Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/KAPJBeb-BKArbnBiox-ec359PWI.roa
File: KAPJBeb-BKArbnBiox-ec359PWI.roa (raw, json)
Hash identifier: RRoGUG/zcQTLuJAifGNiF4dJ/OsjjOzLwUmTXQi6HKE=
Subject key identifier: 28:03:C9:05:E6:FE:04:A0:2B:6E:70:62:A3:1F:9E:73:7E:7D:3D:62
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5397
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KAPJBeb-BKArbnBiox-ec359PWI.roa
Signing time: Fri 10 May 2024 00:54:01 +0000
ROA not before: Fri 10 May 2024 00:54:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21399 (0x5397)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 10 00:54:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2803C905E6FE04A02B6E7062A31F9E737E7D3D62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:fe:c8:f9:07:c2:de:50:47:1e:37:0f:42:ee:
68:3f:e3:ee:8f:c1:ae:74:24:10:4e:69:31:f0:07:
8f:f1:9b:64:8e:8c:ba:83:00:2d:de:ee:b3:47:45:
89:58:84:85:8a:9d:d9:36:55:33:5b:8b:47:ae:6e:
34:39:d1:df:88:d2:7a:fa:2c:12:37:cf:4f:4d:b2:
c7:1f:b1:89:bc:5d:68:39:5c:c7:ad:73:6e:77:10:
a5:3a:5e:3c:36:94:ef:0d:63:b3:4c:26:25:1c:41:
83:1e:e9:a0:a2:2b:9f:54:ea:8b:77:6d:b2:72:2c:
ee:32:c5:59:25:fa:a0:2b:1b:0a:c7:6a:64:62:56:
64:32:1c:c8:41:08:40:5f:3b:f8:af:4a:be:3a:13:
63:41:cd:a9:c5:36:e4:9b:33:c7:2a:83:4f:e1:3a:
52:63:d6:10:15:dd:7d:70:cf:34:9f:3a:70:f6:e4:
7f:c6:60:84:09:dd:4f:ed:35:19:76:76:58:d6:ad:
d6:e6:22:78:93:de:57:2c:f8:3b:33:2e:06:9d:45:
c0:f2:7f:41:e8:87:63:6c:10:84:54:67:66:13:f9:
2e:44:55:0c:6c:b6:92:a3:b0:b8:58:37:eb:9c:e6:
3d:03:21:3d:7e:23:2f:76:ad:89:a9:b5:e4:2b:0b:
3c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:03:C9:05:E6:FE:04:A0:2B:6E:70:62:A3:1F:9E:73:7E:7D:3D:62
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/KAPJBeb-BKArbnBiox-ec359PWI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
8e:99:92:25:56:24:98:8b:73:eb:4a:91:37:91:b1:ec:0e:8b:
a4:b6:74:d0:72:17:69:91:36:5a:63:44:fb:1f:f1:24:b4:ba:
64:59:5e:4e:e5:9f:7a:01:cf:f9:95:36:f5:6c:1d:f6:8f:23:
ad:72:fd:c2:7e:45:ba:7f:a0:00:d1:66:ae:14:95:64:9a:0f:
ab:70:fe:ec:28:f3:ee:8d:7e:df:bd:8b:ef:f9:7c:10:2c:64:
3c:56:be:7d:7b:39:a5:2c:c0:e0:39:b1:62:2c:33:59:d4:93:
ee:5a:08:d2:82:4c:a8:6d:5a:e4:f0:b9:0e:2a:a0:57:d3:d7:
6e:a3:5b:a0:94:c7:15:23:31:25:49:61:3d:87:8e:15:fb:5a:
bd:1d:2a:3c:59:61:a1:1a:53:a4:e6:c7:27:da:30:f6:8b:66:
24:81:fc:aa:20:a2:0f:2c:03:55:c7:e8:57:15:89:70:ba:50:
fc:25:e4:be:e3:b8:e2:8b:a0:b8:cb:a7:ec:b2:e8:15:49:28:
8f:35:fe:5c:24:61:45:62:0a:4f:8d:58:a0:35:82:7d:0a:76:
e5:05:c5:2e:b8:13:8e:ef:56:1b:71:59:ff:4e:d4:fa:10:27:
64:89:ab:c3:98:2f:e6:09:83:99:8b:08:b3:39:92:f7:4a:f0:
60:42:01:fb
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICU5cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTAw
MDU0MDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI4MDNDOTA1RTZGRTA0
QTAyQjZFNzA2MkEzMUY5RTczN0U3RDNENjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCx/sj5B8LeUEceNw9C7mg/4+6Pwa50JBBOaTHwB4/xm2SOjLqD
AC3e7rNHRYlYhIWKndk2VTNbi0eubjQ50d+I0nr6LBI3z09NsscfsYm8XWg5XMet
c253EKU6Xjw2lO8NY7NMJiUcQYMe6aCiK59U6ot3bbJyLO4yxVkl+qArGwrHamRi
VmQyHMhBCEBfO/ivSr46E2NBzanFNuSbM8cqg0/hOlJj1hAV3X1wzzSfOnD25H/G
YIQJ3U/tNRl2dljWrdbmIniT3lcs+DszLgadRcDyf0Hoh2NsEIRUZ2YT+S5EVQxs
tpKjsLhYN+uc5j0DIT1+Iy92rYmpteQrCzzzAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUKAPJBeb+BKArbnBiox+ec359PWIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0tBUEpCZWItQktBcmJu
QmlveC1lYzM1OVBXSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAI6ZkiVWJJiLc+tKkTeRsewOi6S2dNBy
F2mRNlpjRPsf8SS0umRZXk7ln3oBz/mVNvVsHfaPI61y/cJ+Rbp/oADRZq4UlWSa
D6tw/uwo8+6Nft+9i+/5fBAsZDxWvn17OaUswOA5sWIsM1nUk+5aCNKCTKhtWuTw
uQ4qoFfT126jW6CUxxUjMSVJYT2HjhX7Wr0dKjxZYaEaU6TmxyfaMPaLZiSB/Kog
og8sA1XH6FcViXC6UPwl5L7juOKLoLjLp+yy6BVJKI81/lwkYUViCk+NWKA1gn0K
duUFxS64E47vVhtxWf9O1PoQJ2SJq8OYL+YJg5mLCLM5kvdK8GBCAfs=
-----END CERTIFICATE-----
Generated at Fri May 10 09:46:57 2024 by rpki-client on console.sobornost.net