Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/OgP31SbrtVo_1bBmGltetKiq2pk.roa
File: OgP31SbrtVo_1bBmGltetKiq2pk.roa (raw, json)
Hash identifier: NWfbEd1/4jhD1VWvaeRhb7I9OaZDNypb3KJya1ZQzHQ=
Subject key identifier: 3A:03:F7:D5:26:EB:B5:5A:3F:D5:B0:66:1A:5B:5E:B4:A8:AA:DA:99
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 41A7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/OgP31SbrtVo_1bBmGltetKiq2pk.roa
Signing time: Tue 16 Apr 2024 02:52:55 +0000
ROA not before: Tue 16 Apr 2024 02:52:55 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16807 (0x41a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 16 02:52:55 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3A03F7D526EBB55A3FD5B0661A5B5EB4A8AADA99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:7f:fb:a9:f0:4b:79:44:36:94:2f:f3:75:96:
75:ba:da:14:ce:e9:91:3f:99:9d:63:f8:1a:85:0b:
3e:58:52:d9:44:f5:30:23:1f:a4:10:5d:3b:e4:95:
72:ec:36:4c:40:61:59:47:08:1a:8a:dd:9f:f4:19:
cd:5e:43:1b:35:55:00:1b:7c:e8:e0:1a:a2:78:4e:
72:21:fc:af:bb:e7:ad:dd:02:f8:81:26:fb:12:cd:
35:cb:13:b7:dd:15:7a:65:aa:7a:22:74:60:a4:c9:
da:52:66:7a:4e:b7:49:79:4b:a4:e6:10:cd:cb:e0:
a9:7a:3c:b2:47:c5:c5:3b:65:2c:24:33:38:0f:a2:
56:6f:8e:60:e4:4e:06:72:6b:32:57:c2:20:d9:76:
c9:af:d8:9a:ff:75:32:cf:ff:c7:d5:60:18:40:32:
bb:eb:79:cd:63:56:ab:51:92:4d:eb:8c:89:41:79:
f5:23:74:86:ed:6e:79:3c:b3:47:71:37:93:c0:5e:
3b:27:cd:ae:a5:ff:a8:37:02:c5:27:72:f1:43:00:
fc:cf:ce:ad:72:92:fd:37:14:65:39:96:db:7c:3f:
fc:66:53:d2:3e:e5:f8:bc:a0:bc:2c:f9:3d:43:b5:
5a:13:05:68:e0:2c:4f:fa:91:26:f8:cc:9d:27:0e:
3c:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:03:F7:D5:26:EB:B5:5A:3F:D5:B0:66:1A:5B:5E:B4:A8:AA:DA:99
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/OgP31SbrtVo_1bBmGltetKiq2pk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
24:a0:d3:2c:75:c5:be:ad:23:ce:df:cc:e6:82:e2:85:12:08:
1b:b7:45:df:69:b7:ea:f0:a2:d5:85:94:40:17:cf:ad:25:b7:
57:00:7b:c4:68:78:2b:0c:46:55:b1:b1:74:3b:ae:70:f9:74:
dc:ab:8e:c9:87:74:10:9b:76:d8:cd:66:3a:31:45:4c:ca:35:
1f:35:43:dd:81:e3:f8:4b:5f:30:98:29:29:66:05:e3:82:2a:
4b:3b:c8:22:88:80:9f:b8:d9:57:17:9e:2f:41:9a:6a:df:12:
31:48:6f:2a:d0:00:d2:59:a3:4a:9b:3b:7b:c5:2a:66:6f:5d:
c6:88:ca:c3:66:c0:4c:e2:1f:b7:02:d7:a9:c2:56:65:f8:19:
72:4e:fd:90:3e:b0:06:22:36:33:ed:78:eb:63:e4:4e:a9:d5:
58:81:d3:00:b8:ff:2b:a1:b8:ab:42:b3:b0:13:f7:73:1b:45:
c8:12:c0:d1:e4:60:41:84:18:e4:c7:32:8a:ca:5b:45:45:98:
de:fb:d3:4e:12:a8:3f:3d:f1:2a:56:e9:5d:2e:49:c8:b1:bf:
ef:52:53:c7:0a:23:24:6f:82:5d:c9:a3:ed:12:57:cc:5a:f6:
51:80:65:26:c3:bc:02:86:d4:a8:07:0a:ae:68:a5:ee:49:84:
6c:00:ed:8f
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQacwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTYw
MjUyNTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNBMDNGN0Q1MjZFQkI1
NUEzRkQ1QjA2NjFBNUI1RUI0QThBQURBOTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlf/up8Et5RDaUL/N1lnW62hTO6ZE/mZ1j+BqFCz5YUtlE9TAj
H6QQXTvklXLsNkxAYVlHCBqK3Z/0Gc1eQxs1VQAbfOjgGqJ4TnIh/K+7563dAviB
JvsSzTXLE7fdFXplqnoidGCkydpSZnpOt0l5S6TmEM3L4Kl6PLJHxcU7ZSwkMzgP
olZvjmDkTgZyazJXwiDZdsmv2Jr/dTLP/8fVYBhAMrvrec1jVqtRkk3rjIlBefUj
dIbtbnk8s0dxN5PAXjsnza6l/6g3AsUncvFDAPzPzq1ykv03FGU5ltt8P/xmU9I+
5fi8oLws+T1DtVoTBWjgLE/6kSb4zJ0nDjxZAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUOgP31SbrtVo/1bBmGltetKiq2pkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L09nUDMxU2JydFZvXzFi
Qm1HbHRldEtpcTJway5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBACSg0yx1xb6tI87fzOaC4oUSCBu3Rd9p
t+rwotWFlEAXz60lt1cAe8RoeCsMRlWxsXQ7rnD5dNyrjsmHdBCbdtjNZjoxRUzK
NR81Q92B4/hLXzCYKSlmBeOCKks7yCKIgJ+42VcXni9BmmrfEjFIbyrQANJZo0qb
O3vFKmZvXcaIysNmwEziH7cC16nCVmX4GXJO/ZA+sAYiNjPteOtj5E6p1ViB0wC4
/yuhuKtCs7AT93MbRcgSwNHkYEGEGOTHMorKW0VFmN77004SqD898SpW6V0uScix
v+9SU8cKIyRvgl3Jo+0SV8xa9lGAZSbDvAKG1KgHCq5ope5JhGwA7Y8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:38 2024 by rpki-client on console-ams.rpki-client.org