Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/y3GcPDCev2YAUrLS8OKNE7waEi8.roa
File: y3GcPDCev2YAUrLS8OKNE7waEi8.roa (raw, json)
Hash identifier: i4ebsn0Oje4pKRJ/RHqglcgmR2gQeavPJYrDbERJN/Y=
Subject key identifier: CB:71:9C:3C:30:9E:BF:66:00:52:B2:D2:F0:E2:8D:13:BC:1A:12:2F
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 381B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/y3GcPDCev2YAUrLS8OKNE7waEi8.roa
Signing time: Wed 03 Apr 2024 09:22:20 +0000
ROA not before: Wed 03 Apr 2024 09:22:20 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14363 (0x381b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 3 09:22:20 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CB719C3C309EBF660052B2D2F0E28D13BC1A122F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:da:59:df:f3:b9:08:cb:83:4d:19:83:93:0f:
60:3e:a0:c8:17:8f:a3:ad:7c:6b:30:c8:2f:12:8b:
d3:dc:b3:c0:5b:01:22:fd:8c:6c:81:ff:bc:ba:63:
a5:d5:a8:ea:c6:f7:43:ca:91:d5:a0:b1:4b:5a:20:
9f:f5:3b:53:b9:e8:c9:3f:45:ce:ed:9d:d8:ab:c6:
16:8a:09:8d:d5:f7:ba:3c:f1:31:96:7d:15:02:43:
6f:05:37:0d:12:c3:e1:56:4c:a8:9f:d1:a8:4f:52:
3b:0c:b1:f5:c9:82:b2:ed:bc:98:2d:d0:2f:22:96:
26:b6:6d:8c:89:4f:89:55:c0:c1:fd:47:f5:58:dd:
04:e5:19:eb:91:05:b8:5d:a3:ab:5c:ed:46:0f:bb:
7b:9c:21:b4:67:00:ef:32:59:e9:3b:ef:af:b9:fc:
6f:65:b0:0e:44:85:4e:15:fa:d6:d8:e9:33:df:f5:
d6:25:bf:6b:a7:f3:73:2b:9c:be:2f:ef:b2:84:de:
83:ec:19:fe:19:c9:19:52:bc:00:ee:42:09:1e:36:
88:99:c3:57:93:c3:7f:d6:20:30:62:3b:82:c3:92:
56:a8:05:70:85:8e:32:0e:b4:47:0e:e6:da:ee:b4:
f7:bf:41:5c:d8:75:06:37:34:4d:33:ec:23:71:9e:
80:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:71:9C:3C:30:9E:BF:66:00:52:B2:D2:F0:E2:8D:13:BC:1A:12:2F
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/y3GcPDCev2YAUrLS8OKNE7waEi8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
7c:5c:99:83:28:4a:6c:04:be:f3:8c:f7:5a:e2:67:27:69:1f:
a5:33:93:c5:1a:cd:3e:21:5d:56:72:ba:d8:c9:e6:5d:e8:64:
25:a4:10:8b:5d:f6:dc:b5:e9:b2:26:9a:76:69:db:46:4a:5d:
da:2a:26:7b:3e:88:ed:68:35:ca:86:9d:61:6c:09:7a:ec:6f:
bf:58:80:2f:bb:e1:ef:09:89:62:53:ac:39:ee:4d:99:9f:c0:
52:04:56:b1:05:43:4e:c5:86:64:76:1c:7c:3e:86:13:df:a8:
06:55:27:a1:a8:7a:54:88:6e:e7:a6:ee:bc:3d:fb:56:9b:a0:
e1:f9:e7:98:01:4b:e6:db:af:33:04:60:77:96:80:e3:eb:43:
cb:c9:50:bf:38:d4:2e:fe:28:de:a7:d4:aa:9d:a6:6f:fa:2d:
e6:4e:d4:c5:b3:5c:b3:fc:a7:f3:f9:b9:c1:5b:2e:12:58:c2:
bd:b8:c8:79:bf:08:2b:fd:f0:f1:09:d9:e9:bd:b8:d3:bb:ca:
06:ed:6a:12:c3:09:0b:08:62:a5:dc:f3:84:e0:7e:d4:41:5f:
03:83:a0:10:41:9b:13:f8:b2:8d:74:9c:f5:51:c7:83:b8:cb:
1d:5e:30:75:f8:60:cb:6b:fc:9f:ab:5c:7a:56:2d:3f:72:93:
84:7d:dd:bf
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICOBswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDMw
OTIyMjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENCNzE5QzNDMzA5RUJG
NjYwMDUyQjJEMkYwRTI4RDEzQkMxQTEyMkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDr2lnf87kIy4NNGYOTD2A+oMgXj6OtfGswyC8Si9Pcs8BbASL9
jGyB/7y6Y6XVqOrG90PKkdWgsUtaIJ/1O1O56Mk/Rc7tndirxhaKCY3V97o88TGW
fRUCQ28FNw0Sw+FWTKif0ahPUjsMsfXJgrLtvJgt0C8ilia2bYyJT4lVwMH9R/VY
3QTlGeuRBbhdo6tc7UYPu3ucIbRnAO8yWek776+5/G9lsA5EhU4V+tbY6TPf9dYl
v2un83MrnL4v77KE3oPsGf4ZyRlSvADuQgkeNoiZw1eTw3/WIDBiO4LDklaoBXCF
jjIOtEcO5trutPe/QVzYdQY3NE0z7CNxnoBdAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUy3GcPDCev2YAUrLS8OKNE7waEi8wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3kzR2NQRENldjJZQVVy
TFM4T0tORTd3YUVpOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAHxcmYMoSmwEvvOM91riZydpH6Uzk8Ua
zT4hXVZyutjJ5l3oZCWkEItd9ty16bImmnZp20ZKXdoqJns+iO1oNcqGnWFsCXrs
b79YgC+74e8JiWJTrDnuTZmfwFIEVrEFQ07FhmR2HHw+hhPfqAZVJ6GoelSIbuem
7rw9+1aboOH555gBS+bbrzMEYHeWgOPrQ8vJUL841C7+KN6n1Kqdpm/6LeZO1MWz
XLP8p/P5ucFbLhJYwr24yHm/CCv98PEJ2em9uNO7ygbtahLDCQsIYqXc84TgftRB
XwODoBBBmxP4so10nPVRx4O4yx1eMHX4YMtr/J+rXHpWLT9yk4R93b8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:55 2024 by rpki-client on console-fra.rpki-client.org