Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/OCqWPpmTjskHFtOuNuQtBnukGto.roa
File: OCqWPpmTjskHFtOuNuQtBnukGto.roa (raw, json)
Hash identifier: Qm8/nECgTvJgS4aWVWwBdA939WyGqRv9sAjm7MuwaPE=
Subject key identifier: 38:2A:96:3E:99:93:8E:C9:07:16:D3:AE:36:E4:2D:06:7B:A4:1A:DA
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 446F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/OCqWPpmTjskHFtOuNuQtBnukGto.roa
Signing time: Fri 19 Apr 2024 19:53:04 +0000
ROA not before: Fri 19 Apr 2024 19:53:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17519 (0x446f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 19 19:53:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=382A963E99938EC90716D3AE36E42D067BA41ADA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ee:08:58:8b:3c:70:bc:46:c3:d9:bb:df:60:
8b:7b:cc:39:3a:ca:cd:cb:26:7a:67:6c:53:99:de:
d1:d9:65:19:4b:ec:fa:b1:69:22:46:17:8f:71:b5:
32:30:38:ea:7f:2f:10:60:ee:ed:b6:bb:b8:07:9f:
fe:ba:aa:fd:29:ad:07:59:72:bf:50:b9:7a:f3:dd:
80:27:b6:10:0d:20:f0:37:10:46:53:41:9c:ba:1b:
fa:0d:85:66:cf:d8:9a:51:dc:a5:38:86:68:aa:c2:
cf:6e:1c:ff:cd:40:37:6f:0f:68:f7:dc:52:b6:6f:
3c:08:26:72:f5:f4:94:3b:1d:f3:9c:9d:cf:02:05:
67:0b:7f:d8:ea:44:93:85:84:19:21:ec:f1:5e:93:
d6:36:9e:50:78:16:74:8d:0d:a9:e2:94:b3:c7:96:
55:65:5b:47:70:d0:71:98:02:30:8a:77:92:99:bc:
8a:1c:98:2c:f1:4b:8d:90:f9:d1:0c:da:78:c8:13:
55:d2:36:a6:88:fb:cc:0a:b0:f1:7e:7a:92:5c:56:
89:25:f7:e1:9c:0c:b6:84:de:1f:ce:8c:e2:7e:df:
b8:80:26:94:1d:17:2a:b2:65:d5:d8:4a:53:fc:a1:
03:7d:5c:8f:7b:f8:c8:2c:49:74:98:db:d5:2e:08:
44:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:2A:96:3E:99:93:8E:C9:07:16:D3:AE:36:E4:2D:06:7B:A4:1A:DA
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/OCqWPpmTjskHFtOuNuQtBnukGto.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
98:54:43:8c:ec:79:b9:00:94:38:ca:63:aa:a9:f7:5f:9d:12:
2e:fc:21:b4:e0:4e:4f:d5:56:51:fd:ef:76:32:a3:1a:9e:2c:
1b:f0:e7:9a:46:88:c1:51:1f:77:a1:7b:74:34:b3:95:74:b6:
7b:3b:94:a0:1e:4a:cc:27:4f:ca:35:d9:c4:81:33:20:71:74:
a4:54:14:d9:6a:fb:ae:cd:7c:94:f5:fe:25:17:21:9f:f7:2a:
cd:aa:18:36:f0:e6:c0:55:e9:88:6f:2d:61:5d:67:53:2e:55:
40:b5:e7:1f:83:a9:f8:bc:fa:b5:ed:2a:4a:35:92:c6:71:17:
c5:65:b2:99:2a:1b:14:ee:c2:d3:93:4e:61:40:3e:83:84:d2:
d1:61:d9:47:53:c1:3d:0b:2b:37:23:6a:da:ec:9a:ae:a2:94:
d9:38:08:ee:25:99:ff:95:46:cd:d6:f2:9c:01:b4:b8:bc:b7:
ed:08:fd:ad:aa:ab:fe:80:0c:ef:a5:7d:2b:07:bc:14:df:7e:
c1:77:a4:42:14:55:12:e1:ff:b3:9d:02:5b:79:f7:59:18:77:
8a:77:c5:f1:09:ce:1b:02:b8:c8:a7:31:b1:30:43:92:d4:1a:
04:a5:3a:db:57:0d:c9:48:1b:4b:16:46:73:67:df:2a:2a:5d:
e1:63:30:36
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICRG8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTkx
OTUzMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM4MkE5NjNFOTk5MzhF
QzkwNzE2RDNBRTM2RTQyRDA2N0JBNDFBREEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDL7ghYizxwvEbD2bvfYIt7zDk6ys3LJnpnbFOZ3tHZZRlL7Pqx
aSJGF49xtTIwOOp/LxBg7u22u7gHn/66qv0prQdZcr9QuXrz3YAnthANIPA3EEZT
QZy6G/oNhWbP2JpR3KU4hmiqws9uHP/NQDdvD2j33FK2bzwIJnL19JQ7HfOcnc8C
BWcLf9jqRJOFhBkh7PFek9Y2nlB4FnSNDanilLPHllVlW0dw0HGYAjCKd5KZvIoc
mCzxS42Q+dEM2njIE1XSNqaI+8wKsPF+epJcVokl9+GcDLaE3h/OjOJ+37iAJpQd
FyqyZdXYSlP8oQN9XI97+MgsSXSY29UuCES5AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUOCqWPpmTjskHFtOuNuQtBnukGtowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L09DcVdQcG1UanNrSEZ0
T3VOdVF0Qm51a0d0by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAJhUQ4zsebkAlDjKY6qp91+dEi78IbTg
Tk/VVlH973YyoxqeLBvw55pGiMFRH3ehe3Q0s5V0tns7lKAeSswnT8o12cSBMyBx
dKRUFNlq+67NfJT1/iUXIZ/3Ks2qGDbw5sBV6YhvLWFdZ1MuVUC15x+Dqfi8+rXt
Kko1ksZxF8VlspkqGxTuwtOTTmFAPoOE0tFh2UdTwT0LKzcjatrsmq6ilNk4CO4l
mf+VRs3W8pwBtLi8t+0I/a2qq/6ADO+lfSsHvBTffsF3pEIUVRLh/7OdAlt591kY
d4p3xfEJzhsCuMinMbEwQ5LUGgSlOttXDclIG0sWRnNn3yoqXeFjMDY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:22 2024 by rpki-client on console-fra.rpki-client.org