Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/JzPCYdxvP9WO2SOpn_ZxQ6bfj0U.roa
File: JzPCYdxvP9WO2SOpn_ZxQ6bfj0U.roa (raw, json)
Hash identifier: 4AcQ1w251lapZzINO1FDgMTZ4zK1b+VmtUGqYhtGkNA=
Subject key identifier: 27:33:C2:61:DC:6F:3F:D5:8E:D9:23:A9:9F:F6:71:43:A6:DF:8F:45
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4217
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/JzPCYdxvP9WO2SOpn_ZxQ6bfj0U.roa
Signing time: Tue 16 Apr 2024 16:53:25 +0000
ROA not before: Tue 16 Apr 2024 16:53:25 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16919 (0x4217)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 16 16:53:25 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2733C261DC6F3FD58ED923A99FF67143A6DF8F45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:57:3a:f1:36:55:44:75:59:91:f6:08:35:2d:
4a:af:06:5c:89:99:b7:6b:01:01:0a:59:cc:2e:4c:
77:bd:5c:78:88:6c:a5:95:59:c2:b6:de:dd:f9:e8:
29:10:c1:b9:e5:9a:5f:1d:77:92:21:e7:9e:52:5e:
35:26:fa:4f:88:6b:1d:30:98:df:f5:58:52:cd:20:
92:5c:f4:e7:e3:6a:ad:bf:44:fb:52:61:f3:28:6f:
98:9b:8d:cd:53:ba:d9:35:b3:17:50:96:d9:20:5d:
71:a2:ad:03:d0:47:fc:b9:e2:35:14:24:7f:ea:f3:
e6:32:56:7c:d3:2c:5f:d2:bb:02:45:f6:6b:42:c2:
ec:6f:40:60:0e:8d:f3:c8:ec:9b:99:b9:83:c5:03:
e9:8c:37:2d:84:7e:a3:e1:bc:49:dc:97:3b:ca:eb:
67:73:b6:a9:9d:33:eb:c4:b9:af:95:00:54:47:6b:
79:fc:75:39:3b:d6:81:b4:0f:60:ff:e3:f1:18:27:
e5:36:f0:3d:40:f2:7c:cd:d7:66:ee:35:c9:d1:6f:
54:b0:d3:c7:e6:cc:90:6f:76:30:a9:f7:7b:27:97:
31:12:13:b5:21:12:f7:ab:26:01:94:3a:10:32:f4:
6e:fc:99:8c:a0:ad:eb:9a:45:28:15:9a:d2:bd:0e:
2c:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:33:C2:61:DC:6F:3F:D5:8E:D9:23:A9:9F:F6:71:43:A6:DF:8F:45
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/JzPCYdxvP9WO2SOpn_ZxQ6bfj0U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
02:5e:26:fe:47:75:3b:69:1f:ff:4d:1a:c6:bf:21:0d:63:b8:
ab:5c:fa:25:f4:88:11:31:ce:e6:6f:da:f6:bb:1c:6f:74:e1:
81:97:9a:10:f3:79:dd:d8:ce:51:72:e0:d6:99:c2:45:af:ec:
6c:26:99:e3:c9:8c:9f:ec:b2:8f:56:bf:90:14:94:21:7f:1c:
f5:01:ec:aa:04:66:a6:58:4b:56:47:fc:ee:9b:c9:ac:2c:47:
39:bb:84:28:e9:1f:34:63:ca:49:c7:b7:fa:8b:0e:ca:07:b7:
12:73:43:53:4b:dc:46:e7:8f:ac:36:53:9c:69:df:e2:6f:d3:
36:c4:79:b1:c2:61:d2:c5:fc:39:55:d1:68:a5:ad:94:ca:6f:
7f:21:0b:4d:01:37:89:15:df:c9:de:a3:23:0c:83:18:6f:ef:
42:ac:ba:f7:3b:6f:75:f6:1e:f6:03:b3:06:2b:1a:16:8d:53:
16:7f:6e:c6:a1:ae:ea:9f:16:4b:ba:8e:fe:ab:d1:a2:07:7b:
95:48:dd:f3:09:50:0b:27:c0:8e:e6:20:2e:6e:6d:b3:7a:08:
f0:36:3c:32:f5:4d:b9:9d:8b:52:13:5f:a7:83:cf:13:53:c3:
ed:4d:88:be:d1:e6:cb:85:67:3c:55:4d:69:1b:79:8b:09:80:
0b:eb:10:cf
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQhcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTYx
NjUzMjVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI3MzNDMjYxREM2RjNG
RDU4RUQ5MjNBOTlGRjY3MTQzQTZERjhGNDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8VzrxNlVEdVmR9gg1LUqvBlyJmbdrAQEKWcwuTHe9XHiIbKWV
WcK23t356CkQwbnlml8dd5Ih555SXjUm+k+Iax0wmN/1WFLNIJJc9Ofjaq2/RPtS
YfMob5ibjc1Tutk1sxdQltkgXXGirQPQR/y54jUUJH/q8+YyVnzTLF/SuwJF9mtC
wuxvQGAOjfPI7JuZuYPFA+mMNy2EfqPhvEnclzvK62dztqmdM+vEua+VAFRHa3n8
dTk71oG0D2D/4/EYJ+U28D1A8nzN12buNcnRb1Sw08fmzJBvdjCp93snlzESE7Uh
EverJgGUOhAy9G78mYygreuaRSgVmtK9DiydAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUJzPCYdxvP9WO2SOpn/ZxQ6bfj0UwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0p6UENZZHh2UDlXTzJT
T3BuX1p4UTZiZmowVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAAJeJv5HdTtpH/9NGsa/IQ1juKtc+iX0
iBExzuZv2va7HG904YGXmhDzed3YzlFy4NaZwkWv7GwmmePJjJ/sso9Wv5AUlCF/
HPUB7KoEZqZYS1ZH/O6byawsRzm7hCjpHzRjyknHt/qLDsoHtxJzQ1NL3Ebnj6w2
U5xp3+Jv0zbEebHCYdLF/DlV0WilrZTKb38hC00BN4kV38neoyMMgxhv70Ksuvc7
b3X2HvYDswYrGhaNUxZ/bsahruqfFku6jv6r0aIHe5VI3fMJUAsnwI7mIC5ubbN6
CPA2PDL1Tbmdi1ITX6eDzxNTw+1NiL7R5suFZzxVTWkbeYsJgAvrEM8=
-----END CERTIFICATE-----
Generated at Wed Apr 17 00:34:03 2024 by rpki-client on console.sobornost.net