Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/OeULBtQB_VdJXTyd9H5aKouYxYA.roa
File: OeULBtQB_VdJXTyd9H5aKouYxYA.roa (raw, json)
Hash identifier: LsGmhItEDDW5WswvmFaeXurtITQSc9gLt0pAk/6oWww=
Subject key identifier: 39:E5:0B:06:D4:01:FD:57:49:5D:3C:9D:F4:7E:5A:2A:8B:98:C5:80
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 34D3
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/OeULBtQB_VdJXTyd9H5aKouYxYA.roa
Signing time: Sat 30 Mar 2024 00:22:08 +0000
ROA not before: Sat 30 Mar 2024 00:22:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13523 (0x34d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 00:22:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=39E50B06D401FD57495D3C9DF47E5A2A8B98C580
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:3e:9e:36:94:be:76:37:b0:9d:ab:0b:77:95:
51:c7:fb:51:aa:6f:c3:eb:94:04:6d:6b:93:0a:78:
5e:1b:5a:c6:e5:3a:ba:4e:14:60:8e:9b:ac:d1:60:
f9:97:c6:de:b8:5c:2e:1c:35:08:d7:fb:b2:24:bd:
1e:d1:0a:5b:35:f9:8b:19:5e:b5:40:ca:b7:87:48:
f1:7f:62:ab:79:7b:89:32:a5:f0:35:16:44:84:37:
34:ba:20:df:fb:e8:07:ff:14:38:5a:5c:ea:98:42:
2b:37:52:89:5c:50:eb:0a:63:f7:c4:20:a7:96:4a:
f0:d3:c1:fc:59:7a:9f:ba:df:7d:13:2f:34:7c:f2:
4f:88:ee:37:14:9f:90:5b:5c:18:be:2e:69:7e:f0:
ea:4b:28:b6:e3:1e:b7:6f:5e:8b:f8:22:32:06:cb:
6e:fa:22:f9:9c:8e:61:77:5c:1d:1f:df:9f:8c:4d:
f0:ad:46:e8:ab:ec:73:4a:cf:ef:30:32:a0:26:a3:
25:64:c5:9a:11:c7:cd:2f:fd:aa:95:2f:3f:66:df:
62:5b:56:7d:d5:4f:b6:f6:86:33:ba:57:a1:04:a2:
cf:b2:e5:98:40:4a:05:fa:f9:db:16:04:41:79:78:
02:3d:71:e3:3c:32:14:dd:4f:63:9e:85:ca:e8:c4:
de:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:E5:0B:06:D4:01:FD:57:49:5D:3C:9D:F4:7E:5A:2A:8B:98:C5:80
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/OeULBtQB_VdJXTyd9H5aKouYxYA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
00:76:1f:05:3f:e3:f8:a6:02:a2:0d:82:98:eb:2b:5f:9e:d1:
2b:ba:39:bf:53:14:dd:92:f4:79:f5:9a:e0:77:2d:13:fa:a0:
9a:42:98:ce:59:75:66:11:31:f6:f3:00:c7:c4:2a:12:c9:67:
48:d2:9e:30:69:4b:81:9c:97:3a:0b:c5:dd:c1:f1:fd:13:04:
5b:1a:41:45:ae:da:1c:21:bb:91:a4:12:7b:dd:00:f3:4e:6f:
51:89:14:0b:e5:ea:71:b6:85:12:26:bc:c7:e8:87:d9:d1:48:
07:2b:1f:98:ed:77:f4:b3:a0:a2:c2:00:b7:bf:9a:df:10:c9:
d7:c1:8c:bf:fc:04:59:3c:91:6b:3b:dd:fe:73:cc:b6:6e:1b:
19:77:2a:03:d7:96:67:50:49:3d:ca:f3:e5:c7:fa:19:b4:db:
0a:ae:d6:31:59:b5:93:dd:5a:8c:41:f4:37:7f:4d:a5:b7:89:
f0:44:d0:b2:f0:06:b4:a8:58:12:0a:4d:2f:d7:73:fa:39:12:
82:9f:17:f1:cc:be:b2:af:73:87:77:ea:7a:5f:d2:c5:76:f8:
09:fc:75:3c:8f:8f:96:f5:82:29:9f:70:30:db:66:e3:e1:26:
85:88:f0:98:ec:6a:91:1f:28:09:73:2a:c3:7a:b3:83:8b:bc:
b9:4f:52:ba
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNNMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAw
MDIyMDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM5RTUwQjA2RDQwMUZE
NTc0OTVEM0M5REY0N0U1QTJBOEI5OEM1ODAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4Pp42lL52N7Cdqwt3lVHH+1Gqb8PrlARta5MKeF4bWsblOrpO
FGCOm6zRYPmXxt64XC4cNQjX+7IkvR7RCls1+YsZXrVAyreHSPF/Yqt5e4kypfA1
FkSENzS6IN/76Af/FDhaXOqYQis3UolcUOsKY/fEIKeWSvDTwfxZep+6330TLzR8
8k+I7jcUn5BbXBi+Lml+8OpLKLbjHrdvXov4IjIGy276IvmcjmF3XB0f35+MTfCt
Ruir7HNKz+8wMqAmoyVkxZoRx80v/aqVLz9m32JbVn3VT7b2hjO6V6EEos+y5ZhA
SgX6+dsWBEF5eAI9ceM8MhTdT2OehcroxN5TAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUOeULBtQB/VdJXTyd9H5aKouYxYAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L09lVUxCdFFCX1ZkSlhU
eWQ5SDVhS291WXhZQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAAB2HwU/4/imAqINgpjrK1+e0Su6Ob9T
FN2S9Hn1muB3LRP6oJpCmM5ZdWYRMfbzAMfEKhLJZ0jSnjBpS4GclzoLxd3B8f0T
BFsaQUWu2hwhu5GkEnvdAPNOb1GJFAvl6nG2hRImvMfoh9nRSAcrH5jtd/SzoKLC
ALe/mt8QydfBjL/8BFk8kWs73f5zzLZuGxl3KgPXlmdQST3K8+XH+hm02wqu1jFZ
tZPdWoxB9Dd/TaW3ifBE0LLwBrSoWBIKTS/Xc/o5EoKfF/HMvrKvc4d36npf0sV2
+An8dTyPj5b1gimfcDDbZuPhJoWI8JjsapEfKAlzKsN6s4OLvLlPUro=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:37:21 2025 by rpki-client