Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/Tvtdiyy9pcdhso0RBxJuLVoxmCE.roa
File: Tvtdiyy9pcdhso0RBxJuLVoxmCE.roa (raw, json)
Hash identifier: rmLRwKaEJp1lIgbxWdWLqfulYh6kPRsAAVVP6OZ7NM4=
Subject key identifier: 4E:FB:5D:8B:2C:BD:A5:C7:61:B2:8D:11:07:12:6E:2D:5A:31:98:21
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 460B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Tvtdiyy9pcdhso0RBxJuLVoxmCE.roa
Signing time: Sun 21 Apr 2024 23:23:16 +0000
ROA not before: Sun 21 Apr 2024 23:23:16 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17931 (0x460b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 21 23:23:16 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4EFB5D8B2CBDA5C761B28D1107126E2D5A319821
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:67:e2:70:01:60:39:41:c9:a0:a9:b4:de:fe:
61:36:5e:19:66:09:52:37:15:12:9f:de:bc:58:a9:
c0:21:78:c9:a8:43:3d:1e:82:17:6f:b9:ef:c6:26:
39:c3:e1:48:50:bb:9a:75:b2:0a:0f:00:8d:4a:c2:
60:8c:6c:87:63:61:25:ae:b8:ea:da:c5:82:ea:21:
36:f4:f4:70:1b:64:32:53:52:26:ca:40:37:6d:ca:
11:fc:31:17:ae:a2:f8:5e:a4:33:32:6e:cb:87:f5:
83:11:b9:3a:5e:57:69:56:36:7c:dd:83:4c:06:94:
2a:34:f7:2d:d0:8b:d0:60:d6:0a:70:a0:7a:b3:3c:
0a:17:79:3c:4b:bb:07:4b:ac:0f:c9:88:30:68:ba:
ef:7f:99:9b:25:b4:00:ec:bc:08:b6:2c:7a:b7:8b:
60:5c:99:b4:d8:88:fb:84:96:21:c9:a9:4a:23:b1:
b9:52:c2:6c:4a:92:2a:2f:e7:2f:02:cb:49:f0:99:
ea:a3:18:66:fd:76:5c:b4:20:95:33:14:d1:57:23:
31:9b:cb:6e:b8:1d:9e:91:be:14:1b:d3:60:48:a0:
65:0a:c9:75:a1:53:0c:54:ac:06:2c:93:5f:7d:9d:
8b:2a:97:da:34:ca:96:f6:5f:61:3c:64:19:95:86:
40:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:FB:5D:8B:2C:BD:A5:C7:61:B2:8D:11:07:12:6E:2D:5A:31:98:21
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/Tvtdiyy9pcdhso0RBxJuLVoxmCE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
3c:9c:c9:82:4e:62:f3:7e:df:97:b1:8a:d3:b5:10:73:36:88:
ac:d2:b2:6d:17:4c:1f:47:f1:ed:8d:59:d9:ef:a4:42:b0:c1:
65:f4:cc:f4:5c:16:8b:00:f2:31:aa:ed:d1:c7:c7:6c:e4:ef:
09:df:b1:f0:89:56:01:94:6b:a9:1e:26:23:32:76:c1:21:5c:
fa:40:f5:bb:83:12:f5:e7:28:9f:1e:ea:15:0a:14:9a:cf:b6:
c7:5b:ec:1c:bc:d1:51:4b:6c:19:7b:70:0a:d1:73:00:46:ac:
77:16:80:bd:2e:37:75:0c:88:5e:a8:5e:1f:d5:a4:31:4b:e3:
27:4c:95:50:b5:1f:3b:a9:1d:13:7c:fe:e1:ac:fb:27:83:70:
9c:d0:b0:3f:d0:77:fa:ed:41:e5:51:66:23:fd:23:f2:be:4e:
50:eb:6a:33:be:97:5a:f9:20:2f:79:5b:3e:21:b8:78:d3:0e:
82:95:3d:65:1a:07:01:5e:1e:f4:ab:da:1c:8d:c5:da:59:40:
9c:64:e9:42:3b:c7:64:cf:4c:83:12:d5:24:ee:6f:61:c2:89:
24:f8:1b:88:9c:16:38:eb:5a:36:48:75:be:4c:bd:ce:05:43:
7c:78:ab:e2:26:d5:f0:54:37:3b:a3:11:42:3f:05:75:32:29:
a8:29:c6:88
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICRgswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjEy
MzIzMTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRFRkI1RDhCMkNCREE1
Qzc2MUIyOEQxMTA3MTI2RTJENUEzMTk4MjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDyZ+JwAWA5QcmgqbTe/mE2XhlmCVI3FRKf3rxYqcAheMmoQz0e
ghdvue/GJjnD4UhQu5p1sgoPAI1KwmCMbIdjYSWuuOraxYLqITb09HAbZDJTUibK
QDdtyhH8MReuovhepDMybsuH9YMRuTpeV2lWNnzdg0wGlCo09y3Qi9Bg1gpwoHqz
PAoXeTxLuwdLrA/JiDBouu9/mZsltADsvAi2LHq3i2BcmbTYiPuEliHJqUojsblS
wmxKkiov5y8Cy0nwmeqjGGb9dly0IJUzFNFXIzGby264HZ6RvhQb02BIoGUKyXWh
UwxUrAYsk199nYsql9o0ypb2X2E8ZBmVhkAlAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUTvtdiyy9pcdhso0RBxJuLVoxmCEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1R2dGRpeXk5cGNkaHNv
MFJCeEp1TFZveG1DRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBADycyYJOYvN+35exitO1EHM2iKzSsm0X
TB9H8e2NWdnvpEKwwWX0zPRcFosA8jGq7dHHx2zk7wnfsfCJVgGUa6keJiMydsEh
XPpA9buDEvXnKJ8e6hUKFJrPtsdb7By80VFLbBl7cArRcwBGrHcWgL0uN3UMiF6o
Xh/VpDFL4ydMlVC1HzupHRN8/uGs+yeDcJzQsD/Qd/rtQeVRZiP9I/K+TlDrajO+
l1r5IC95Wz4huHjTDoKVPWUaBwFeHvSr2hyNxdpZQJxk6UI7x2TPTIMS1STub2HC
iST4G4icFjjrWjZIdb5Mvc4FQ3x4q+Im1fBUNzujEUI/BXUyKagpxog=
-----END CERTIFICATE-----
Generated at Wed Apr 24 03:15:13 2024 by rpki-client on console.sobornost.net