Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/OFN2BvrgDH7HkeXhMyugNYfFedU.roa
File: OFN2BvrgDH7HkeXhMyugNYfFedU.roa (raw, json)
Hash identifier: +wtK4nVsT54UyJdFmsMIhA8tTCT4bVqj6dIgvfR9m/s=
Subject key identifier: 38:53:76:06:FA:E0:0C:7E:C7:91:E5:E1:33:2B:A0:35:87:C5:79:D5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5213
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/OFN2BvrgDH7HkeXhMyugNYfFedU.roa
Signing time: Wed 08 May 2024 00:24:01 +0000
ROA not before: Wed 08 May 2024 00:24:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21011 (0x5213)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 8 00:24:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=38537606FAE00C7EC791E5E1332BA03587C579D5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:cf:c0:25:2d:d2:a8:3c:f7:b9:27:d3:74:61:
a6:59:4b:22:13:1b:ad:2f:1c:d6:ff:c4:f2:91:33:
22:a2:0f:1b:12:e7:a8:da:a0:2e:5d:e3:28:23:58:
d4:2f:95:b8:51:1c:db:e7:90:cc:2f:21:2d:e9:af:
29:a5:b7:41:35:e5:23:9c:9b:da:0d:42:76:01:20:
f1:31:ce:25:1d:74:1c:46:cf:06:02:e5:75:9a:a4:
91:f2:43:e3:48:2f:52:a6:e4:35:97:f8:77:76:ec:
03:cf:72:e9:2b:d2:7a:f7:4d:2d:c5:cb:c2:ea:ee:
c0:75:e9:29:31:2d:1f:fe:42:84:59:13:61:d0:08:
c8:1a:4e:82:98:32:18:05:5e:40:aa:e8:d6:dc:e6:
c4:48:43:ec:9a:e9:cf:62:18:73:51:ca:1b:94:5c:
96:3f:0c:29:3a:09:50:54:e3:63:21:d9:6d:36:92:
b2:5a:63:45:92:ad:2c:8e:a8:8b:a1:96:7a:49:67:
c1:84:b0:ec:db:ce:ab:e2:2c:ab:19:08:66:9c:c2:
36:c4:72:dc:75:83:15:56:07:9d:9d:59:7e:81:1b:
2a:72:a6:b3:25:7d:73:5d:ea:f1:8f:e1:6e:13:8f:
c7:75:9c:5f:09:72:70:89:7e:9a:fa:41:f9:fd:a0:
9e:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:53:76:06:FA:E0:0C:7E:C7:91:E5:E1:33:2B:A0:35:87:C5:79:D5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/OFN2BvrgDH7HkeXhMyugNYfFedU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
68:da:20:31:d5:45:a6:87:32:f7:00:43:15:36:54:0b:48:68:
2a:a5:2d:16:69:a6:10:59:31:f4:35:03:5c:eb:6e:da:da:98:
cb:c9:3a:59:96:47:0d:5c:6f:17:9f:4d:be:b2:bf:3a:dd:2e:
dc:ad:38:3d:79:88:d7:55:db:bc:65:ba:b1:a7:97:c6:d0:f0:
7f:36:13:96:a8:12:09:36:47:3b:88:db:09:ec:c6:90:31:2a:
b0:9b:ee:4f:08:d5:e6:9e:e2:2f:ad:90:ca:64:0f:de:70:b4:
ff:e9:4f:25:bf:37:51:e9:e4:d3:b4:52:b7:1a:df:84:a2:ae:
99:5c:0e:3b:2a:4f:24:1c:55:70:ba:24:ea:76:a8:20:2f:28:
1d:97:82:80:7c:75:31:93:e2:64:b2:91:41:31:de:95:76:db:
9d:b2:d1:2c:ac:24:6e:5b:0d:b3:b6:01:4c:50:50:d3:64:89:
45:a4:83:55:e6:41:8e:49:6e:92:b5:96:8e:03:31:53:86:d7:
03:b0:bf:7b:a8:b4:62:87:a4:3e:f6:b8:90:9f:54:cf:50:d0:
21:af:4b:45:a5:9d:28:be:f8:d2:cb:ba:a1:33:9a:cc:7d:34:
09:33:38:69:04:a8:8c:30:65:0c:42:c2:4a:a7:16:fd:f1:56:
5b:59:e6:0a
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICUhMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDgw
MDI0MDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM4NTM3NjA2RkFFMDBD
N0VDNzkxRTVFMTMzMkJBMDM1ODdDNTc5RDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSz8AlLdKoPPe5J9N0YaZZSyITG60vHNb/xPKRMyKiDxsS56ja
oC5d4ygjWNQvlbhRHNvnkMwvIS3prymlt0E15SOcm9oNQnYBIPExziUddBxGzwYC
5XWapJHyQ+NIL1Km5DWX+Hd27APPcukr0nr3TS3Fy8Lq7sB16SkxLR/+QoRZE2HQ
CMgaToKYMhgFXkCq6Nbc5sRIQ+ya6c9iGHNRyhuUXJY/DCk6CVBU42Mh2W02krJa
Y0WSrSyOqIuhlnpJZ8GEsOzbzqviLKsZCGacwjbEctx1gxVWB52dWX6BGypyprMl
fXNd6vGP4W4Tj8d1nF8JcnCJfpr6Qfn9oJ5RAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUOFN2BvrgDH7HkeXhMyugNYfFedUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L09GTjJCdnJnREg3SGtl
WGhNeXVnTllmRmVkVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAGjaIDHVRaaHMvcAQxU2VAtIaCqlLRZp
phBZMfQ1A1zrbtramMvJOlmWRw1cbxefTb6yvzrdLtytOD15iNdV27xlurGnl8bQ
8H82E5aoEgk2RzuI2wnsxpAxKrCb7k8I1eae4i+tkMpkD95wtP/pTyW/N1Hp5NO0
Urca34SirplcDjsqTyQcVXC6JOp2qCAvKB2XgoB8dTGT4mSykUEx3pV2252y0Sys
JG5bDbO2AUxQUNNkiUWkg1XmQY5JbpK1lo4DMVOG1wOwv3uotGKHpD72uJCfVM9Q
0CGvS0WlnSi++NLLuqEzmsx9NAkzOGkEqIwwZQxCwkqnFv3xVltZ5go=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:36 2024 by rpki-client on console-ams.rpki-client.org