Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/zl-13EgcjNfpSWDG04i4M8cYblo.roa
File: zl-13EgcjNfpSWDG04i4M8cYblo.roa (raw, json)
Hash identifier: oNh3DIRW/+262TujYXoW0v0KtSC3Jq+U+zl9xcDpKEE=
Subject key identifier: CE:5F:B5:DC:48:1C:8C:D7:E9:49:60:C6:D3:88:B8:33:C7:18:6E:5A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 45A3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zl-13EgcjNfpSWDG04i4M8cYblo.roa
Signing time: Sun 21 Apr 2024 10:23:07 +0000
ROA not before: Sun 21 Apr 2024 10:23:07 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17827 (0x45a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 21 10:23:07 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=CE5FB5DC481C8CD7E94960C6D388B833C7186E5A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e2:67:f6:e9:c9:65:2e:4c:f9:64:87:e4:87:
21:61:f5:73:28:dd:16:64:83:5c:d7:ec:fc:57:d4:
ab:bc:5f:cd:0c:15:fe:21:4f:f0:16:92:68:42:4e:
24:47:8e:35:34:80:24:c0:a2:ab:c7:79:32:83:6c:
af:4e:2e:31:f9:24:d5:5d:76:90:97:eb:c7:38:c0:
b5:ad:14:3e:02:22:80:28:20:42:3a:6c:89:45:7c:
de:4b:5e:8c:a0:ca:b5:45:9e:b1:85:75:8e:5b:83:
46:e8:e7:bf:e1:28:60:58:8a:b2:f5:31:18:5f:9d:
99:60:8f:46:5b:8f:b0:73:1e:28:de:6f:dc:34:75:
96:d4:c7:7b:86:23:9f:29:9b:e1:f4:66:e1:ea:94:
d9:a5:74:fd:42:66:5f:27:0c:42:d8:1a:ed:4f:ce:
10:22:13:5f:f3:2f:1e:60:36:e5:80:c3:9f:36:1e:
cf:43:25:47:78:3a:fe:5a:bb:50:d8:aa:42:74:2f:
6f:dd:33:fd:1f:a5:01:5d:7f:c2:79:46:b1:ea:e1:
79:89:31:a6:67:f6:e5:4d:cd:1e:74:84:18:13:69:
91:0e:7c:07:91:36:9f:22:23:3d:aa:44:8c:2a:9c:
06:f8:9f:2a:91:49:98:a4:11:39:70:12:23:6c:31:
e9:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:5F:B5:DC:48:1C:8C:D7:E9:49:60:C6:D3:88:B8:33:C7:18:6E:5A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/zl-13EgcjNfpSWDG04i4M8cYblo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
4c:45:61:2a:96:5a:5c:a0:94:50:61:46:0e:d5:0e:8d:9c:98:
fe:2d:a7:ed:f1:f2:2a:ff:bc:ac:9c:74:36:0a:11:aa:b9:80:
1c:eb:2a:e2:d5:39:08:48:a3:77:04:68:a4:9f:7c:c6:b0:a2:
be:2a:e3:3a:70:27:36:8f:c4:b7:f4:6d:9f:cf:ba:e9:09:d5:
50:00:27:99:18:67:0b:9c:6a:b1:bd:6d:d0:ac:9a:c6:7d:f7:
f1:6f:e5:4d:98:55:fd:3f:d0:4c:e9:95:dd:24:be:b1:05:81:
a7:3f:fd:81:90:0b:94:2a:6d:f7:5b:42:c9:8e:4c:84:16:4b:
06:8f:46:43:3e:f8:5d:70:44:c7:62:05:dd:e9:18:a5:a1:83:
a3:1e:fb:14:7a:4e:5a:7d:a1:e2:25:c3:2d:39:fe:3c:69:ac:
b1:ab:f5:22:cc:38:a9:9b:65:3c:8f:1e:f6:53:04:40:07:a9:
7a:0d:03:f4:63:79:f3:45:00:31:51:53:6c:7a:14:4f:01:2d:
7f:ad:1d:76:8f:54:0c:f9:b9:6e:b4:6a:da:c9:a7:18:94:81:
5b:60:e9:5d:d6:92:f7:ea:06:16:53:a0:f1:7a:36:a9:65:19:
d7:c4:9f:f3:34:26:57:d5:59:2b:31:79:10:3b:d0:fd:ec:3b:
33:35:1b:1e
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICRaMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjEx
MDIzMDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENFNUZCNURDNDgxQzhD
RDdFOTQ5NjBDNkQzODhCODMzQzcxODZFNUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDE4mf26cllLkz5ZIfkhyFh9XMo3RZkg1zX7PxX1Ku8X80MFf4h
T/AWkmhCTiRHjjU0gCTAoqvHeTKDbK9OLjH5JNVddpCX68c4wLWtFD4CIoAoIEI6
bIlFfN5LXoygyrVFnrGFdY5bg0bo57/hKGBYirL1MRhfnZlgj0Zbj7BzHijeb9w0
dZbUx3uGI58pm+H0ZuHqlNmldP1CZl8nDELYGu1PzhAiE1/zLx5gNuWAw582Hs9D
JUd4Ov5au1DYqkJ0L2/dM/0fpQFdf8J5RrHq4XmJMaZn9uVNzR50hBgTaZEOfAeR
Np8iIz2qRIwqnAb4nyqRSZikETlwEiNsMel9AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUzl+13EgcjNfpSWDG04i4M8cYblowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3psLTEzRWdjak5mcFNX
REcwNGk0TThjWWJsby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAExFYSqWWlyglFBhRg7VDo2cmP4tp+3x
8ir/vKycdDYKEaq5gBzrKuLVOQhIo3cEaKSffMawor4q4zpwJzaPxLf0bZ/PuukJ
1VAAJ5kYZwucarG9bdCsmsZ99/Fv5U2YVf0/0Ezpld0kvrEFgac//YGQC5Qqbfdb
QsmOTIQWSwaPRkM++F1wRMdiBd3pGKWhg6Me+xR6Tlp9oeIlwy05/jxprLGr9SLM
OKmbZTyPHvZTBEAHqXoNA/RjefNFADFRU2x6FE8BLX+tHXaPVAz5uW60atrJpxiU
gVtg6V3WkvfqBhZToPF6NqllGdfEn/M0JlfVWSsxeRA70P3sOzM1Gx4=
-----END CERTIFICATE-----
Generated at Sun Apr 21 17:47:08 2024 by rpki-client on console.sobornost.net