Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Y_szz9xQlbt20lDuFlp4NZEfdDU.roa
File: Y_szz9xQlbt20lDuFlp4NZEfdDU.roa (raw, json)
Hash identifier: 9zjzOPYIs5SIRfYgphs9yDr+wcXQVnEVQxY8bZvdGJI=
Subject key identifier: 63:FB:33:CF:DC:50:95:BB:76:D2:50:EE:16:5A:78:35:91:1F:74:35
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3EF7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Y_szz9xQlbt20lDuFlp4NZEfdDU.roa
Signing time: Fri 12 Apr 2024 12:52:50 +0000
ROA not before: Fri 12 Apr 2024 12:52:50 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16119 (0x3ef7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 12 12:52:50 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=63FB33CFDC5095BB76D250EE165A7835911F7435
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:cd:4b:ff:b9:ab:3c:28:7e:80:15:92:31:e8:
e1:48:ab:c0:87:9f:89:c5:8c:e0:15:a8:be:03:0f:
27:dc:26:94:c0:c1:e0:a5:1d:90:1a:06:ee:f8:44:
e0:e2:87:d9:10:c3:d4:d0:f8:a4:f9:26:a2:87:c3:
32:3c:8b:ba:6c:3f:3f:ed:78:b5:37:ba:ce:ca:07:
90:f0:2e:cf:70:8f:a5:c3:75:e5:f9:16:4b:24:51:
d4:42:9f:3b:0d:4c:bd:09:18:57:27:ee:23:80:ed:
6f:c8:2b:79:a8:06:27:a2:6e:ad:f2:db:1a:a4:7f:
74:2c:33:84:4b:6c:3c:30:68:77:71:46:79:99:84:
73:88:34:63:2c:b4:e6:d8:97:90:b5:54:10:0c:83:
d8:51:a4:86:05:96:3d:74:3b:8b:17:b4:80:d3:d0:
7f:f8:e6:0b:5b:48:65:6c:d2:52:a0:64:15:b0:3c:
82:a3:96:39:2b:da:97:95:9a:4e:14:f7:8e:86:03:
fa:d7:8e:66:b8:7c:41:49:82:5c:8b:71:e9:97:34:
e8:d6:ef:8f:59:27:af:7c:2e:43:c6:a9:f3:9f:47:
2a:da:40:f0:2d:09:26:65:08:3c:92:e6:55:f1:24:
81:a1:0e:9e:83:77:35:b5:44:bd:27:25:8a:74:f9:
f8:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:FB:33:CF:DC:50:95:BB:76:D2:50:EE:16:5A:78:35:91:1F:74:35
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Y_szz9xQlbt20lDuFlp4NZEfdDU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
8e:c7:b0:db:ab:2a:95:eb:9e:89:59:c8:50:e3:5a:e7:a9:d4:
d5:4d:f0:93:52:e2:c8:1c:1f:f8:1b:08:46:eb:87:a2:fa:41:
ff:73:87:3c:cf:7e:f0:ad:86:42:37:29:7c:9f:26:0e:a9:e1:
7a:52:38:07:b7:85:02:52:32:28:17:c3:e7:74:ec:70:32:7a:
c9:97:01:b3:9e:b5:20:02:7a:34:8f:11:1a:6b:2e:71:da:e6:
11:1b:71:ee:6c:af:36:57:7a:82:92:b1:a6:6f:4c:1f:76:77:
d7:ad:f1:93:e3:47:04:b6:7c:2c:67:bf:8c:90:c0:8c:d8:d7:
36:18:50:f9:8a:c0:ed:99:b7:78:fc:51:e2:56:0c:bf:58:40:
d0:4b:0e:96:21:f5:8a:bd:64:7e:d1:11:6e:d9:c4:9a:1b:ed:
98:9c:a2:67:cb:75:96:ad:3d:b5:1b:d6:03:79:f1:a2:76:a6:
90:b7:79:7b:1c:a8:6e:50:a5:d1:6e:67:59:3b:88:ea:9a:11:
e8:26:74:df:dd:9c:8c:4a:d8:4e:83:0a:f7:8a:5f:39:be:ec:
1a:56:a4:7d:1b:4c:fb:cb:8b:98:ec:46:32:3e:d9:d4:74:9e:
7a:a5:97:c7:31:b1:9f:c7:a0:5a:14:c9:76:b4:67:45:10:56:
9c:54:e3:b3
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPvcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTIx
MjUyNTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYzRkIzM0NGREM1MDk1
QkI3NkQyNTBFRTE2NUE3ODM1OTExRjc0MzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5zUv/uas8KH6AFZIx6OFIq8CHn4nFjOAVqL4DDyfcJpTAweCl
HZAaBu74RODih9kQw9TQ+KT5JqKHwzI8i7psPz/teLU3us7KB5DwLs9wj6XDdeX5
FkskUdRCnzsNTL0JGFcn7iOA7W/IK3moBieibq3y2xqkf3QsM4RLbDwwaHdxRnmZ
hHOINGMstObYl5C1VBAMg9hRpIYFlj10O4sXtIDT0H/45gtbSGVs0lKgZBWwPIKj
ljkr2peVmk4U946GA/rXjma4fEFJglyLcemXNOjW749ZJ698LkPGqfOfRyraQPAt
CSZlCDyS5lXxJIGhDp6DdzW1RL0nJYp0+fiJAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUY/szz9xQlbt20lDuFlp4NZEfdDUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1lfc3p6OXhRbGJ0MjBs
RHVGbHA0TlpFZmREVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAI7HsNurKpXrnolZyFDjWuep1NVN8JNS
4sgcH/gbCEbrh6L6Qf9zhzzPfvCthkI3KXyfJg6p4XpSOAe3hQJSMigXw+d07HAy
esmXAbOetSACejSPERprLnHa5hEbce5srzZXeoKSsaZvTB92d9et8ZPjRwS2fCxn
v4yQwIzY1zYYUPmKwO2Zt3j8UeJWDL9YQNBLDpYh9Yq9ZH7REW7ZxJob7ZicomfL
dZatPbUb1gN58aJ2ppC3eXscqG5QpdFuZ1k7iOqaEegmdN/dnIxK2E6DCveKXzm+
7BpWpH0bTPvLi5jsRjI+2dR0nnqll8cxsZ/HoFoUyXa0Z0UQVpxU47M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:31 2024 by rpki-client on console-fra.rpki-client.org