Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/RRCihtdnAkNZYyKimDoTjTv69lE.roa
File: RRCihtdnAkNZYyKimDoTjTv69lE.roa (raw, json)
Hash identifier: DyOLw40dCxoPYpJGQSOa5d9Y+AyGvp3JYWyhz0YCcec=
Subject key identifier: 45:10:A2:86:D7:67:02:43:59:63:22:A2:98:3A:13:8D:3B:FA:F6:51
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3707
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/RRCihtdnAkNZYyKimDoTjTv69lE.roa
Signing time: Mon 01 Apr 2024 22:52:15 +0000
ROA not before: Mon 01 Apr 2024 22:52:15 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14087 (0x3707)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 1 22:52:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4510A286D7670243596322A2983A138D3BFAF651
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:fd:dd:3f:9d:a8:5c:c1:aa:58:92:fe:06:fc:
2e:b4:36:3a:e9:cd:68:d7:60:b4:3a:0d:b0:d8:e6:
0f:29:d0:bd:fd:ad:53:2e:1e:30:e4:8a:6f:a9:70:
f4:b6:28:fe:c7:cb:40:5d:6d:ff:9e:d2:71:7a:c6:
97:aa:a0:33:d6:0d:ab:4b:7a:23:17:d5:49:8a:16:
c1:b6:5a:c3:11:9c:30:d7:00:e4:dd:d2:db:86:7c:
d0:d0:32:8d:cf:17:43:1c:39:15:5a:c3:95:3b:d3:
7d:20:70:63:b0:7d:73:00:24:92:af:10:ed:47:45:
1d:5a:11:ad:89:96:d4:c6:06:18:d5:20:7d:24:ee:
20:95:33:c8:95:85:a2:68:9d:a5:24:f1:e3:4e:24:
ff:8c:fd:ab:7e:d0:b7:26:6b:96:69:9f:a4:7e:99:
33:0c:9a:cd:7b:1a:85:89:7f:4d:a6:b3:c4:df:a4:
64:94:6c:4f:7e:78:67:ce:b1:36:c0:7a:36:a6:96:
8a:a3:2b:f4:0f:be:b7:41:e3:ae:6b:c7:3a:23:cb:
3d:af:09:69:26:da:f9:6f:af:a4:3d:9e:f6:dc:93:
9b:18:02:85:74:ef:be:23:0e:08:4a:4e:1d:9b:cb:
f6:ff:75:d8:05:63:60:fe:a3:a8:ca:e7:69:7c:4d:
56:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:10:A2:86:D7:67:02:43:59:63:22:A2:98:3A:13:8D:3B:FA:F6:51
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/RRCihtdnAkNZYyKimDoTjTv69lE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
4d:9f:69:6d:25:2f:aa:dc:f8:25:ec:71:1d:bb:38:06:a7:42:
59:66:1f:03:d6:a2:63:f8:9f:a7:36:6a:de:af:7d:f8:dd:46:
0d:27:c1:e4:2d:7c:ad:2f:c7:34:fb:90:b6:84:72:28:9f:1d:
db:ba:d9:72:c0:cc:13:71:58:0a:6c:9e:35:03:96:cb:66:c1:
39:f3:21:ba:c7:7a:b8:ba:ae:af:bb:dd:a2:1f:93:87:09:8e:
71:ea:a5:e9:05:40:e6:cf:2f:08:09:90:1c:e6:44:07:f5:3a:
be:c6:ae:32:a2:65:18:14:26:4c:1c:e9:31:5a:ce:cd:5e:b2:
34:51:9c:2b:01:ea:f0:c5:02:15:e9:8f:c3:a1:08:73:15:89:
14:96:c6:84:9a:c6:30:56:cf:91:82:9c:0e:86:38:7a:a8:65:
a6:9c:fa:20:63:63:41:f1:64:c6:8c:70:bd:a7:7d:aa:75:81:
9d:1d:c5:ff:9f:af:98:e9:22:76:5b:6e:b1:1c:82:88:1d:80:
f9:c3:47:b9:61:ac:92:a9:85:20:a2:73:ef:27:bd:ff:83:17:
62:08:7b:73:d9:e3:b0:3c:05:5a:d8:b0:d6:50:5c:04:97:27:
20:4f:93:6e:2c:17:1b:c3:0e:9a:31:11:bb:51:cf:b6:b7:27:
24:90:3b:a3
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNwcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDEy
MjUyMTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ1MTBBMjg2RDc2NzAy
NDM1OTYzMjJBMjk4M0ExMzhEM0JGQUY2NTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4/d0/nahcwapYkv4G/C60NjrpzWjXYLQ6DbDY5g8p0L39rVMu
HjDkim+pcPS2KP7Hy0Bdbf+e0nF6xpeqoDPWDatLeiMX1UmKFsG2WsMRnDDXAOTd
0tuGfNDQMo3PF0McORVaw5U7030gcGOwfXMAJJKvEO1HRR1aEa2JltTGBhjVIH0k
7iCVM8iVhaJonaUk8eNOJP+M/at+0Lcma5Zpn6R+mTMMms17GoWJf02ms8TfpGSU
bE9+eGfOsTbAejamloqjK/QPvrdB465rxzojyz2vCWkm2vlvr6Q9nvbck5sYAoV0
774jDghKTh2by/b/ddgFY2D+o6jK52l8TVbrAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQURRCihtdnAkNZYyKimDoTjTv69lEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1JSQ2lodGRuQWtOWll5
S2ltRG9UalR2NjlsRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAE2faW0lL6rc+CXscR27OAanQllmHwPW
omP4n6c2at6vffjdRg0nweQtfK0vxzT7kLaEciifHdu62XLAzBNxWApsnjUDlstm
wTnzIbrHeri6rq+73aIfk4cJjnHqpekFQObPLwgJkBzmRAf1Or7GrjKiZRgUJkwc
6TFazs1esjRRnCsB6vDFAhXpj8OhCHMViRSWxoSaxjBWz5GCnA6GOHqoZaac+iBj
Y0HxZMaMcL2nfap1gZ0dxf+fr5jpInZbbrEcgogdgPnDR7lhrJKphSCic+8nvf+D
F2IIe3PZ47A8BVrYsNZQXASXJyBPk24sFxvDDpoxEbtRz7a3JySQO6M=
-----END CERTIFICATE-----
Generated at Tue Apr 2 07:08:13 2024 by rpki-client on console.sobornost.net