Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/OuzkspR-iX64zCye8JaNs0IPpa0.roa
File: OuzkspR-iX64zCye8JaNs0IPpa0.roa (raw, json)
Hash identifier: yDHhUAYWaE5qFhiZFjFCidW5PNLgDb4eYVimJjXiT04=
Subject key identifier: 3A:EC:E4:B2:94:7E:89:7E:B8:CC:2C:9E:F0:96:8D:B3:42:0F:A5:AD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 43C7
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/OuzkspR-iX64zCye8JaNs0IPpa0.roa
Signing time: Thu 18 Apr 2024 22:53:24 +0000
ROA not before: Thu 18 Apr 2024 22:53:24 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17351 (0x43c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 18 22:53:24 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3AECE4B2947E897EB8CC2C9EF0968DB3420FA5AD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:3c:25:ff:c5:9d:86:7e:33:4d:28:cb:fc:2d:
e1:28:43:be:5f:93:78:18:db:cd:a5:ea:65:9c:c5:
78:e3:9b:e5:9a:14:71:a2:5e:0c:75:83:c8:b0:40:
8e:9d:f5:ad:02:fe:ff:5b:12:b5:0e:76:15:e0:54:
e4:c5:32:43:1e:4a:51:01:98:f9:02:c2:8e:ed:93:
2d:7b:eb:40:38:9b:25:a7:3d:a8:f2:b8:ec:9d:ba:
5c:2b:16:d8:2e:13:91:b2:50:51:63:72:9f:7b:88:
c5:0b:0b:61:49:3c:9b:f7:9d:13:9e:96:ce:8f:ab:
85:f2:9c:07:b9:4e:7c:9b:dc:1f:cd:e7:cf:1f:79:
b8:10:b9:76:ab:22:ef:d2:5d:fd:3c:7c:d0:12:30:
07:c2:91:48:42:de:e8:d6:62:91:5b:f5:c9:2b:45:
0d:71:e6:c4:28:cc:bf:76:b5:c3:c2:ca:dc:53:71:
08:d0:9d:b7:bb:10:99:5d:56:1e:82:f9:b9:b9:d7:
28:7f:15:a5:6f:f0:d9:2f:45:d1:db:eb:2b:30:fc:
b4:37:71:38:20:23:74:75:56:a4:c5:8b:58:59:8e:
81:67:08:2a:4b:b5:48:76:00:e3:4a:3a:e5:7f:fb:
60:d7:93:e0:a8:60:6b:b9:bf:05:91:72:66:e6:d0:
d9:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:EC:E4:B2:94:7E:89:7E:B8:CC:2C:9E:F0:96:8D:B3:42:0F:A5:AD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/OuzkspR-iX64zCye8JaNs0IPpa0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
22:42:ab:43:7d:ac:66:08:2e:83:d8:67:fa:3a:3a:b7:04:fd:
07:dc:eb:cc:41:2a:2e:89:89:7d:de:38:47:90:38:6d:0c:7f:
b3:c9:70:18:a9:16:3c:08:2b:22:31:bd:d3:52:0d:9f:e2:09:
0f:ae:45:ac:25:14:61:47:1d:fd:48:4b:27:92:6e:30:8d:7f:
6e:41:d9:b7:78:c8:72:0f:7d:ae:5a:b6:1d:ab:e8:c0:06:79:
f1:a7:d1:e5:f0:61:30:22:b9:c7:25:8a:8d:6a:c1:4e:54:c6:
89:95:e2:6e:bb:b1:e8:36:f9:4c:bf:24:2b:8c:2f:99:79:e0:
43:b6:43:c3:9e:9a:9c:da:33:5a:1f:e4:3b:3a:7e:18:37:63:
92:f3:c6:3e:2b:0c:7a:e2:91:11:a0:50:0f:40:28:b4:06:bb:
ff:e7:9d:a9:19:08:96:83:29:4d:7b:ba:4f:86:9e:a6:20:40:
b6:b9:1c:55:43:74:7e:ee:20:bb:bb:c7:4a:74:fb:52:73:a1:
48:c8:df:10:b6:93:f4:e4:9a:8d:d6:70:35:3a:45:5a:a3:68:
e2:b5:46:0f:4c:2b:4d:f4:04:a6:c9:a3:1a:79:09:68:f7:9f:
58:84:b4:49:92:97:1f:59:9a:4e:be:48:be:e0:57:a3:98:3b:
f7:95:d3:97
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQ8cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTgy
MjUzMjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNBRUNFNEIyOTQ3RTg5
N0VCOENDMkM5RUYwOTY4REIzNDIwRkE1QUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCXPCX/xZ2GfjNNKMv8LeEoQ75fk3gY282l6mWcxXjjm+WaFHGi
Xgx1g8iwQI6d9a0C/v9bErUOdhXgVOTFMkMeSlEBmPkCwo7tky1760A4myWnPajy
uOydulwrFtguE5GyUFFjcp97iMULC2FJPJv3nROels6Pq4XynAe5Tnyb3B/N588f
ebgQuXarIu/SXf08fNASMAfCkUhC3ujWYpFb9ckrRQ1x5sQozL92tcPCytxTcQjQ
nbe7EJldVh6C+bm51yh/FaVv8NkvRdHb6ysw/LQ3cTggI3R1VqTFi1hZjoFnCCpL
tUh2AONKOuV/+2DXk+CoYGu5vwWRcmbm0NkrAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUOuzkspR+iX64zCye8JaNs0IPpa0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L091emtzcFItaVg2NHpD
eWU4SmFOczBJUHBhMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBACJCq0N9rGYILoPYZ/o6OrcE/Qfc68xB
Ki6JiX3eOEeQOG0Mf7PJcBipFjwIKyIxvdNSDZ/iCQ+uRawlFGFHHf1ISyeSbjCN
f25B2bd4yHIPfa5ath2r6MAGefGn0eXwYTAiucclio1qwU5UxomV4m67seg2+Uy/
JCuML5l54EO2Q8OempzaM1of5Ds6fhg3Y5Lzxj4rDHrikRGgUA9AKLQGu//nnakZ
CJaDKU17uk+GnqYgQLa5HFVDdH7uILu7x0p0+1JzoUjI3xC2k/Tkmo3WcDU6RVqj
aOK1Rg9MK030BKbJoxp5CWj3n1iEtEmSlx9Zmk6+SL7gV6OYO/eV05c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:23 2024 by rpki-client on console-fra.rpki-client.org