Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/ytFNHxYDj0R76Psj9mBHcS1lWQk.roa
File: ytFNHxYDj0R76Psj9mBHcS1lWQk.roa (raw, json)
Hash identifier: 3nd+FnGcmOoXFwTXdMi1fsAfaOva/um/CXdAV8WUPhw=
Subject key identifier: CA:D1:4D:1F:16:03:8F:44:7B:E8:FB:23:F6:60:47:71:2D:65:59:09
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 40A7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ytFNHxYDj0R76Psj9mBHcS1lWQk.roa
Signing time: Sun 14 Apr 2024 18:52:53 +0000
ROA not before: Sun 14 Apr 2024 18:52:53 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16551 (0x40a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 14 18:52:53 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CAD14D1F16038F447BE8FB23F66047712D655909
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:0e:d4:2b:30:43:34:53:10:0d:a7:73:68:1a:
80:31:96:81:53:36:4d:a0:a0:8b:ae:60:73:96:e2:
bd:49:40:58:c8:85:0a:30:22:96:13:6b:e9:bb:4b:
8d:27:a8:51:ea:9d:9a:39:ed:19:5a:c2:2e:b0:24:
61:87:8a:c9:67:e7:ca:ee:ee:99:77:a6:df:24:36:
fa:09:90:b4:82:6b:18:ca:2a:60:04:88:57:62:45:
39:d3:79:95:2c:b8:dc:7b:73:01:fe:dc:e2:d2:02:
91:16:5a:72:28:4f:74:42:9c:28:ec:33:d7:34:11:
e0:bf:fe:a8:20:8a:c2:11:6a:ab:60:ba:41:86:d3:
01:e4:6a:f4:cf:85:13:e0:5f:ef:4d:ac:73:01:02:
9c:05:6c:f5:00:a0:28:79:1d:73:d1:6f:a4:12:fb:
de:30:8d:5e:c0:0f:7b:13:78:4f:44:7e:3c:1a:bc:
1f:fc:c9:73:ce:cd:eb:06:00:bc:47:fc:6c:1d:af:
1d:29:9f:87:c2:37:ca:8d:24:4c:78:00:2a:d0:a7:
d6:bc:15:95:d9:38:53:59:03:74:93:06:50:ec:89:
d9:55:44:28:ed:cd:cc:57:e6:90:ea:cd:5b:e8:9f:
8f:48:c6:d9:36:78:0a:2c:07:d6:d0:97:14:f8:6a:
63:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:D1:4D:1F:16:03:8F:44:7B:E8:FB:23:F6:60:47:71:2D:65:59:09
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/ytFNHxYDj0R76Psj9mBHcS1lWQk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
0a:f9:25:11:75:20:6b:ea:d6:63:5c:dc:d4:83:82:53:d7:6c:
77:8e:cd:df:07:39:b5:76:f3:1e:a5:bc:8d:32:6f:3a:dd:5d:
ec:d7:31:59:09:62:9c:e7:55:4a:a4:50:ab:2c:8a:5a:ae:10:
3b:03:f1:f0:70:56:20:b1:34:cc:96:6a:fd:ec:a4:31:79:79:
a2:a8:c8:89:b1:f0:f5:fd:5b:1d:7d:db:d7:fb:82:d4:17:84:
81:51:84:3a:9f:9f:34:2b:0a:63:27:6e:fb:23:e0:1f:44:36:
3a:ba:a8:54:0c:c1:41:b9:89:3f:94:f2:74:f6:cd:cb:80:a2:
a6:46:3e:68:aa:f6:b1:8e:9a:c8:9a:95:c4:71:dc:ad:24:e4:
b8:6a:17:41:7b:22:c9:5f:ca:d5:e4:36:32:dc:38:14:76:aa:
ab:1b:ee:77:42:4c:c7:5b:77:db:0d:01:47:c3:53:10:24:06:
fe:56:42:a1:39:e3:95:c6:e8:f4:5c:22:1d:33:d6:f2:17:31:
00:c3:23:fe:96:9f:78:3d:18:f2:0f:65:90:21:1d:6b:f3:28:
15:61:15:7c:b8:7e:01:90:9d:fd:f7:fb:f6:c5:77:7d:da:21:
64:dd:9d:f1:f5:00:d6:74:bf:cf:c3:a7:9d:df:b6:6e:66:21:
8c:a7:cc:26
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQKcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTQx
ODUyNTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENBRDE0RDFGMTYwMzhG
NDQ3QkU4RkIyM0Y2NjA0NzcxMkQ2NTU5MDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgDtQrMEM0UxANp3NoGoAxloFTNk2goIuuYHOW4r1JQFjIhQow
IpYTa+m7S40nqFHqnZo57Rlawi6wJGGHisln58ru7pl3pt8kNvoJkLSCaxjKKmAE
iFdiRTnTeZUsuNx7cwH+3OLSApEWWnIoT3RCnCjsM9c0EeC//qggisIRaqtgukGG
0wHkavTPhRPgX+9NrHMBApwFbPUAoCh5HXPRb6QS+94wjV7AD3sTeE9EfjwavB/8
yXPOzesGALxH/Gwdrx0pn4fCN8qNJEx4ACrQp9a8FZXZOFNZA3STBlDsidlVRCjt
zcxX5pDqzVvon49Ixtk2eAosB9bQlxT4amOtAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUytFNHxYDj0R76Psj9mBHcS1lWQkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3l0Rk5IeFlEajBSNzZQ
c2o5bUJIY1MxbFdRay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAAr5JRF1IGvq1mNc3NSDglPXbHeOzd8H
ObV28x6lvI0ybzrdXezXMVkJYpznVUqkUKssilquEDsD8fBwViCxNMyWav3spDF5
eaKoyImx8PX9Wx1929f7gtQXhIFRhDqfnzQrCmMnbvsj4B9ENjq6qFQMwUG5iT+U
8nT2zcuAoqZGPmiq9rGOmsialcRx3K0k5LhqF0F7IslfytXkNjLcOBR2qqsb7ndC
TMdbd9sNAUfDUxAkBv5WQqE545XG6PRcIh0z1vIXMQDDI/6Wn3g9GPIPZZAhHWvz
KBVhFXy4fgGQnf33+/bFd33aIWTdnfH1ANZ0v8/Dp53ftm5mIYynzCY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:56 2024 by rpki-client on console-fra.rpki-client.org