RBTeB4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3o1dnZ6TmlFemV0WWRQ
ZHV1TmZGOVJCVGVCNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALzLXs+P8k/C8iwl+/l1T2A2Oc669+KB
TwweSv09V+u2kGJduIL6bBBTeJ+oNZW22FkVnTpG8t88JzNron2odNm1atzOHswh
070inNnLhPhpzbFW3NqD2QnpBWWMpaR4piaHO9gkzDMNGEaJl1drWBC+Ccoi7Sbx
rAun3vYPC0am5XcV6KTLCLl6suufCQg45waYjQrTMdm+zNvPZQnArHa/Ad0uPW5h
9OPsXtKeDbIjJNcJWwTimKxeNoip2BBEvMkF71lQaW5WeY+7jYoNWeEyP+7pGCAn
cZ9fgIVD8ibbuaLRf019KjGU06d6CKOgLKeFWoTe5JSbokI4iRqlKL8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:56 2024 by rpki-client on console-fra.rpki-client.org