Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/lydio_crHYkaHOuv0Ic5Hj2eMCE.roa
File: lydio_crHYkaHOuv0Ic5Hj2eMCE.roa (raw, json)
Hash identifier: C7NnSuN3kTS7oSlK47vmc6R+4eo0arDzD0i8Dp3cM1U=
Subject key identifier: 97:27:62:A3:F7:2B:1D:89:1A:1C:EB:AF:D0:87:39:1E:3D:9E:30:21
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 372B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lydio_crHYkaHOuv0Ic5Hj2eMCE.roa
Signing time: Tue 02 Apr 2024 03:22:36 +0000
ROA not before: Tue 02 Apr 2024 03:22:36 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14123 (0x372b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 2 03:22:36 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=972762A3F72B1D891A1CEBAFD087391E3D9E3021
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:8e:ac:60:02:5f:07:9d:43:0e:87:c5:c9:36:
94:dd:0c:78:9e:c3:78:34:e0:15:cf:97:4c:da:7a:
76:22:e2:3d:92:42:09:12:62:90:f9:51:c5:ff:d6:
ef:af:31:11:6a:55:4a:36:52:3f:a9:ba:6d:68:be:
df:80:df:ce:fc:87:09:5f:59:5a:49:07:af:72:05:
f3:f0:10:0f:21:7e:24:2a:b0:29:c5:2a:eb:b8:b2:
a7:d8:e3:60:2c:be:1b:42:50:e1:38:f9:64:e6:50:
aa:80:25:65:c5:11:30:11:11:ee:28:4a:1c:95:cf:
00:c7:a2:41:36:74:bc:19:b2:7a:ae:03:6f:09:09:
4e:46:ad:1f:c5:bb:cb:94:b0:7d:7f:6e:29:ba:90:
81:21:96:6f:96:fb:b1:45:c4:bf:f8:24:67:a0:27:
30:25:7c:9a:04:e7:2a:ac:f4:bf:6b:3a:04:00:1c:
87:df:86:ef:04:6a:d8:02:8b:6f:91:9e:23:ab:57:
d3:c1:b7:e9:94:d0:9d:5d:2d:6e:c8:33:e0:eb:51:
f7:b7:a3:91:d6:8a:32:c3:99:82:7d:72:cf:b5:1c:
bd:58:7e:60:53:67:3b:74:91:6d:af:d4:5c:2d:a1:
f2:bf:33:0d:5d:af:3f:a5:be:2e:2d:e8:58:cd:74:
1f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:27:62:A3:F7:2B:1D:89:1A:1C:EB:AF:D0:87:39:1E:3D:9E:30:21
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lydio_crHYkaHOuv0Ic5Hj2eMCE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
07:8d:5e:44:61:4d:ef:7f:55:24:98:7a:6d:84:7c:d7:2f:87:
c0:61:1b:e9:1b:d3:f4:fd:1c:3b:2c:e6:45:6f:f1:17:10:68:
8f:eb:b6:fb:41:10:72:59:90:d2:6e:f2:de:87:e3:b0:fc:ff:
e6:7a:d1:90:75:dc:03:5c:8e:b6:76:7f:de:e5:ea:0d:ff:3f:
4b:1c:a6:10:bd:8c:1d:3d:4f:e4:7d:0b:ef:c3:10:f4:ad:e2:
f0:14:9e:3e:d0:6c:69:7e:63:a6:bb:98:0f:a9:c0:96:cd:a9:
7d:a0:f8:87:5f:37:0c:c5:8d:71:c5:b9:e4:da:86:c9:89:33:
81:08:53:8e:7a:de:39:db:6a:dd:16:b9:49:98:52:01:33:5c:
67:61:6d:cc:9d:7a:5c:83:50:06:bb:40:ee:ce:3c:2c:43:d7:
18:5e:a0:e1:b4:1d:c4:11:9e:e2:17:6b:67:2a:88:7d:40:4a:
7f:e9:1b:d2:f7:2c:e2:e6:a7:c9:35:23:98:ca:b2:90:70:56:
68:2c:fd:07:9e:7c:6f:53:3a:b7:43:e5:81:2a:79:58:00:05:
cc:11:87:3f:d6:3b:9a:0a:d9:42:b5:5a:07:81:e2:8c:86:d3:
42:59:62:ef:85:35:9e:64:57:67:c0:50:6c:16:e2:5a:0a:6c:
75:32:01:09
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNyswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDIw
MzIyMzZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk3Mjc2MkEzRjcyQjFE
ODkxQTFDRUJBRkQwODczOTFFM0Q5RTMwMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKjqxgAl8HnUMOh8XJNpTdDHiew3g04BXPl0zaenYi4j2SQgkS
YpD5UcX/1u+vMRFqVUo2Uj+pum1ovt+A3878hwlfWVpJB69yBfPwEA8hfiQqsCnF
Kuu4sqfY42AsvhtCUOE4+WTmUKqAJWXFETAREe4oShyVzwDHokE2dLwZsnquA28J
CU5GrR/Fu8uUsH1/bim6kIEhlm+W+7FFxL/4JGegJzAlfJoE5yqs9L9rOgQAHIff
hu8EatgCi2+RniOrV9PBt+mU0J1dLW7IM+DrUfe3o5HWijLDmYJ9cs+1HL1YfmBT
Zzt0kW2v1FwtofK/Mw1drz+lvi4t6FjNdB8tAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUlydio/crHYkaHOuv0Ic5Hj2eMCEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2x5ZGlvX2NySFlrYUhP
dXYwSWM1SGoyZU1DRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAAeNXkRhTe9/VSSYem2EfNcvh8BhG+kb
0/T9HDss5kVv8RcQaI/rtvtBEHJZkNJu8t6H47D8/+Z60ZB13ANcjrZ2f97l6g3/
P0scphC9jB09T+R9C+/DEPSt4vAUnj7QbGl+Y6a7mA+pwJbNqX2g+IdfNwzFjXHF
ueTahsmJM4EIU4563jnbat0WuUmYUgEzXGdhbcydelyDUAa7QO7OPCxD1xheoOG0
HcQRnuIXa2cqiH1ASn/pG9L3LOLmp8k1I5jKspBwVmgs/QeefG9TOrdD5YEqeVgA
BcwRhz/WO5oK2UK1WgeB4oyG00JZYu+FNZ5kV2fAUGwW4loKbHUyAQk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:44 2024 by rpki-client on console-fra.rpki-client.org