Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/I1KFFNNodFCVnwzCWIssGtqF1m4.roa
File: I1KFFNNodFCVnwzCWIssGtqF1m4.roa (raw, json)
Hash identifier: Z8FUZExcp68y9SmVEoAY0Q/972EZWUrjStW3bcUdjzQ=
Subject key identifier: 23:52:85:14:D3:68:74:50:95:9F:0C:C2:58:8B:2C:1A:DA:85:D6:6E
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4B5B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/I1KFFNNodFCVnwzCWIssGtqF1m4.roa
Signing time: Mon 29 Apr 2024 01:23:29 +0000
ROA not before: Mon 29 Apr 2024 01:23:29 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19291 (0x4b5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 29 01:23:29 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=23528514D3687450959F0CC2588B2C1ADA85D66E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c4:12:04:c1:f9:09:ef:15:61:86:99:4c:06:
52:e9:a8:0d:f1:30:c4:b4:89:78:e5:49:b9:3d:ff:
a9:ef:94:61:9a:80:53:7c:22:de:c4:85:3d:6c:a3:
f8:19:55:a1:74:ea:fe:90:f0:7e:f3:1d:e8:9a:5e:
51:b4:5b:39:86:65:45:ab:7e:cb:db:79:8f:61:60:
2f:e0:e4:9e:d5:1a:12:25:c5:a8:a9:41:57:6d:73:
55:4d:69:53:ac:58:28:d9:db:07:2b:5f:b9:a0:2a:
97:df:ba:25:74:ab:b2:43:4b:1f:d9:2b:aa:d9:43:
f9:31:dc:31:00:1a:a2:87:6a:1d:d4:35:9e:0b:ca:
be:97:58:d7:ac:35:3e:fd:9f:c3:39:27:68:66:f8:
67:0d:29:c7:cc:ce:8f:cc:b7:04:8f:33:a2:c7:62:
9e:93:d5:42:8b:dd:bf:3d:f1:b0:ed:d3:5a:48:67:
28:ee:35:40:7b:d7:08:79:b9:55:9e:55:30:99:ea:
e1:5d:77:5c:2a:e6:43:0e:26:6e:5a:ec:1f:cc:f1:
f2:75:e0:ad:7b:99:f8:3c:5c:4d:27:d6:d4:9f:55:
25:98:3b:3d:ff:1a:09:6e:d5:09:62:7d:7e:b2:f0:
04:8c:45:72:25:c5:f1:7b:d0:6b:74:3f:d3:78:a5:
05:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:52:85:14:D3:68:74:50:95:9F:0C:C2:58:8B:2C:1A:DA:85:D6:6E
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/I1KFFNNodFCVnwzCWIssGtqF1m4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
a9:77:2c:bf:18:f2:37:e9:9d:18:8a:db:d1:d2:cd:a5:62:40:
ec:17:d2:c5:e3:ec:10:be:27:92:85:6f:d2:70:d6:86:c1:cb:
72:82:30:72:a7:0c:a2:fc:14:b3:72:d7:77:69:1a:37:e2:7e:
55:d5:82:3d:1d:42:b8:6f:85:a4:17:d2:e8:5d:82:33:f9:4d:
16:25:21:90:ff:04:c0:73:d6:35:0b:5d:8f:14:8c:0d:7f:df:
fe:6c:75:ee:46:f3:7d:fe:31:43:da:34:f0:ab:f1:9d:42:61:
a8:c4:28:02:0d:a7:79:e0:34:23:3c:08:0f:b0:aa:d9:26:af:
a4:7a:67:23:b0:0a:6b:4d:52:c8:d3:9c:73:11:a9:54:3d:a7:
1f:59:6e:38:b3:21:0f:e5:ba:9e:4f:05:a8:db:f2:e2:59:27:
2d:28:d0:d6:9a:8d:df:31:e4:5d:01:59:76:3a:68:39:9d:80:
31:f0:e7:5e:21:4b:df:69:27:f7:80:8a:a0:91:70:87:5a:5c:
15:26:83:f7:d7:09:36:53:d5:7e:d5:ab:12:36:8a:da:04:3a:
e4:0b:f9:32:81:5e:57:04:32:ea:a8:79:c3:fe:27:61:de:62:
24:cc:cf:8a:f2:70:44:d1:fe:1d:eb:ba:ef:74:90:d4:5a:1a:
11:fa:f1:0d
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICS1swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjkw
MTIzMjlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIzNTI4NTE0RDM2ODc0
NTA5NTlGMENDMjU4OEIyQzFBREE4NUQ2NkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmxBIEwfkJ7xVhhplMBlLpqA3xMMS0iXjlSbk9/6nvlGGagFN8
It7EhT1so/gZVaF06v6Q8H7zHeiaXlG0WzmGZUWrfsvbeY9hYC/g5J7VGhIlxaip
QVdtc1VNaVOsWCjZ2wcrX7mgKpffuiV0q7JDSx/ZK6rZQ/kx3DEAGqKHah3UNZ4L
yr6XWNesNT79n8M5J2hm+GcNKcfMzo/MtwSPM6LHYp6T1UKL3b898bDt01pIZyju
NUB71wh5uVWeVTCZ6uFdd1wq5kMOJm5a7B/M8fJ14K17mfg8XE0n1tSfVSWYOz3/
Gglu1QlifX6y8ASMRXIlxfF70Gt0P9N4pQWTAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUI1KFFNNodFCVnwzCWIssGtqF1m4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0kxS0ZGTk5vZEZDVm53
ekNXSXNzR3RxRjFtNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAKl3LL8Y8jfpnRiK29HSzaViQOwX0sXj
7BC+J5KFb9Jw1obBy3KCMHKnDKL8FLNy13dpGjfiflXVgj0dQrhvhaQX0uhdgjP5
TRYlIZD/BMBz1jULXY8UjA1/3/5sde5G833+MUPaNPCr8Z1CYajEKAINp3ngNCM8
CA+wqtkmr6R6ZyOwCmtNUsjTnHMRqVQ9px9ZbjizIQ/lup5PBajb8uJZJy0o0Naa
jd8x5F0BWXY6aDmdgDHw514hS99pJ/eAiqCRcIdaXBUmg/fXCTZT1X7VqxI2itoE
OuQL+TKBXlcEMuqoecP+J2HeYiTMz4rycETR/h3ruu90kNRaGhH68Q0=
-----END CERTIFICATE-----
Generated at Mon Apr 29 06:28:42 2024 by rpki-client on console.sobornost.net