Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/DGf8hx9tCrNimMhoF4lf6rmCPlE.roa
File: DGf8hx9tCrNimMhoF4lf6rmCPlE.roa (raw, json)
Hash identifier: W1fu4XF8xH0oNJX6eiIFV0Gpd7hyk0TStOSHpQAqjo4=
Subject key identifier: 0C:67:FC:87:1F:6D:0A:B3:62:98:C8:68:17:89:5F:EA:B9:82:3E:51
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5093
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/DGf8hx9tCrNimMhoF4lf6rmCPlE.roa
Signing time: Mon 06 May 2024 00:23:49 +0000
ROA not before: Mon 06 May 2024 00:23:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20627 (0x5093)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 6 00:23:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0C67FC871F6D0AB36298C86817895FEAB9823E51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:aa:73:61:e2:fc:ca:47:06:8f:9f:8d:c0:a1:
45:66:44:9c:9b:61:0e:1d:91:35:fd:50:aa:9a:98:
0d:4a:77:df:86:3f:7e:b4:75:5f:d3:60:ee:45:fb:
1e:60:aa:32:38:0b:44:a7:d4:d0:ce:58:a3:7b:20:
c4:68:14:ed:ca:69:47:84:94:45:28:b3:71:51:db:
b2:e8:72:f6:9b:d1:a5:a4:4e:a9:6b:47:52:f3:c9:
e3:2c:05:cf:14:94:4a:f0:f2:3e:d5:f1:0f:f5:05:
96:47:af:b0:71:5a:dd:6c:a9:a7:6e:c0:f8:bb:4b:
d6:a8:58:86:f9:6b:f5:37:dc:c8:d4:4d:39:ab:43:
b7:43:6b:e5:df:b6:6f:af:7e:a4:dd:45:5c:b7:54:
4f:1e:fd:1f:18:de:0b:1f:59:42:07:13:c0:7e:4c:
0f:9b:b0:d4:2c:a2:7b:d5:9d:1a:7b:6d:30:0d:74:
ea:7e:86:c1:de:d7:29:d1:e6:76:7c:ff:e6:d6:79:
2b:8b:ce:4b:01:37:87:5a:fd:04:9a:b2:17:fb:e8:
bd:7a:14:2b:f6:bb:9d:fa:cf:46:39:0c:61:ec:f8:
52:ae:9b:a6:77:ae:82:f0:d8:d8:1a:9b:92:55:a4:
1c:6c:29:7c:b4:44:5b:58:c8:1c:4d:1b:81:8e:58:
98:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:67:FC:87:1F:6D:0A:B3:62:98:C8:68:17:89:5F:EA:B9:82:3E:51
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/DGf8hx9tCrNimMhoF4lf6rmCPlE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
77:fa:ca:6d:21:c7:7a:9e:d2:0d:e4:10:50:1c:b0:9c:77:60:
6f:93:e8:67:90:dc:79:ac:e4:3a:84:5b:fb:70:65:99:58:8e:
41:15:8d:05:ad:c4:49:63:c8:24:f7:71:0c:e4:f5:a3:4d:b1:
1a:ea:0e:21:8c:a5:66:5a:fa:19:50:b3:d6:94:3d:06:f4:30:
6f:fe:e9:0f:8d:74:02:c1:b4:1e:d5:b2:47:0d:e1:cf:ed:1f:
a1:ed:eb:6b:dc:39:10:c5:72:f9:31:70:5d:ce:8f:2b:ca:25:
5d:f3:76:3c:fd:cd:00:6c:fb:45:9b:a2:9d:14:35:48:68:98:
8f:a5:a6:7a:c3:b6:0d:6e:f2:04:bd:a6:45:d1:b5:ec:4b:dd:
ae:38:7e:3a:46:dc:f2:e9:1c:b1:3e:14:7a:2b:95:18:b3:0a:
52:c4:01:f9:37:46:68:cf:d4:32:4e:78:a5:40:a1:dc:92:f8:
b1:50:dc:50:7a:5e:a0:c0:83:5e:df:58:44:2e:d3:9a:05:9b:
3c:50:e2:5e:08:b0:fb:1c:e0:d8:22:30:25:b6:33:e2:71:fc:
ba:45:bf:d0:dd:bc:14:12:80:de:1d:f4:44:19:31:0c:ef:d1:
11:91:41:ea:eb:29:b7:01:1b:ea:66:d4:c9:50:d0:f8:71:b8:
ba:5a:42:52
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICUJMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDYw
MDIzNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBDNjdGQzg3MUY2RDBB
QjM2Mjk4Qzg2ODE3ODk1RkVBQjk4MjNFNTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbqnNh4vzKRwaPn43AoUVmRJybYQ4dkTX9UKqamA1Kd9+GP360
dV/TYO5F+x5gqjI4C0Sn1NDOWKN7IMRoFO3KaUeElEUos3FR27Locvab0aWkTqlr
R1LzyeMsBc8UlErw8j7V8Q/1BZZHr7BxWt1sqaduwPi7S9aoWIb5a/U33MjUTTmr
Q7dDa+Xftm+vfqTdRVy3VE8e/R8Y3gsfWUIHE8B+TA+bsNQsonvVnRp7bTANdOp+
hsHe1ynR5nZ8/+bWeSuLzksBN4da/QSashf76L16FCv2u536z0Y5DGHs+FKum6Z3
roLw2Ngam5JVpBxsKXy0RFtYyBxNG4GOWJgJAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUDGf8hx9tCrNimMhoF4lf6rmCPlEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0RHZjhoeDl0Q3JOaW1N
aG9GNGxmNnJtQ1BsRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAHf6ym0hx3qe0g3kEFAcsJx3YG+T6GeQ
3Hms5DqEW/twZZlYjkEVjQWtxEljyCT3cQzk9aNNsRrqDiGMpWZa+hlQs9aUPQb0
MG/+6Q+NdALBtB7VskcN4c/tH6Ht62vcORDFcvkxcF3OjyvKJV3zdjz9zQBs+0Wb
op0UNUhomI+lpnrDtg1u8gS9pkXRtexL3a44fjpG3PLpHLE+FHorlRizClLEAfk3
RmjP1DJOeKVAodyS+LFQ3FB6XqDAg17fWEQu05oFmzxQ4l4IsPsc4NgiMCW2M+Jx
/LpFv9DdvBQSgN4d9EQZMQzv0RGRQerrKbcBG+pm1MlQ0PhxuLpaQlI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:24 2024 by rpki-client on console-ams.rpki-client.org