Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/1-ogMB2tMfH7HJwxkfd1Ct42n1k.roa
File: 1-ogMB2tMfH7HJwxkfd1Ct42n1k.roa (raw, json)
Hash identifier: vhAebCYWLuX1tYYVO/Kr27ZT4cV0CeAwnVM8+RiXddo=
Subject key identifier: D7:EA:20:30:1D:AD:31:F1:FB:1C:9C:31:91:F7:75:0A:DE:36:9F:59
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 53BB
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/1-ogMB2tMfH7HJwxkfd1Ct42n1k.roa
Signing time: Fri 10 May 2024 05:24:00 +0000
ROA not before: Fri 10 May 2024 05:24:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21435 (0x53bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 10 05:24:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D7EA20301DAD31F1FB1C9C3191F7750ADE369F59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:84:4f:b7:6e:94:a5:62:8c:7d:82:a4:cc:24:
94:5c:a4:b6:58:f2:65:ff:59:60:a7:55:8c:97:a6:
97:6a:ab:ea:2f:a1:3b:20:bb:e5:47:11:8b:e6:98:
b7:76:df:9b:88:6c:10:68:0b:f6:9b:cf:cb:39:8b:
00:48:e9:e7:8e:6c:a5:78:4f:69:19:ed:0d:5a:1f:
0c:ce:38:ea:7b:f7:32:12:e6:34:2c:05:1f:b0:15:
28:90:49:98:fa:23:a5:7e:f2:fd:80:f3:78:d6:f0:
f7:80:a8:40:47:75:d9:44:2c:a3:0e:39:50:a5:1e:
39:c9:09:1b:13:5e:b8:a9:d1:6d:e9:7f:35:8c:ba:
23:f4:e7:27:dc:11:be:66:3d:79:03:0b:a8:f6:b7:
9d:b7:8d:56:c7:1c:64:e5:e9:64:c1:87:d8:be:9c:
f2:10:52:76:db:dc:c2:82:e1:3e:42:84:94:ba:88:
78:8c:23:33:e0:4a:e4:76:9b:aa:f4:5f:a3:0e:6a:
65:97:51:f4:b4:85:02:22:6a:4b:7d:11:f1:0e:64:
a4:4a:3b:77:e8:40:d5:77:94:61:35:35:21:22:48:
09:f3:41:0c:4c:8f:d4:0a:08:28:79:2b:36:6b:34:
01:9c:18:00:00:1c:c8:2c:51:d1:1a:0a:b0:f9:fc:
59:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:EA:20:30:1D:AD:31:F1:FB:1C:9C:31:91:F7:75:0A:DE:36:9F:59
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/1-ogMB2tMfH7HJwxkfd1Ct42n1k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
1f:9d:28:6a:69:6c:5a:df:d1:75:d4:fd:73:f0:5a:be:c2:dd:
f5:15:72:fe:06:99:ef:ea:90:5c:b1:ea:ba:e5:ad:65:52:c4:
06:64:d4:77:11:a4:6a:5d:78:c0:7c:36:a0:2c:0f:27:3c:28:
31:78:51:78:0c:fd:97:5c:8f:cc:30:19:a9:c5:16:ec:25:77:
94:41:0b:f8:b3:31:ee:af:83:5e:8b:a5:44:7f:29:6d:06:2b:
62:b7:24:81:30:51:7f:04:4b:a3:70:b2:5f:99:5f:8f:f1:53:
41:1a:48:bc:0d:f7:af:b7:f8:a1:a4:a5:9c:1c:e5:19:43:ea:
18:fc:66:c1:05:7f:2c:c1:ee:dd:a4:08:3b:89:57:dc:49:6c:
9a:e2:8b:69:44:45:2d:d3:8f:22:5a:19:44:f7:13:5e:ef:b6:
57:23:de:d0:42:7a:c6:46:20:8e:53:e5:75:57:2a:6e:40:d6:
b2:40:74:bb:58:3a:b4:67:fd:fd:ca:62:ed:c2:3d:1b:b8:f8:
93:f5:e1:f7:3f:54:c1:aa:75:e1:b9:67:45:a4:94:41:5d:41:
1b:b6:8b:f5:2e:3e:48:69:4d:d2:c4:46:91:8f:65:38:7e:37:
4b:d6:cf:69:da:42:2a:6e:c8:4b:a7:61:d4:32:7c:69:a9:8e:
59:37:f4:75
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICU7swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTAw
NTI0MDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ3RUEyMDMwMURBRDMx
RjFGQjFDOUMzMTkxRjc3NTBBREUzNjlGNTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDThE+3bpSlYox9gqTMJJRcpLZY8mX/WWCnVYyXppdqq+ovoTsg
u+VHEYvmmLd235uIbBBoC/abz8s5iwBI6eeObKV4T2kZ7Q1aHwzOOOp79zIS5jQs
BR+wFSiQSZj6I6V+8v2A83jW8PeAqEBHddlELKMOOVClHjnJCRsTXrip0W3pfzWM
uiP05yfcEb5mPXkDC6j2t523jVbHHGTl6WTBh9i+nPIQUnbb3MKC4T5ChJS6iHiM
IzPgSuR2m6r0X6MOamWXUfS0hQIiakt9EfEOZKRKO3foQNV3lGE1NSEiSAnzQQxM
j9QKCCh5KzZrNAGcGAAAHMgsUdEaCrD5/FkxAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQU1+ogMB2tMfH7HJwxkfd1Ct42n1kwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3LzEtb2dNQjJ0TWZIN0hK
d3hrZmQxQ3Q0Mm4xay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAB+dKGppbFrf0XXU/XPwWr7C3fUVcv4G
me/qkFyx6rrlrWVSxAZk1HcRpGpdeMB8NqAsDyc8KDF4UXgM/Zdcj8wwGanFFuwl
d5RBC/izMe6vg16LpUR/KW0GK2K3JIEwUX8ES6Nwsl+ZX4/xU0EaSLwN96+3+KGk
pZwc5RlD6hj8ZsEFfyzB7t2kCDuJV9xJbJrii2lERS3TjyJaGUT3E17vtlcj3tBC
esZGII5T5XVXKm5A1rJAdLtYOrRn/f3KYu3CPRu4+JP14fc/VMGqdeG5Z0WklEFd
QRu2i/UuPkhpTdLERpGPZTh+N0vWz2naQipuyEunYdQyfGmpjlk39HU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:02 2024 by rpki-client on console-fra.rpki-client.org