Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/34O9RyrNp6MmH9qveP-A6q5gnEA.roa
File: 34O9RyrNp6MmH9qveP-A6q5gnEA.roa (raw, json)
Hash identifier: Rj2ifNIWkN/xNMTV+vCDH/fk5I7YwaNimksuLTeHJJQ=
Subject key identifier: DF:83:BD:47:2A:CD:A7:A3:26:1F:DA:AF:78:FF:80:EA:AE:60:9C:40
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 41E7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/34O9RyrNp6MmH9qveP-A6q5gnEA.roa
Signing time: Tue 16 Apr 2024 10:52:56 +0000
ROA not before: Tue 16 Apr 2024 10:52:56 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16871 (0x41e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 16 10:52:56 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DF83BD472ACDA7A3261FDAAF78FF80EAAE609C40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b4:01:38:0e:1f:8c:27:1e:27:2b:ba:b6:95:
31:96:af:db:3f:f2:96:d5:f1:0b:d3:b2:22:4f:d3:
1b:26:7c:a0:b5:aa:7f:ff:c2:e6:f8:52:a8:73:e9:
51:ff:89:18:74:c8:4a:96:d9:da:2f:2c:56:51:eb:
55:ba:f8:8f:f1:78:eb:bf:f4:1c:11:58:1c:ec:04:
86:ca:75:8d:72:a3:82:59:87:97:e7:55:20:ce:9c:
a6:87:7e:af:82:a4:72:d0:6a:a5:2a:00:e1:a2:49:
17:d6:b6:00:f6:6b:8e:20:a8:b8:69:1c:f5:2b:39:
75:ed:97:b0:0f:97:87:a5:75:ab:48:8c:b7:05:d0:
a7:2d:2b:25:ec:69:fe:4b:b8:35:70:79:f9:f6:f2:
8f:4d:fe:6b:41:0c:46:f9:29:30:30:04:3b:26:f5:
0d:0b:4f:1b:c0:55:ef:8a:3b:17:42:a3:29:23:40:
99:d9:ea:3e:ab:cb:1c:08:2f:14:25:02:56:96:7a:
b1:fd:58:fc:b2:78:be:35:94:bc:01:a6:c7:dd:2c:
0a:69:55:4b:f4:f0:02:3e:b9:12:47:bd:ce:cb:83:
0d:d8:ff:53:fb:95:bf:89:d4:e3:d7:28:b9:c6:01:
0d:3e:c8:50:93:9c:ff:56:53:0c:a1:be:4f:9d:74:
9a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:83:BD:47:2A:CD:A7:A3:26:1F:DA:AF:78:FF:80:EA:AE:60:9C:40
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/34O9RyrNp6MmH9qveP-A6q5gnEA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
25:3b:c9:18:02:9b:32:ab:10:a8:a9:a9:f0:f5:4f:96:4f:02:
2b:9e:b5:55:39:bd:f6:16:bb:04:b3:46:5d:ad:26:18:08:e0:
eb:c2:81:fc:b1:1e:30:32:82:9e:af:8c:9c:15:46:8c:12:62:
62:f6:39:e5:89:cf:ff:42:2c:6a:cd:60:42:62:98:c9:ed:a3:
e4:8a:ed:7a:8e:c1:8c:a8:d3:9e:67:67:ac:39:8a:96:3b:57:
29:b1:f9:b3:51:28:aa:aa:4e:ba:15:e2:f1:2e:24:83:e7:46:
fd:f1:08:3a:71:2c:72:03:6f:90:4b:2b:dc:5c:dd:38:0e:10:
0a:63:d9:77:cd:b1:0c:9f:97:03:53:d9:2f:ce:61:50:a4:4b:
0b:1f:72:9b:ed:f6:7b:84:18:ec:89:7e:71:b2:f8:ee:23:d5:
2d:b6:3e:8d:01:6e:89:97:96:d4:46:f4:a3:87:76:cd:4e:c3:
a2:be:b1:c7:94:83:56:f6:fa:d6:84:5e:59:27:86:9e:a1:e0:
5a:2b:29:11:0b:6c:25:f7:6f:64:32:4b:9d:f6:6e:82:b7:dc:
1b:85:c9:ec:d3:ac:53:22:26:69:df:64:94:c1:fc:c9:78:10:
d1:15:7e:5a:36:c9:9c:8e:b2:79:2d:77:05:c7:f2:82:b1:e2:
6f:ef:e4:c4
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQecwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTYx
MDUyNTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERGODNCRDQ3MkFDREE3
QTMyNjFGREFBRjc4RkY4MEVBQUU2MDlDNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3tAE4Dh+MJx4nK7q2lTGWr9s/8pbV8QvTsiJP0xsmfKC1qn//
wub4Uqhz6VH/iRh0yEqW2dovLFZR61W6+I/xeOu/9BwRWBzsBIbKdY1yo4JZh5fn
VSDOnKaHfq+CpHLQaqUqAOGiSRfWtgD2a44gqLhpHPUrOXXtl7APl4eldatIjLcF
0KctKyXsaf5LuDVwefn28o9N/mtBDEb5KTAwBDsm9Q0LTxvAVe+KOxdCoykjQJnZ
6j6ryxwILxQlAlaWerH9WPyyeL41lLwBpsfdLAppVUv08AI+uRJHvc7Lgw3Y/1P7
lb+J1OPXKLnGAQ0+yFCTnP9WUwyhvk+ddJotAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU34O9RyrNp6MmH9qveP+A6q5gnEAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzM0TzlSeXJOcDZNbUg5
cXZlUC1BNnE1Z25FQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBACU7yRgCmzKrEKipqfD1T5ZPAiuetVU5
vfYWuwSzRl2tJhgI4OvCgfyxHjAygp6vjJwVRowSYmL2OeWJz/9CLGrNYEJimMnt
o+SK7XqOwYyo055nZ6w5ipY7Vymx+bNRKKqqTroV4vEuJIPnRv3xCDpxLHIDb5BL
K9xc3TgOEApj2XfNsQyflwNT2S/OYVCkSwsfcpvt9nuEGOyJfnGy+O4j1S22Po0B
bomXltRG9KOHds1Ow6K+sceUg1b2+taEXlknhp6h4ForKRELbCX3b2QyS532boK3
3BuFyezTrFMiJmnfZJTB/Ml4ENEVflo2yZyOsnktdwXH8oKx4m/v5MQ=
-----END CERTIFICATE-----
Generated at Tue Apr 16 15:59:07 2024 by rpki-client on console.sobornost.net