Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/BSPxMa2qxvGUXjBhj7ellYfMbk0.roa
File: BSPxMa2qxvGUXjBhj7ellYfMbk0.roa (raw, json)
Hash identifier: PMg4S72xlz8CRDsoXOBvLWSlPFFPQPTOanVsviDscZU=
Subject key identifier: 05:23:F1:31:AD:AA:C6:F1:94:5E:30:61:8F:B7:A5:95:87:CC:6E:4D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3823
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/BSPxMa2qxvGUXjBhj7ellYfMbk0.roa
Signing time: Wed 03 Apr 2024 10:22:22 +0000
ROA not before: Wed 03 Apr 2024 10:22:22 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14371 (0x3823)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 3 10:22:22 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0523F131ADAAC6F1945E30618FB7A59587CC6E4D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:18:9f:4a:cd:c6:8c:4c:43:1c:b0:eb:03:ca:
0e:59:30:d9:0b:44:68:87:53:3c:77:db:5e:ba:25:
b8:02:b8:fd:1a:2d:ff:68:d5:e1:3a:8e:ce:bb:6d:
09:75:fe:bb:9f:41:bb:a9:70:5f:0d:23:0d:17:83:
52:ed:0e:28:78:65:aa:85:d3:fa:d3:77:e9:e7:4e:
1f:ae:52:0a:18:4a:90:1c:cc:db:52:f3:1d:ea:c2:
54:66:4d:94:a3:e1:11:00:d8:5b:10:50:5c:51:03:
78:10:b3:ef:0b:3c:d3:9c:b1:3d:54:0a:2d:12:4f:
08:c9:68:39:78:01:bb:55:34:3e:b3:b4:4e:9f:50:
fd:19:b3:2f:5b:9b:24:56:8c:09:22:6f:0d:cd:06:
2e:f6:23:64:9d:14:c8:1b:9e:d7:71:81:e0:6b:0a:
2e:1f:b8:d1:4b:80:9e:7f:0d:2c:b2:ff:41:61:aa:
c1:82:e2:c7:ef:2d:6d:f4:22:35:ab:a8:37:12:df:
2c:8f:e4:88:65:1c:1d:38:09:0e:9b:21:4f:e3:a9:
c3:de:ea:f1:ef:99:c8:04:93:7e:d4:81:71:ad:c1:
f9:12:fd:91:14:00:5f:4d:00:9a:af:fa:8b:45:12:
22:c0:10:f7:b4:05:bd:4c:34:dc:f5:9c:b1:c9:2c:
bd:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:23:F1:31:AD:AA:C6:F1:94:5E:30:61:8F:B7:A5:95:87:CC:6E:4D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/BSPxMa2qxvGUXjBhj7ellYfMbk0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
36:e9:34:8f:69:4f:bf:c4:d9:2d:19:17:25:d4:55:8f:fd:7b:
28:1b:57:39:f9:fb:ba:6f:66:ca:9e:1e:64:80:0e:ed:38:4a:
e4:7e:da:58:6d:20:f2:d9:08:a6:38:c4:b3:96:ba:01:a1:e1:
20:22:3c:dd:d8:65:aa:5b:00:a5:c2:de:23:25:fe:d4:dc:74:
bb:83:80:04:1f:3b:f1:67:1f:bc:7c:71:51:b5:fd:9d:45:7f:
6d:7e:0c:0c:bc:38:c1:54:01:2d:29:db:f8:f2:59:80:d9:be:
1c:c8:b3:8b:75:8c:ac:2c:3e:a9:48:3c:ff:08:11:6c:f3:a7:
f4:35:cf:bd:9d:25:b2:fe:0c:50:14:38:f2:36:94:40:0f:75:
26:b5:21:74:a4:8f:fa:1e:5e:d6:7b:89:cb:6f:ed:20:68:ff:
47:9a:2a:89:3c:12:57:ec:1f:70:b2:9b:a9:08:fc:c1:9b:42:
f9:16:c4:11:74:52:b1:6f:19:df:95:31:35:71:6c:08:28:de:
46:c7:c3:16:a5:b9:4b:c3:17:94:16:fa:c4:33:6b:f3:51:7b:
bd:66:c0:bf:18:d0:65:94:45:cb:3d:ec:f0:16:da:64:9e:d5:
56:5b:3b:61:6a:00:c5:89:e2:6e:b3:a1:bf:49:07:93:6d:a2:
d7:6b:ac:79
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICOCMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDMx
MDIyMjJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA1MjNGMTMxQURBQUM2
RjE5NDVFMzA2MThGQjdBNTk1ODdDQzZFNEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFGJ9KzcaMTEMcsOsDyg5ZMNkLRGiHUzx32166JbgCuP0aLf9o
1eE6js67bQl1/rufQbupcF8NIw0Xg1LtDih4ZaqF0/rTd+nnTh+uUgoYSpAczNtS
8x3qwlRmTZSj4REA2FsQUFxRA3gQs+8LPNOcsT1UCi0STwjJaDl4AbtVND6ztE6f
UP0Zsy9bmyRWjAkibw3NBi72I2SdFMgbntdxgeBrCi4fuNFLgJ5/DSyy/0FhqsGC
4sfvLW30IjWrqDcS3yyP5IhlHB04CQ6bIU/jqcPe6vHvmcgEk37UgXGtwfkS/ZEU
AF9NAJqv+otFEiLAEPe0Bb1MNNz1nLHJLL3tAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUBSPxMa2qxvGUXjBhj7ellYfMbk0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0JTUHhNYTJxeHZHVVhq
QmhqN2VsbFlmTWJrMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBADbpNI9pT7/E2S0ZFyXUVY/9eygbVzn5
+7pvZsqeHmSADu04SuR+2lhtIPLZCKY4xLOWugGh4SAiPN3YZapbAKXC3iMl/tTc
dLuDgAQfO/FnH7x8cVG1/Z1Ff21+DAy8OMFUAS0p2/jyWYDZvhzIs4t1jKwsPqlI
PP8IEWzzp/Q1z72dJbL+DFAUOPI2lEAPdSa1IXSkj/oeXtZ7ictv7SBo/0eaKok8
ElfsH3Cym6kI/MGbQvkWxBF0UrFvGd+VMTVxbAgo3kbHwxaluUvDF5QW+sQza/NR
e71mwL8Y0GWURcs97PAW2mSe1VZbO2FqAMWJ4m6zob9JB5NtotdrrHk=
-----END CERTIFICATE-----
Generated at Wed Apr 3 16:33:21 2024 by rpki-client on console.sobornost.net