Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/OOYfV3733cNfnAFGUVj90EabQPU.roa
File: OOYfV3733cNfnAFGUVj90EabQPU.roa (raw, json)
Hash identifier: D5BoBnPJJ6mi7FqTnLtHebJ2oSb8gaSfuNG8veoGFgk=
Subject key identifier: 38:E6:1F:57:7E:F7:DD:C3:5F:9C:01:46:51:58:FD:D0:46:9B:40:F5
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 39A3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/OOYfV3733cNfnAFGUVj90EabQPU.roa
Signing time: Fri 05 Apr 2024 10:22:25 +0000
ROA not before: Fri 05 Apr 2024 10:22:25 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14755 (0x39a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 5 10:22:25 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=38E61F577EF7DDC35F9C01465158FDD0469B40F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:2a:18:1b:f2:33:33:74:b1:1a:cf:dc:4e:e2:
b7:0d:bd:b3:f5:ea:6b:3b:d9:9b:ef:83:07:86:c7:
3d:c6:15:42:21:dd:1e:db:37:ae:b4:3e:5f:64:4b:
5b:7b:65:48:a1:77:40:fe:e1:c8:98:65:b6:fc:99:
d4:37:7f:de:45:9a:c6:fc:ee:84:ed:42:3d:3e:77:
c5:86:69:6d:75:e4:07:8a:f0:6c:ae:3f:e6:68:bd:
2e:d0:b3:37:de:a8:ca:12:a1:41:8d:c6:cd:52:22:
e9:36:93:48:d7:34:40:d3:bc:6b:dc:fd:76:5b:eb:
17:8a:d5:d4:a4:3b:49:72:ed:20:a1:99:78:be:35:
0c:8f:ab:8e:1a:03:24:51:8b:d1:ca:ea:bd:cc:11:
85:97:2f:10:3a:e8:07:38:25:31:80:62:d8:29:3f:
29:a1:48:0a:c7:2f:83:8b:4c:91:75:42:d8:9b:a3:
37:10:55:03:d9:23:37:f2:dd:e2:67:a9:8e:9f:27:
b6:87:bd:c0:a1:52:83:c5:4b:87:9b:e5:d6:4b:62:
69:29:f6:8a:b8:2b:ea:95:56:71:a5:c6:a6:70:9e:
f7:12:e0:6f:7e:ca:cb:a5:64:02:bf:24:ed:96:a9:
a6:aa:3d:2b:c3:05:6b:37:54:81:d4:94:c7:d4:9e:
34:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:E6:1F:57:7E:F7:DD:C3:5F:9C:01:46:51:58:FD:D0:46:9B:40:F5
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/OOYfV3733cNfnAFGUVj90EabQPU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
b9:28:db:6c:8b:73:5a:ea:98:b4:e3:c2:90:5e:d2:82:07:01:
c4:1b:db:a2:91:38:d2:a1:80:fe:6c:43:a7:63:38:2f:6c:96:
1c:1d:71:69:25:47:ca:81:14:0f:48:da:e8:b9:31:88:7a:80:
b6:8f:64:28:e5:74:e7:f2:1e:be:c2:ce:59:e0:b9:86:83:c7:
c1:89:b3:38:0d:24:d9:c9:1a:f4:d1:12:d0:a8:eb:91:df:7c:
05:aa:9d:4f:a2:99:c0:aa:dd:9a:f1:b8:21:86:7c:6c:82:09:
23:05:1c:85:fe:63:77:79:9e:f3:05:cd:43:4c:55:0b:6d:08:
89:ef:76:84:38:e3:9f:ba:e7:3f:7c:f2:34:24:26:cd:01:29:
f5:88:e5:bc:61:9c:4d:e6:78:4b:ce:e8:db:3c:33:93:4b:d4:
2c:41:0b:b8:ca:8d:61:d1:da:2f:c1:01:54:d7:4d:4f:ea:1e:
d8:cd:02:a9:2f:b7:86:19:9c:7a:7c:33:dc:63:2b:cc:5d:bf:
64:4c:21:05:88:e8:f2:ef:a5:dd:89:13:2a:b3:70:0e:ff:b0:
a4:4d:14:72:55:ba:55:37:8a:2e:95:c3:00:55:ea:f4:68:dc:
81:71:4a:b7:6c:8f:06:77:49:ae:b0:1c:6d:fe:19:bf:a9:af:
20:0b:fd:e7
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICOaMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDUx
MDIyMjVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM4RTYxRjU3N0VGN0RE
QzM1RjlDMDE0NjUxNThGREQwNDY5QjQwRjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcKhgb8jMzdLEaz9xO4rcNvbP16ms72ZvvgweGxz3GFUIh3R7b
N660Pl9kS1t7ZUihd0D+4ciYZbb8mdQ3f95Fmsb87oTtQj0+d8WGaW115AeK8Gyu
P+ZovS7QszfeqMoSoUGNxs1SIuk2k0jXNEDTvGvc/XZb6xeK1dSkO0ly7SChmXi+
NQyPq44aAyRRi9HK6r3MEYWXLxA66Ac4JTGAYtgpPymhSArHL4OLTJF1QtibozcQ
VQPZIzfy3eJnqY6fJ7aHvcChUoPFS4eb5dZLYmkp9oq4K+qVVnGlxqZwnvcS4G9+
ysulZAK/JO2WqaaqPSvDBWs3VIHUlMfUnjQvAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUOOYfV3733cNfnAFGUVj90EabQPUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L09PWWZWMzczM2NOZm5B
RkdVVmo5MEVhYlFQVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBALko22yLc1rqmLTjwpBe0oIHAcQb26KR
ONKhgP5sQ6djOC9slhwdcWklR8qBFA9I2ui5MYh6gLaPZCjldOfyHr7CzlnguYaD
x8GJszgNJNnJGvTREtCo65HffAWqnU+imcCq3ZrxuCGGfGyCCSMFHIX+Y3d5nvMF
zUNMVQttCInvdoQ445+65z988jQkJs0BKfWI5bxhnE3meEvO6Ns8M5NL1CxBC7jK
jWHR2i/BAVTXTU/qHtjNAqkvt4YZnHp8M9xjK8xdv2RMIQWI6PLvpd2JEyqzcA7/
sKRNFHJVulU3ii6VwwBV6vRo3IFxSrdsjwZ3Sa6wHG3+Gb+pryAL/ec=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:22 2024 by rpki-client on console-fra.rpki-client.org