Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ibcBLYFoU3O-faFkWJst9cefRzQ.roa
File: ibcBLYFoU3O-faFkWJst9cefRzQ.roa (raw, json)
Hash identifier: OCHsgfk56fc0KoyW8+tQF0b5oJ2uHZuu0aK57z7e46w=
Subject key identifier: 89:B7:01:2D:81:68:53:73:BE:7D:A1:64:58:9B:2D:F5:C7:9F:47:34
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 36EF
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ibcBLYFoU3O-faFkWJst9cefRzQ.roa
Signing time: Mon 01 Apr 2024 19:52:12 +0000
ROA not before: Mon 01 Apr 2024 19:52:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14063 (0x36ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 1 19:52:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=89B7012D81685373BE7DA164589B2DF5C79F4734
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:17:f4:7a:0c:f5:4e:11:8e:ab:5f:b9:1d:af:
75:04:b3:de:3f:5a:e4:37:15:f4:ca:11:9e:59:0a:
f2:7a:e7:06:b7:3c:05:5d:ae:90:d6:d5:c8:83:bd:
28:38:ca:c8:e7:3f:27:95:b8:c1:4d:ed:03:24:67:
47:9d:0a:d0:d8:31:14:25:62:b0:ae:03:fc:22:e1:
c3:ea:05:9d:88:94:01:16:32:17:a9:92:f1:ae:c9:
bd:6c:5e:0c:4a:60:fd:1e:f5:5f:33:a3:c5:e6:f1:
b0:3a:36:21:fe:32:c0:29:de:17:8c:b5:ff:6f:e0:
f1:10:09:ac:ef:e1:96:3c:1a:b9:09:88:08:a9:bc:
85:00:b8:ba:2f:4f:66:03:48:6c:1f:4c:9f:9a:1a:
96:c6:a4:09:cc:b9:32:3c:a7:39:c7:43:fb:c4:8a:
57:f3:60:58:76:4c:c3:2c:37:35:82:68:62:f9:62:
13:25:3c:10:c9:40:e6:f4:cf:56:d2:89:b5:7a:2a:
bb:9e:04:d0:f0:21:c6:3c:48:c1:a3:54:35:03:59:
45:4a:e9:6e:64:9e:9d:cb:4b:73:ef:cf:ab:ab:38:
02:2c:6f:d4:08:d4:68:cc:2c:5e:45:a5:74:a6:ef:
02:73:cc:45:4a:29:c2:d2:00:75:49:82:b4:d5:57:
96:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:B7:01:2D:81:68:53:73:BE:7D:A1:64:58:9B:2D:F5:C7:9F:47:34
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ibcBLYFoU3O-faFkWJst9cefRzQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
00:57:b0:3c:7f:d7:40:9d:29:05:a6:58:18:49:7f:0a:cc:34:
97:bc:7e:5d:de:61:d4:de:6b:f1:43:7a:f0:f7:c2:2a:bf:e5:
5e:02:0e:c5:d9:b9:cd:1b:72:f6:05:18:6b:99:a3:73:a1:67:
75:f4:f4:e9:35:6c:b4:c0:ad:e3:14:f6:d9:1a:7c:f8:1f:24:
ee:60:ef:76:0a:b2:5e:1f:62:7e:58:8d:ea:42:64:2d:04:28:
f3:de:82:e0:29:78:61:f6:30:bf:7a:cc:a7:9d:0f:92:8a:be:
ff:53:20:83:46:11:b1:0d:bd:53:f6:a4:33:61:3f:30:4d:e3:
2c:8b:09:00:ad:58:99:5b:22:f4:7a:f5:2c:ab:43:73:2f:30:
ce:95:35:8a:f8:f4:0a:8f:c4:9b:14:ef:54:50:db:54:39:cd:
5a:7c:00:44:78:df:32:52:eb:f0:51:aa:c8:9f:04:f4:5c:45:
59:3e:b4:1f:4b:42:07:ae:bd:a0:bd:41:e4:65:f7:34:46:a4:
23:ff:29:f7:6b:e5:5f:5d:bf:54:dd:0e:f6:e0:19:56:8d:e4:
7a:92:4f:2d:7c:f9:8c:e8:d7:04:ff:d2:20:67:e4:71:84:d7:
c3:bf:32:aa:d8:94:11:d6:ef:a2:c1:c8:2c:a4:7b:6b:db:f8:
14:22:76:c5
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNu8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDEx
OTUyMTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg5QjcwMTJEODE2ODUz
NzNCRTdEQTE2NDU4OUIyREY1Qzc5RjQ3MzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEF/R6DPVOEY6rX7kdr3UEs94/WuQ3FfTKEZ5ZCvJ65wa3PAVd
rpDW1ciDvSg4ysjnPyeVuMFN7QMkZ0edCtDYMRQlYrCuA/wi4cPqBZ2IlAEWMhep
kvGuyb1sXgxKYP0e9V8zo8Xm8bA6NiH+MsAp3heMtf9v4PEQCazv4ZY8GrkJiAip
vIUAuLovT2YDSGwfTJ+aGpbGpAnMuTI8pznHQ/vEilfzYFh2TMMsNzWCaGL5YhMl
PBDJQOb0z1bSibV6KrueBNDwIcY8SMGjVDUDWUVK6W5knp3LS3Pvz6urOAIsb9QI
1GjMLF5FpXSm7wJzzEVKKcLSAHVJgrTVV5bxAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUibcBLYFoU3O+faFkWJst9cefRzQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2liY0JMWUZvVTNPLWZh
RmtXSnN0OWNlZlJ6US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAABXsDx/10CdKQWmWBhJfwrMNJe8fl3e
YdTea/FDevD3wiq/5V4CDsXZuc0bcvYFGGuZo3OhZ3X09Ok1bLTAreMU9tkafPgf
JO5g73YKsl4fYn5YjepCZC0EKPPeguApeGH2ML96zKedD5KKvv9TIINGEbENvVP2
pDNhPzBN4yyLCQCtWJlbIvR69SyrQ3MvMM6VNYr49AqPxJsU71RQ21Q5zVp8AER4
3zJS6/BRqsifBPRcRVk+tB9LQgeuvaC9QeRl9zRGpCP/Kfdr5V9dv1TdDvbgGVaN
5HqSTy18+Yzo1wT/0iBn5HGE18O/MqrYlBHW76LByCyke2vb+BQidsU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:03 2024 by rpki-client on console-ams.rpki-client.org