Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/YSV4LNfYOm2WBy0uXbpug1Iqt0o.roa
File: YSV4LNfYOm2WBy0uXbpug1Iqt0o.roa (raw, json)
Hash identifier: e399gHYdfHygHWs2Lpo3hoaV8FbQUuBloAiEHr5Spvs=
Subject key identifier: 61:25:78:2C:D7:D8:3A:6D:96:07:2D:2E:5D:BA:6E:83:52:2A:B7:4A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4E93
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YSV4LNfYOm2WBy0uXbpug1Iqt0o.roa
Signing time: Fri 03 May 2024 08:23:45 +0000
ROA not before: Fri 03 May 2024 08:23:45 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20115 (0x4e93)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 3 08:23:45 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6125782CD7D83A6D96072D2E5DBA6E83522AB74A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:34:c2:74:05:9a:25:09:15:c4:1c:b0:ec:0d:
b8:3a:d8:18:a2:5a:41:f6:53:d5:5c:eb:e4:58:ac:
33:28:ba:77:5f:fd:ea:e7:33:7b:3b:b8:d2:f6:d3:
9e:af:f9:34:3a:ce:3d:d0:ec:7a:73:42:b9:83:5a:
d8:e3:11:58:a5:a0:29:78:31:5e:e8:e7:fe:2a:9d:
40:0d:df:23:09:48:d5:00:96:08:bc:08:56:25:82:
66:99:ba:31:32:d1:b1:a0:e6:e0:93:08:a1:2e:a5:
8f:77:13:14:6e:6d:c3:90:6d:2a:c1:50:1d:14:4c:
a5:75:7f:29:e0:ed:b9:7d:be:72:75:92:f2:12:a1:
95:c5:16:8f:c9:cc:ff:9c:46:7f:54:ac:b5:8d:bf:
95:45:11:ee:3c:11:7b:de:42:c7:3a:6f:96:c4:e8:
ad:68:bc:b9:21:48:d2:eb:66:38:9d:21:66:88:f9:
9c:72:7d:80:7b:d5:7a:27:a4:65:94:e2:0e:10:24:
b5:dc:23:1e:cb:60:5f:b4:73:58:9f:a1:5c:41:3f:
9a:32:6c:0b:04:d8:53:9f:4d:ee:43:49:f3:91:28:
52:57:86:ef:7d:c4:8d:cd:87:6c:a1:a4:33:78:f2:
ea:e3:93:e0:3c:57:d3:6f:cf:12:09:4f:7b:0c:d4:
70:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:25:78:2C:D7:D8:3A:6D:96:07:2D:2E:5D:BA:6E:83:52:2A:B7:4A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/YSV4LNfYOm2WBy0uXbpug1Iqt0o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
39:0c:67:59:e1:b9:e8:eb:ef:ed:f3:b1:1d:c2:c2:1d:3b:5e:
d7:0e:0f:cf:7f:1b:98:7e:84:cd:5c:01:90:6d:c6:5b:3a:37:
9e:00:72:0d:33:f7:3f:32:a1:bc:cc:8d:b9:48:60:62:8f:17:
3b:ce:5e:57:cb:d9:8f:bd:0e:07:b2:54:b4:47:83:6f:23:fb:
31:a7:5b:f3:11:7b:1b:5a:e1:7a:f9:c9:45:e4:02:24:9d:f4:
5b:dc:12:e3:d4:28:b6:59:0e:01:92:5e:ac:ae:61:96:ca:0a:
0c:5d:3f:fc:78:1a:31:6d:09:fa:e6:d6:74:26:67:4a:fa:eb:
d6:a3:95:f5:59:c3:55:7b:bf:db:3f:ef:b3:aa:88:71:d1:b6:
19:ee:b3:d0:e5:d3:54:67:d8:b3:65:08:35:45:35:a6:12:2b:
5f:14:19:43:9d:33:84:27:84:49:e4:0e:6b:02:c3:6d:a8:d1:
d4:1c:d9:80:e4:cb:fd:b3:e6:3b:ad:8e:75:9b:47:66:dc:e3:
06:76:a8:2c:c6:7d:67:e9:f5:af:90:87:f3:57:75:6f:ca:d2:
6e:91:1f:14:61:9d:c3:82:87:8c:74:12:2d:e0:be:73:3f:7d:
72:b6:78:17:d6:41:f7:b8:d2:d4:d1:63:c6:b4:b2:d1:5e:46:
f1:b8:dd:4e
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTpMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDMw
ODIzNDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYxMjU3ODJDRDdEODNB
NkQ5NjA3MkQyRTVEQkE2RTgzNTIyQUI3NEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLNMJ0BZolCRXEHLDsDbg62BiiWkH2U9Vc6+RYrDMoundf/ern
M3s7uNL2056v+TQ6zj3Q7HpzQrmDWtjjEViloCl4MV7o5/4qnUAN3yMJSNUAlgi8
CFYlgmaZujEy0bGg5uCTCKEupY93ExRubcOQbSrBUB0UTKV1fyng7bl9vnJ1kvIS
oZXFFo/JzP+cRn9UrLWNv5VFEe48EXveQsc6b5bE6K1ovLkhSNLrZjidIWaI+Zxy
fYB71XonpGWU4g4QJLXcIx7LYF+0c1ifoVxBP5oybAsE2FOfTe5DSfORKFJXhu99
xI3Nh2yhpDN48urjk+A8V9NvzxIJT3sM1HD9AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUYSV4LNfYOm2WBy0uXbpug1Iqt0owHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1lTVjRMTmZZT20yV0J5
MHVYYnB1ZzFJcXQwby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBADkMZ1nhuejr7+3zsR3Cwh07XtcOD89/
G5h+hM1cAZBtxls6N54Acg0z9z8yobzMjblIYGKPFzvOXlfL2Y+9DgeyVLRHg28j
+zGnW/MRexta4Xr5yUXkAiSd9FvcEuPUKLZZDgGSXqyuYZbKCgxdP/x4GjFtCfrm
1nQmZ0r669ajlfVZw1V7v9s/77OqiHHRthnus9Dl01Rn2LNlCDVFNaYSK18UGUOd
M4QnhEnkDmsCw22o0dQc2YDky/2z5jutjnWbR2bc4wZ2qCzGfWfp9a+Qh/NXdW/K
0m6RHxRhncOCh4x0Ei3gvnM/fXK2eBfWQfe40tTRY8a0stFeRvG43U4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:31 2024 by rpki-client on console-fra.rpki-client.org