Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/zVMJgZ3_8J-gxVXXdwwPXWZcALg.roa
File: zVMJgZ3_8J-gxVXXdwwPXWZcALg.roa (raw, json)
Hash identifier: lrdmNR0/9ytMqA71ngbht5s9v/njYfKZP6+8cGieqUs=
Subject key identifier: CD:53:09:81:9D:FF:F0:9F:A0:C5:55:D7:77:0C:0F:5D:66:5C:00:B8
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3FDB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zVMJgZ3_8J-gxVXXdwwPXWZcALg.roa
Signing time: Sat 13 Apr 2024 17:22:50 +0000
ROA not before: Sat 13 Apr 2024 17:22:50 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16347 (0x3fdb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 13 17:22:50 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CD5309819DFFF09FA0C555D7770C0F5D665C00B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:81:91:60:40:c9:9e:90:d0:d5:ca:4b:28:b7:
f7:11:10:0a:30:5f:9f:98:fc:e8:09:4a:dc:b4:a1:
5f:77:79:74:9a:6b:63:13:57:8c:cd:03:87:c2:d9:
1a:dc:f8:2d:7f:15:77:db:04:dc:4b:35:dc:68:a4:
17:73:9c:94:84:15:a6:e8:e4:57:8d:64:cb:68:fc:
15:69:d9:c2:e7:8c:0d:59:7e:58:61:9d:c7:6e:f6:
34:bc:63:7a:9b:d2:8e:19:15:24:ba:b8:c9:30:86:
d9:ef:9e:38:e4:c9:36:a4:41:a5:31:30:2b:98:0c:
33:89:d1:6e:09:1b:5f:e5:19:e9:e8:e2:ea:a2:d3:
7e:b6:a9:c2:47:64:14:b6:34:8a:aa:ba:41:da:89:
d3:b1:4e:11:ad:8c:1c:4c:0d:15:87:78:15:a7:63:
e7:e5:d8:f5:a2:9b:6d:99:98:72:07:3d:45:c3:e6:
59:8a:a7:01:27:77:9b:49:cd:c9:8d:c1:b0:fa:08:
a4:13:29:ad:6c:a3:e4:80:5f:2e:49:38:ab:44:f2:
0b:de:d9:7c:89:ed:ba:e1:42:84:e5:63:dd:fb:5c:
e2:54:49:fb:ac:21:5e:1f:49:d5:87:39:fd:67:2b:
b4:21:be:be:99:8c:b8:e2:9f:cb:a0:64:ee:5a:8c:
90:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:53:09:81:9D:FF:F0:9F:A0:C5:55:D7:77:0C:0F:5D:66:5C:00:B8
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zVMJgZ3_8J-gxVXXdwwPXWZcALg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
63:88:b7:93:33:7a:2d:9c:04:63:23:b5:c6:6d:f8:ae:86:83:
c3:f5:2c:21:08:96:b6:f4:85:47:20:8a:c2:00:de:3d:dc:0f:
f5:6c:79:2b:92:13:50:e6:69:b2:4c:cb:5f:f2:78:9f:20:0b:
8d:f9:d8:f7:f2:e3:a0:2a:2c:d6:fc:26:07:e6:49:1d:ba:56:
90:db:c9:e6:e2:9f:09:07:18:f8:88:b1:fe:4d:0f:c8:40:3f:
ff:4c:67:e3:45:01:57:6a:3b:68:8a:79:41:42:91:2f:b6:0d:
f8:57:9f:9a:8f:dc:61:79:e3:a5:c5:cb:32:b1:2b:95:69:e6:
dc:bc:00:c2:0a:91:57:a0:87:ac:05:7d:55:74:37:3b:b6:44:
35:ef:93:28:34:67:58:f8:40:84:25:44:87:f8:08:a5:b3:e5:
51:2e:89:eb:d3:4a:77:aa:90:39:68:b9:39:cc:08:03:8b:f8:
ce:41:3e:1d:a0:32:da:fe:93:6b:2c:3c:aa:0e:82:d3:12:c3:
7c:01:82:43:19:9f:cf:56:a2:3c:77:01:2e:36:91:01:94:bd:
a5:f9:19:c8:a0:93:3d:5c:37:d7:84:41:56:56:90:90:d8:cb:
9b:01:41:f9:6a:05:b2:d0:a1:11:bb:67:d2:00:31:90:a1:91:
05:93:ef:81
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICP9swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTMx
NzIyNTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENENTMwOTgxOURGRkYw
OUZBMEM1NTVENzc3MEMwRjVENjY1QzAwQjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVgZFgQMmekNDVyksot/cREAowX5+Y/OgJSty0oV93eXSaa2MT
V4zNA4fC2Rrc+C1/FXfbBNxLNdxopBdznJSEFabo5FeNZMto/BVp2cLnjA1Zflhh
ncdu9jS8Y3qb0o4ZFSS6uMkwhtnvnjjkyTakQaUxMCuYDDOJ0W4JG1/lGeno4uqi
0362qcJHZBS2NIqqukHaidOxThGtjBxMDRWHeBWnY+fl2PWim22ZmHIHPUXD5lmK
pwEnd5tJzcmNwbD6CKQTKa1so+SAXy5JOKtE8gve2XyJ7brhQoTlY937XOJUSfus
IV4fSdWHOf1nK7Qhvr6ZjLjin8ugZO5ajJBBAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUzVMJgZ3/8J+gxVXXdwwPXWZcALgwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3pWTUpnWjNfOEotZ3hW
WFhkd3dQWFdaY0FMZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAGOIt5Mzei2cBGMjtcZt+K6Gg8P1LCEI
lrb0hUcgisIA3j3cD/VseSuSE1DmabJMy1/yeJ8gC4352Pfy46AqLNb8JgfmSR26
VpDbyebinwkHGPiIsf5ND8hAP/9MZ+NFAVdqO2iKeUFCkS+2DfhXn5qP3GF546XF
yzKxK5Vp5ty8AMIKkVegh6wFfVV0Nzu2RDXvkyg0Z1j4QIQlRIf4CKWz5VEuievT
SneqkDlouTnMCAOL+M5BPh2gMtr+k2ssPKoOgtMSw3wBgkMZn89Wojx3AS42kQGU
vaX5Gcigkz1cN9eEQVZWkJDYy5sBQflqBbLQoRG7Z9IAMZChkQWT74E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:22 2024 by rpki-client on console-ams.rpki-client.org