Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/FOEuYPnr6l7fesRaIkf23CCIEfo.roa
File: FOEuYPnr6l7fesRaIkf23CCIEfo.roa (raw, json)
Hash identifier: g2KJt1DAtQXf4Zo1ZH14TMnDQDL6VhEGsYEhrbqxH7M=
Subject key identifier: 14:E1:2E:60:F9:EB:EA:5E:DF:7A:C4:5A:22:47:F6:DC:20:88:11:FA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 32F7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/FOEuYPnr6l7fesRaIkf23CCIEfo.roa
Signing time: Wed 27 Mar 2024 12:52:02 +0000
ROA not before: Wed 27 Mar 2024 12:52:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13047 (0x32f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 27 12:52:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=14E12E60F9EBEA5EDF7AC45A2247F6DC208811FA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:c5:6f:40:87:a4:f2:d8:87:a6:77:c6:58:6e:
67:ce:07:13:e1:d5:ba:b7:75:ec:8e:5b:40:66:b7:
91:c4:65:a4:05:1a:82:21:61:7b:13:c1:3a:b9:5a:
67:41:74:1c:8b:76:48:14:77:b9:31:cc:95:af:49:
ce:48:d8:70:f2:92:01:08:c0:d8:3a:eb:a7:60:22:
29:48:62:78:f1:f1:15:c2:bf:48:7c:c1:23:ae:72:
f2:56:7a:26:0f:76:e3:c0:ea:e0:c0:13:ce:02:41:
01:83:46:58:b4:01:79:83:69:08:b5:6c:ca:a4:d9:
65:fd:83:79:09:dc:5a:2a:8d:28:d6:3c:73:aa:5c:
bb:7e:c4:7d:7b:d6:11:ea:a3:65:f9:bc:09:90:40:
33:51:0d:cf:6c:0a:f0:2e:9a:0b:50:14:cd:b2:d9:
f8:c2:cc:6b:0d:51:6f:68:0b:fb:57:a2:ce:60:1a:
07:fc:74:05:bc:e8:87:41:45:50:40:81:01:31:f5:
eb:33:8c:cf:c5:43:c4:4b:d4:29:e9:1c:55:0c:07:
d0:02:25:45:02:e0:69:a2:01:b5:e4:d6:c4:87:b5:
fb:ea:25:c1:43:4d:0f:66:1a:b7:3c:c2:b7:51:bb:
c2:00:7e:94:ad:6d:dd:36:86:b2:a4:22:fd:b2:9b:
cd:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:E1:2E:60:F9:EB:EA:5E:DF:7A:C4:5A:22:47:F6:DC:20:88:11:FA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/FOEuYPnr6l7fesRaIkf23CCIEfo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
6d:7f:ec:e5:fa:87:0e:14:79:69:11:a1:1f:e0:c4:23:f7:8d:
43:68:6d:5d:7d:a5:46:ba:ca:af:28:a6:f0:c5:28:f8:6e:b5:
c5:aa:0f:58:da:e3:17:b5:2c:7b:7e:8c:5a:84:99:ab:fa:35:
c5:ea:94:a6:20:11:7f:93:be:7f:ff:0f:d0:96:8f:00:93:2b:
7f:15:e7:70:08:c2:2f:28:d8:b0:e8:81:83:52:b7:98:4a:98:
52:89:f9:99:14:67:c4:7b:2e:5a:f8:87:7c:80:6d:99:2e:66:
39:37:c2:b8:a8:c2:b5:a5:bb:18:d0:5a:ea:cb:c0:72:3f:c2:
7c:59:65:4d:fe:07:00:e1:e6:d5:9f:10:ba:72:ae:d6:66:e6:
be:96:e0:20:29:7d:fb:a3:dc:fe:75:73:f8:93:8e:a9:a1:5b:
7b:ad:05:89:f7:d7:96:eb:98:74:26:82:7a:57:2b:29:3e:58:
ee:9d:b3:84:e9:73:8c:62:49:dd:5b:2a:bd:32:a8:ed:84:21:
ee:0e:f4:38:98:91:09:4c:8d:ff:15:8a:a6:f8:a2:23:fa:ed:
6b:7d:78:da:48:2e:16:2e:e6:2d:38:bc:71:58:09:b1:15:34:
a5:63:65:93:c8:28:ec:a6:67:76:ac:9a:6b:db:61:4e:a5:02:
22:e4:76:02
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICMvcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjcx
MjUyMDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE0RTEyRTYwRjlFQkVB
NUVERjdBQzQ1QTIyNDdGNkRDMjA4ODExRkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDuxW9Ah6Ty2Iemd8ZYbmfOBxPh1bq3deyOW0Bmt5HEZaQFGoIh
YXsTwTq5WmdBdByLdkgUd7kxzJWvSc5I2HDykgEIwNg666dgIilIYnjx8RXCv0h8
wSOucvJWeiYPduPA6uDAE84CQQGDRli0AXmDaQi1bMqk2WX9g3kJ3FoqjSjWPHOq
XLt+xH171hHqo2X5vAmQQDNRDc9sCvAumgtQFM2y2fjCzGsNUW9oC/tXos5gGgf8
dAW86IdBRVBAgQEx9eszjM/FQ8RL1CnpHFUMB9ACJUUC4GmiAbXk1sSHtfvqJcFD
TQ9mGrc8wrdRu8IAfpStbd02hrKkIv2ym83bAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUFOEuYPnr6l7fesRaIkf23CCIEfowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0ZPRXVZUG5yNmw3ZmVz
UmFJa2YyM0NDSUVmby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAG1/7OX6hw4UeWkRoR/gxCP3jUNobV19
pUa6yq8opvDFKPhutcWqD1ja4xe1LHt+jFqEmav6NcXqlKYgEX+Tvn//D9CWjwCT
K38V53AIwi8o2LDogYNSt5hKmFKJ+ZkUZ8R7Llr4h3yAbZkuZjk3wriowrWluxjQ
WurLwHI/wnxZZU3+BwDh5tWfELpyrtZm5r6W4CApffuj3P51c/iTjqmhW3utBYn3
15brmHQmgnpXKyk+WO6ds4Tpc4xiSd1bKr0yqO2EIe4O9DiYkQlMjf8Viqb4oiP6
7Wt9eNpILhYu5i04vHFYCbEVNKVjZZPIKOymZ3asmmvbYU6lAiLkdgI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:15 2024 by rpki-client on console-fra.rpki-client.org