Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/py82FbXxE273gMMFSqvi0FHwbrA.roa
File: py82FbXxE273gMMFSqvi0FHwbrA.roa (raw, json)
Hash identifier: mEvq0i+C64KNwUkn0VoBvX3or1Avp5N7U6FF5tRQZ64=
Subject key identifier: A7:2F:36:15:B5:F1:13:6E:F7:80:C3:05:4A:AB:E2:D0:51:F0:6E:B0
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3C4F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/py82FbXxE273gMMFSqvi0FHwbrA.roa
Signing time: Mon 08 Apr 2024 23:52:36 +0000
ROA not before: Mon 08 Apr 2024 23:52:36 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15439 (0x3c4f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 8 23:52:36 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A72F3615B5F1136EF780C3054AABE2D051F06EB0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:74:18:1e:81:e3:d8:5f:82:27:76:92:96:a6:
a4:58:48:6e:bd:b2:a3:71:9b:0f:d4:b4:80:11:61:
c6:bf:2e:9b:f7:36:50:2d:f3:c1:b3:85:b8:f4:61:
27:64:d7:be:08:9e:81:6b:29:9f:5e:27:35:4e:bc:
15:68:55:12:35:d3:66:85:83:ae:6c:1b:d2:29:d8:
99:9f:a0:ec:9f:3c:7d:d4:b3:5c:8f:86:2a:df:7c:
d5:62:83:b8:12:d2:a8:f5:fe:c6:fd:e6:60:be:38:
27:6b:43:b3:9c:7e:97:4d:6b:2b:22:6c:8d:a1:bd:
bb:28:1f:8b:7a:f4:11:f5:da:37:bc:92:23:69:85:
b1:60:a2:ef:32:f9:ac:4d:f2:68:9f:24:3b:4d:e3:
0a:1a:53:2c:f1:40:58:91:27:80:9a:6f:70:06:4c:
0a:17:3b:5b:07:d0:67:5c:48:8e:19:b3:f0:10:46:
56:12:46:67:03:25:83:c4:7a:dc:07:d5:d5:50:27:
70:39:a5:93:f2:08:5d:7d:f9:bf:42:d9:63:ed:6c:
fa:5a:03:4f:e5:51:3c:ca:c7:0a:2d:bb:c7:bd:96:
5e:61:5d:5f:55:9a:9b:b6:3f:5d:ba:46:a6:7d:17:
69:80:b8:bd:36:b4:2a:9e:61:14:81:a8:6d:46:2a:
b2:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:2F:36:15:B5:F1:13:6E:F7:80:C3:05:4A:AB:E2:D0:51:F0:6E:B0
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/py82FbXxE273gMMFSqvi0FHwbrA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
44:dd:df:fe:11:51:5d:e7:73:3f:12:a6:36:47:37:12:16:8f:
9c:23:e5:74:a2:a8:01:6a:21:a8:18:4c:4e:73:19:e0:5e:43:
20:c5:8f:5b:78:d1:9b:07:81:51:3d:bf:ee:70:1c:53:06:de:
d2:1e:ff:52:2c:5a:67:51:4b:4c:90:6e:33:7a:13:f0:f0:6f:
ba:1d:9b:d6:3d:52:23:6f:eb:12:11:b5:c0:92:d5:9f:6e:64:
8f:b7:30:48:29:f5:4f:a7:c7:16:e3:47:87:5f:47:07:11:7d:
c8:63:6c:7f:43:51:a8:90:2a:f9:df:81:e2:93:07:0e:e2:18:
a7:1d:35:7f:ec:0b:56:4b:a1:3e:96:90:7b:99:2a:ec:1e:54:
2b:fb:69:14:07:6e:c2:9e:dc:66:64:83:13:94:2a:f6:bb:9c:
4a:40:80:8f:ab:79:1b:b8:af:49:28:52:7e:c8:d3:5f:12:1a:
a3:9a:dd:27:4a:26:44:d1:47:91:d7:ef:89:cf:7a:ae:fe:42:
5b:f2:9c:11:e2:ee:ee:bb:1d:55:6c:21:6d:1a:b8:19:25:e3:
88:34:9b:8e:b4:a0:80:0c:e1:72:52:22:77:df:e3:70:d8:a8:
b8:a2:a8:ee:71:e9:d3:a9:ba:f9:ee:cc:07:06:14:df:e9:65:
8b:c7:29:e6
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICPE8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDgy
MzUyMzZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE3MkYzNjE1QjVGMTEz
NkVGNzgwQzMwNTRBQUJFMkQwNTFGMDZFQjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAdBgegePYX4IndpKWpqRYSG69sqNxmw/UtIARYca/Lpv3NlAt
88Gzhbj0YSdk174InoFrKZ9eJzVOvBVoVRI102aFg65sG9Ip2JmfoOyfPH3Us1yP
hirffNVig7gS0qj1/sb95mC+OCdrQ7OcfpdNaysibI2hvbsoH4t69BH12je8kiNp
hbFgou8y+axN8mifJDtN4woaUyzxQFiRJ4Cab3AGTAoXO1sH0GdcSI4Zs/AQRlYS
RmcDJYPEetwH1dVQJ3A5pZPyCF19+b9C2WPtbPpaA0/lUTzKxwotu8e9ll5hXV9V
mpu2P126RqZ9F2mAuL02tCqeYRSBqG1GKrKnAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUpy82FbXxE273gMMFSqvi0FHwbrAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3B5ODJGYlh4RTI3M2dN
TUZTcXZpMEZId2JyQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAETd3/4RUV3ncz8SpjZHNxIWj5wj5XSi
qAFqIagYTE5zGeBeQyDFj1t40ZsHgVE9v+5wHFMG3tIe/1IsWmdRS0yQbjN6E/Dw
b7odm9Y9UiNv6xIRtcCS1Z9uZI+3MEgp9U+nxxbjR4dfRwcRfchjbH9DUaiQKvnf
geKTBw7iGKcdNX/sC1ZLoT6WkHuZKuweVCv7aRQHbsKe3GZkgxOUKva7nEpAgI+r
eRu4r0koUn7I018SGqOa3SdKJkTRR5HX74nPeq7+QlvynBHi7u67HVVsIW0auBkl
44g0m460oIAM4XJSInff43DYqLiiqO5x6dOpuvnuzAcGFN/pZYvHKeY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:48 2024 by rpki-client on console-fra.rpki-client.org