Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Dy3Ua193aDEGIdJLRvGSe9nzCAI.roa
File: Dy3Ua193aDEGIdJLRvGSe9nzCAI.roa (raw, json)
Hash identifier: RoVMsLt65cY6bDfRj+3ojL8h8DCjkHVAvMHdwNjSFTg=
Subject key identifier: 0F:2D:D4:6B:5F:77:68:31:06:21:D2:4B:46:F1:92:7B:D9:F3:08:02
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3317
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Dy3Ua193aDEGIdJLRvGSe9nzCAI.roa
Signing time: Wed 27 Mar 2024 16:52:11 +0000
ROA not before: Wed 27 Mar 2024 16:52:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13079 (0x3317)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 27 16:52:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0F2DD46B5F7768310621D24B46F1927BD9F30802
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:05:28:73:05:07:d9:7a:93:52:fc:73:99:10:
6f:60:5a:dc:c0:46:59:a7:a7:53:65:94:97:5e:7a:
5b:67:6d:fb:09:41:87:c7:6b:e4:de:ae:83:f9:1d:
85:e4:e7:b2:6a:ce:c6:33:b7:0d:ce:f9:b5:e8:c1:
fe:e8:8d:c0:1c:a3:67:19:3b:08:ea:d9:f8:24:35:
83:3f:ab:d9:b4:b1:6c:a8:d4:4d:0d:a5:79:31:ed:
ab:1c:5a:cf:65:f1:07:99:8f:81:01:74:6c:fc:28:
36:5b:28:c6:a1:b5:dd:bc:82:c4:e5:9b:8a:4b:57:
20:02:df:30:d6:08:68:1b:1c:a4:01:91:a8:12:71:
59:36:ff:be:4b:35:8e:0e:86:55:37:32:b9:83:5f:
d3:f0:fe:9f:a8:4f:f4:69:2d:7a:1e:e7:8c:01:f4:
1e:3d:14:53:45:27:45:bf:95:03:2d:12:a0:4a:3f:
da:87:7c:1c:20:8d:79:75:ef:d6:4d:ab:5e:05:b6:
76:46:e9:23:6e:44:e6:54:bd:5f:3b:0c:73:54:60:
63:f1:65:e6:f7:29:91:ff:89:57:ef:00:b5:32:41:
22:61:03:c0:37:7b:84:66:7d:0a:ed:7e:1a:33:d4:
ec:fd:2c:79:aa:ad:19:f9:cc:79:22:db:4b:b5:7f:
93:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:2D:D4:6B:5F:77:68:31:06:21:D2:4B:46:F1:92:7B:D9:F3:08:02
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Dy3Ua193aDEGIdJLRvGSe9nzCAI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
b9:89:e0:25:a2:01:75:a1:67:25:bf:3f:a6:bd:39:c3:8e:db:
0c:ae:e9:de:cd:b2:a0:3f:a7:d8:28:ad:54:97:52:2e:62:0d:
a4:ca:63:2f:64:f3:62:32:34:0e:e1:dc:a8:ca:0f:75:35:a0:
3a:4f:08:22:cd:c1:2b:a1:18:aa:41:af:92:aa:67:cc:bd:8c:
56:43:3b:76:94:67:f1:93:06:cb:14:09:b8:1c:c1:64:6d:a1:
07:1a:a9:92:c3:7b:c5:1f:d0:17:d7:8c:34:63:45:a7:9e:bd:
64:63:0b:74:11:9e:b6:19:2c:26:15:cd:6d:f7:43:7e:22:7d:
ad:2c:d2:43:f5:62:b7:78:d4:78:6a:e9:a9:d7:4b:8f:cb:f5:
fa:51:64:1c:e9:ff:8a:2d:4c:fc:09:db:0e:4b:6a:ca:09:08:
43:82:e2:94:06:f6:bc:cb:14:48:73:50:66:27:43:14:ac:3a:
dc:0c:55:57:53:cc:5d:5c:d4:e7:a2:de:bf:44:a9:4a:5f:0a:
e2:75:23:a7:ae:c9:13:79:09:7f:66:cf:77:18:40:0b:c9:0d:
cf:8c:24:c7:44:27:79:06:b0:47:96:00:b3:d5:ea:77:8f:55:
04:f5:5f:1c:e1:9c:70:06:25:3a:cd:a5:ff:d4:25:8f:ff:35:
d7:ae:41:f7
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICMxcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjcx
NjUyMTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBGMkRENDZCNUY3NzY4
MzEwNjIxRDI0QjQ2RjE5MjdCRDlGMzA4MDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXBShzBQfZepNS/HOZEG9gWtzARlmnp1NllJdeeltnbfsJQYfH
a+TeroP5HYXk57JqzsYztw3O+bXowf7ojcAco2cZOwjq2fgkNYM/q9m0sWyo1E0N
pXkx7ascWs9l8QeZj4EBdGz8KDZbKMahtd28gsTlm4pLVyAC3zDWCGgbHKQBkagS
cVk2/75LNY4OhlU3MrmDX9Pw/p+oT/RpLXoe54wB9B49FFNFJ0W/lQMtEqBKP9qH
fBwgjXl179ZNq14FtnZG6SNuROZUvV87DHNUYGPxZeb3KZH/iVfvALUyQSJhA8A3
e4RmfQrtfhoz1Oz9LHmqrRn5zHki20u1f5PdAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUDy3Ua193aDEGIdJLRvGSe9nzCAIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0R5M1VhMTkzYURFR0lk
SkxSdkdTZTluekNBSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALmJ4CWiAXWhZyW/P6a9OcOO2wyu6d7N
sqA/p9gorVSXUi5iDaTKYy9k82IyNA7h3KjKD3U1oDpPCCLNwSuhGKpBr5KqZ8y9
jFZDO3aUZ/GTBssUCbgcwWRtoQcaqZLDe8Uf0BfXjDRjRaeevWRjC3QRnrYZLCYV
zW33Q34ifa0s0kP1Yrd41Hhq6anXS4/L9fpRZBzp/4otTPwJ2w5LasoJCEOC4pQG
9rzLFEhzUGYnQxSsOtwMVVdTzF1c1Oei3r9EqUpfCuJ1I6euyRN5CX9mz3cYQAvJ
Dc+MJMdEJ3kGsEeWALPV6nePVQT1XxzhnHAGJTrNpf/UJY//NdeuQfc=
-----END CERTIFICATE-----
Generated at Wed Mar 27 23:44:25 2024 by rpki-client on console.sobornost.net