Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/DmBj1aX-OlLhjDXVVs0wliFQU3o.roa
File: DmBj1aX-OlLhjDXVVs0wliFQU3o.roa (raw, json)
Hash identifier: pvF1woAbWwGxtsnAKBvKUPyYTq6iTu4DcSV2UDsXiqw=
Subject key identifier: 0E:60:63:D5:A5:FE:3A:52:E1:8C:35:D5:56:CD:30:96:21:50:53:7A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4547
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/DmBj1aX-OlLhjDXVVs0wliFQU3o.roa
Signing time: Sat 20 Apr 2024 22:53:13 +0000
ROA not before: Sat 20 Apr 2024 22:53:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17735 (0x4547)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 22:53:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0E6063D5A5FE3A52E18C35D556CD30962150537A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:99:4b:d8:cb:3c:bc:2b:1e:59:7a:ef:6d:4c:
7a:5e:9c:a9:67:ef:2e:6d:da:13:6c:59:49:c6:f6:
e7:da:7e:f0:79:9c:42:71:75:53:25:52:cf:00:4a:
bb:3e:94:fc:65:b0:27:b0:ff:d7:1f:af:57:ee:90:
93:d5:ba:4b:a9:6e:7d:90:32:5c:2d:db:21:13:c1:
56:ce:27:3c:0c:b8:39:db:f8:8e:b8:eb:f9:7e:12:
90:dc:74:23:99:73:6a:85:ec:84:0e:07:9e:e9:ae:
f5:1e:33:a7:49:2e:c3:85:3f:4d:63:ca:11:48:50:
46:8b:3c:7d:af:44:a5:75:6f:a6:4c:bb:6a:3b:d4:
72:21:d9:0b:5f:fc:18:d8:01:ae:bd:e9:d3:f3:66:
87:ad:3a:15:16:ea:49:aa:d6:13:66:3a:15:06:ce:
6f:fd:27:6a:35:b0:72:14:84:c4:a9:d9:06:03:e3:
92:c2:1b:13:6e:12:32:b9:26:aa:53:88:0b:61:42:
90:6c:df:75:5a:1b:4e:84:43:88:73:b1:4c:d9:1f:
64:e5:13:16:8e:2d:1f:51:2a:b8:d2:d2:18:12:a1:
34:02:42:5b:9b:a1:2a:24:f2:7e:76:00:3e:58:b0:
3b:b3:11:90:e6:82:39:7c:6e:9d:6a:0e:4e:0d:7e:
99:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:60:63:D5:A5:FE:3A:52:E1:8C:35:D5:56:CD:30:96:21:50:53:7A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/DmBj1aX-OlLhjDXVVs0wliFQU3o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
a0:c7:a6:8f:66:b1:53:b4:3b:2c:a2:b9:84:2d:ea:49:07:14:
23:d7:b1:2f:86:89:f5:d8:54:22:75:39:5c:cf:80:e9:9f:87:
ec:07:40:dc:68:f5:c4:eb:2b:2c:c6:68:c4:38:c2:53:2d:0b:
d2:06:d3:29:c1:9f:fe:3a:62:73:5f:77:c4:68:30:bd:d9:d8:
53:7d:0d:26:c1:6a:cc:1f:ad:b5:3c:92:d3:9f:4e:f7:d8:88:
35:60:55:92:89:63:a0:82:e8:67:7d:14:04:c3:95:34:e5:49:
39:86:64:09:1b:80:57:b3:af:93:c9:bb:5d:3e:7e:f3:56:13:
ef:67:0c:2c:20:a1:8b:ec:51:97:79:d1:b9:a3:06:0a:cc:74:
07:d4:7e:bf:1f:8c:23:b6:06:da:43:84:c3:d3:0d:e8:ec:40:
bc:f1:ca:9f:c6:35:dc:71:91:5a:69:f5:89:75:23:86:12:0a:
6a:e9:47:98:d7:ea:ac:4e:53:c8:2d:e6:1b:4a:59:39:f8:e1:
87:a6:6c:68:91:71:e4:20:c8:fa:27:6c:fa:20:2a:ba:6a:15:
2d:a9:88:2e:a6:88:2d:f8:fb:b3:94:46:dd:c0:30:61:cf:b9:
0e:63:21:34:7b:b7:7f:0d:38:e0:b3:b6:79:56:61:b3:b8:60:
70:98:64:cf
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICRUcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAy
MjUzMTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBFNjA2M0Q1QTVGRTNB
NTJFMThDMzVENTU2Q0QzMDk2MjE1MDUzN0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCamUvYyzy8Kx5Zeu9tTHpenKln7y5t2hNsWUnG9ufafvB5nEJx
dVMlUs8ASrs+lPxlsCew/9cfr1fukJPVukupbn2QMlwt2yETwVbOJzwMuDnb+I64
6/l+EpDcdCOZc2qF7IQOB57prvUeM6dJLsOFP01jyhFIUEaLPH2vRKV1b6ZMu2o7
1HIh2Qtf/BjYAa696dPzZoetOhUW6kmq1hNmOhUGzm/9J2o1sHIUhMSp2QYD45LC
GxNuEjK5JqpTiAthQpBs33VaG06EQ4hzsUzZH2TlExaOLR9RKrjS0hgSoTQCQlub
oSok8n52AD5YsDuzEZDmgjl8bp1qDk4NfpmHAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUDmBj1aX+OlLhjDXVVs0wliFQU3owHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0RtQmoxYVgtT2xMaGpE
WFZWczB3bGlGUVUzby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAKDHpo9msVO0OyyiuYQt6kkHFCPXsS+G
ifXYVCJ1OVzPgOmfh+wHQNxo9cTrKyzGaMQ4wlMtC9IG0ynBn/46YnNfd8RoML3Z
2FN9DSbBaswfrbU8ktOfTvfYiDVgVZKJY6CC6Gd9FATDlTTlSTmGZAkbgFezr5PJ
u10+fvNWE+9nDCwgoYvsUZd50bmjBgrMdAfUfr8fjCO2BtpDhMPTDejsQLzxyp/G
NdxxkVpp9Yl1I4YSCmrpR5jX6qxOU8gt5htKWTn44YembGiRceQgyPonbPogKrpq
FS2piC6miC34+7OURt3AMGHPuQ5jITR7t38NOOCztnlWYbO4YHCYZM8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:14 2024 by rpki-client on console-fra.rpki-client.org