Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/LGwfAL5RgDLiKK3WzBe_aM034vo.roa
File: LGwfAL5RgDLiKK3WzBe_aM034vo.roa (raw, json)
Hash identifier: mrRK1e2ut10p6QDIDKBxuuBRq4LwQYhi3tBeZFcuslY=
Subject key identifier: 2C:6C:1F:00:BE:51:80:32:E2:28:AD:D6:CC:17:BF:68:CD:37:E2:FA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4117
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LGwfAL5RgDLiKK3WzBe_aM034vo.roa
Signing time: Mon 15 Apr 2024 08:52:57 +0000
ROA not before: Mon 15 Apr 2024 08:52:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16663 (0x4117)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 15 08:52:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2C6C1F00BE518032E228ADD6CC17BF68CD37E2FA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:94:2a:d5:2a:ce:2c:9f:6c:34:1f:26:8c:03:
c4:c8:68:6f:aa:9f:bf:a9:d8:42:5b:ed:0c:a1:73:
c7:43:89:b4:36:6a:d9:39:07:28:6a:0b:50:2d:ce:
e8:cb:7e:09:0c:97:1e:19:c5:96:1a:e6:1e:c2:33:
51:1e:36:f2:07:30:be:9a:11:4e:c8:7e:dd:44:d2:
dc:2c:e8:32:45:26:f5:dd:d8:e2:3b:b3:c4:cf:15:
40:ff:17:51:f6:b5:02:ae:80:b1:bd:06:1c:51:e0:
a3:df:16:2b:74:a3:2a:ca:30:81:c3:f0:c2:00:26:
11:e9:87:30:98:16:93:49:b6:31:f5:d3:1c:dc:bc:
1d:97:b8:52:5d:e4:e0:10:d4:b1:d3:27:35:0e:cf:
7b:d8:b5:d7:46:02:c6:96:3c:c6:15:0a:52:7f:16:
09:d4:84:b3:e6:5c:f0:1f:28:bf:21:76:19:f8:bd:
ca:b3:9a:fd:af:25:82:24:e1:78:30:e1:9b:26:64:
7a:3c:6c:66:ac:6f:e3:3e:75:07:ba:f5:a0:6e:20:
34:81:f8:f5:6b:73:7e:2d:2e:9e:bc:17:27:53:bc:
8e:90:88:9c:13:75:8a:6c:02:41:30:a5:a1:d8:19:
a2:41:ba:ea:24:05:98:c7:70:a5:75:63:c7:20:de:
c9:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:6C:1F:00:BE:51:80:32:E2:28:AD:D6:CC:17:BF:68:CD:37:E2:FA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LGwfAL5RgDLiKK3WzBe_aM034vo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
26:51:71:ec:79:3c:27:f9:17:bf:28:ed:8a:d0:07:c5:ad:7d:
9e:ae:83:e8:5b:c5:5d:68:e7:41:cc:cb:a4:57:79:92:c9:b0:
7a:8a:2e:f8:4e:e5:a3:24:37:d4:16:1e:b6:d1:25:59:9b:5e:
e8:db:93:78:a0:19:7e:c2:d4:c2:64:34:bc:87:ab:cd:d7:b6:
40:f1:a8:ed:dc:ba:47:95:fc:88:d0:4f:a5:6f:7f:b9:df:95:
ee:ae:62:5d:61:5d:13:4e:c7:ef:6e:92:d6:a7:9f:45:90:57:
9c:23:4c:30:44:18:94:0e:ae:f0:ff:f7:30:47:36:70:31:c7:
eb:b7:ce:4c:28:b5:bf:11:df:aa:0e:b5:37:49:37:6d:fc:a6:
1b:dd:5c:9f:76:5b:01:f8:50:dd:2b:a3:07:f6:3d:86:43:a2:
7e:83:22:8e:a3:34:48:4f:58:6f:2c:91:50:97:54:03:12:83:
06:45:69:cc:08:06:8e:3f:e7:73:d9:05:6e:28:d3:2a:b8:e9:
cc:7f:0a:18:05:93:17:ac:55:23:5c:7c:64:c2:7f:40:df:fb:
da:f3:db:5c:91:02:09:1c:ba:13:d4:fe:99:c8:5c:52:16:26:
52:1e:6d:79:b1:06:64:08:ec:97:b7:bb:47:52:03:45:3f:e1:
09:3b:63:c3
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQRcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTUw
ODUyNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJDNkMxRjAwQkU1MTgw
MzJFMjI4QURENkNDMTdCRjY4Q0QzN0UyRkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvlCrVKs4sn2w0HyaMA8TIaG+qn7+p2EJb7Qyhc8dDibQ2atk5
ByhqC1AtzujLfgkMlx4ZxZYa5h7CM1EeNvIHML6aEU7Ift1E0tws6DJFJvXd2OI7
s8TPFUD/F1H2tQKugLG9BhxR4KPfFit0oyrKMIHD8MIAJhHphzCYFpNJtjH10xzc
vB2XuFJd5OAQ1LHTJzUOz3vYtddGAsaWPMYVClJ/FgnUhLPmXPAfKL8hdhn4vcqz
mv2vJYIk4Xgw4ZsmZHo8bGasb+M+dQe69aBuIDSB+PVrc34tLp68FydTvI6QiJwT
dYpsAkEwpaHYGaJBuuokBZjHcKV1Y8cg3smfAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQULGwfAL5RgDLiKK3WzBe/aM034vowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0xHd2ZBTDVSZ0RMaUtL
M1d6QmVfYU0wMzR2by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBACZRcex5PCf5F78o7YrQB8WtfZ6ug+hb
xV1o50HMy6RXeZLJsHqKLvhO5aMkN9QWHrbRJVmbXujbk3igGX7C1MJkNLyHq83X
tkDxqO3cukeV/IjQT6Vvf7nfle6uYl1hXRNOx+9uktann0WQV5wjTDBEGJQOrvD/
9zBHNnAxx+u3zkwotb8R36oOtTdJN238phvdXJ92WwH4UN0rowf2PYZDon6DIo6j
NEhPWG8skVCXVAMSgwZFacwIBo4/53PZBW4o0yq46cx/ChgFkxesVSNcfGTCf0Df
+9rz21yRAgkcuhPU/pnIXFIWJlIebXmxBmQI7Je3u0dSA0U/4Qk7Y8M=
-----END CERTIFICATE-----
Generated at Mon Apr 15 15:29:25 2024 by rpki-client on console.sobornost.net