Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/DOCEAys5GVaSjQ1o2XksCk-9ycc.roa
File: DOCEAys5GVaSjQ1o2XksCk-9ycc.roa (raw, json)
Hash identifier: RVNJGuKxXtM7rwQd4jcV3kFgwY4/asLtW7eX6EYtzPw=
Subject key identifier: 0C:E0:84:03:2B:39:19:56:92:8D:0D:68:D9:79:2C:0A:4F:BD:C9:C7
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4B9F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/DOCEAys5GVaSjQ1o2XksCk-9ycc.roa
Signing time: Mon 29 Apr 2024 09:53:30 +0000
ROA not before: Mon 29 Apr 2024 09:53:30 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19359 (0x4b9f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 29 09:53:30 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0CE084032B391956928D0D68D9792C0A4FBDC9C7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6d:50:67:90:de:be:7f:f4:38:1c:75:16:03:
56:ab:c7:fb:c5:ce:ab:91:e6:67:3b:07:46:63:da:
e3:0a:e9:34:d5:1a:c8:f3:3a:9e:3b:a0:5c:65:a0:
83:a8:c7:a6:8d:58:46:35:cd:99:61:91:0c:05:8f:
c4:dc:33:0e:f5:d6:50:ec:4e:df:6e:e2:c1:1a:c0:
9b:10:89:1d:ae:dd:41:e1:a1:05:a4:dd:ef:a3:18:
69:b3:27:e5:e4:ca:6b:70:59:02:76:3d:d5:43:40:
e0:3a:01:08:43:96:f5:bc:a3:2a:d5:a1:e7:1c:8e:
97:4c:3a:6b:20:e7:ed:7c:5b:45:65:3a:ab:e6:55:
76:e0:7f:42:14:24:e0:08:98:6c:48:d9:ed:75:e1:
ee:97:3f:b1:b0:0e:52:f9:0a:21:dc:83:05:ce:50:
8f:f2:59:d8:2d:3b:a8:6d:c6:8a:ef:9a:a7:59:34:
74:2f:5d:38:54:24:cf:5c:75:48:41:d9:70:dd:54:
8e:f9:f2:9d:37:5c:b9:f2:74:6a:66:8a:7c:65:9b:
10:3c:68:1c:13:39:32:ec:10:51:a0:03:4d:20:d9:
2d:68:43:cd:5c:db:a0:7c:1e:38:d5:87:3b:46:8a:
0c:2f:e6:f6:68:3c:37:3c:c6:44:4e:81:5f:7c:9d:
c8:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:E0:84:03:2B:39:19:56:92:8D:0D:68:D9:79:2C:0A:4F:BD:C9:C7
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/DOCEAys5GVaSjQ1o2XksCk-9ycc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
4f:ef:ff:b6:84:30:78:de:5a:ee:0b:98:98:bd:99:7e:bf:bd:
47:b9:36:6d:1f:f0:02:b9:23:d3:5e:fb:12:64:81:cd:51:c8:
02:df:51:72:07:22:20:ae:25:d6:53:54:9d:e3:89:eb:38:18:
07:ec:39:3e:00:c2:32:4f:47:87:99:17:62:ed:9b:98:d4:a5:
a6:e4:79:7b:35:d7:ee:c3:96:c9:98:50:76:71:0c:87:89:1d:
f0:9a:88:7b:e9:d6:ac:db:6e:c0:0f:92:ba:68:27:cf:b3:9b:
e3:6e:6a:fa:60:68:15:dd:bb:97:ab:67:d5:b5:5e:14:79:24:
b5:5b:07:e6:09:7a:aa:e2:c6:2e:e7:33:d1:fb:b6:d5:5e:00:
12:46:58:70:72:2a:15:c7:e5:68:a7:8f:4d:63:aa:ea:68:b8:
1f:5b:86:35:b1:04:08:5f:8e:c6:6b:34:84:3a:bd:7d:ce:b1:
e6:a7:45:eb:44:77:3e:61:41:b8:bc:02:4e:fc:c9:46:3d:cb:
ee:03:14:92:60:60:fd:3a:e8:71:23:0d:06:d4:2c:fd:f9:31:
4a:75:70:63:4b:41:58:ac:a2:e7:02:be:e1:fa:1b:66:f7:78:
dc:7e:14:d9:db:c8:27:aa:75:25:4b:f4:b0:60:2e:72:8c:9b:
34:12:5b:c6
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICS58wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0Mjkw
OTUzMzBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBDRTA4NDAzMkIzOTE5
NTY5MjhEMEQ2OEQ5NzkyQzBBNEZCREM5QzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7bVBnkN6+f/Q4HHUWA1arx/vFzquR5mc7B0Zj2uMK6TTVGsjz
Op47oFxloIOox6aNWEY1zZlhkQwFj8TcMw711lDsTt9u4sEawJsQiR2u3UHhoQWk
3e+jGGmzJ+XkymtwWQJ2PdVDQOA6AQhDlvW8oyrVoeccjpdMOmsg5+18W0VlOqvm
VXbgf0IUJOAImGxI2e114e6XP7GwDlL5CiHcgwXOUI/yWdgtO6htxorvmqdZNHQv
XThUJM9cdUhB2XDdVI758p03XLnydGpminxlmxA8aBwTOTLsEFGgA00g2S1oQ81c
26B8HjjVhztGigwv5vZoPDc8xkROgV98nchvAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUDOCEAys5GVaSjQ1o2XksCk+9yccwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0RPQ0VBeXM1R1ZhU2pR
MW8yWGtzQ2stOXljYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAE/v/7aEMHjeWu4LmJi9mX6/vUe5Nm0f
8AK5I9Ne+xJkgc1RyALfUXIHIiCuJdZTVJ3jies4GAfsOT4AwjJPR4eZF2Ltm5jU
pabkeXs11+7DlsmYUHZxDIeJHfCaiHvp1qzbbsAPkrpoJ8+zm+NuavpgaBXdu5er
Z9W1XhR5JLVbB+YJeqrixi7nM9H7ttVeABJGWHByKhXH5Winj01jqupouB9bhjWx
BAhfjsZrNIQ6vX3OseanRetEdz5hQbi8Ak78yUY9y+4DFJJgYP066HEjDQbULP35
MUp1cGNLQVisoucCvuH6G2b3eNx+FNnbyCeqdSVL9LBgLnKMmzQSW8Y=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:17:35 2025 by rpki-client