Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/X4fOj_oll-KVS7jdvYei6yVf0SU.roa
File: X4fOj_oll-KVS7jdvYei6yVf0SU.roa (raw, json)
Hash identifier: jpGFYLdR5LnIu4V0BbUdiCLpuO6U3HCjWPw4qV5Uu0E=
Subject key identifier: 5F:87:CE:8F:FA:25:97:E2:95:4B:B8:DD:BD:87:A2:EB:25:5F:D1:25
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3733
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/X4fOj_oll-KVS7jdvYei6yVf0SU.roa
Signing time: Tue 02 Apr 2024 04:22:13 +0000
ROA not before: Tue 02 Apr 2024 04:22:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14131 (0x3733)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 2 04:22:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5F87CE8FFA2597E2954BB8DDBD87A2EB255FD125
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b2:59:f4:59:8b:ef:6a:f2:c8:a1:e5:2b:e5:
e9:2c:34:8e:62:e2:9c:f5:5b:2c:d8:c3:12:16:e9:
7a:ef:a1:56:2a:e1:a7:5a:95:70:1b:c7:fd:da:cb:
e4:9a:16:3b:7c:7c:1c:9d:a2:bb:6a:0e:2c:0d:f8:
e0:15:ce:5a:0f:a1:10:d3:ff:b7:ea:26:2f:03:de:
e7:17:92:a7:f1:87:b2:b4:7c:83:ec:17:7f:c4:2b:
29:c6:24:e2:8c:05:44:c7:a1:18:ac:7d:00:ce:b8:
eb:ea:86:d1:4a:29:1f:4d:fe:b2:a1:16:aa:1b:85:
fe:7c:24:04:a1:bb:3d:42:ae:ce:ad:e9:06:dd:78:
76:69:cb:20:96:7d:54:04:00:ba:6d:5c:a1:47:01:
e3:25:4a:b2:4d:8a:32:9e:ea:4f:18:ca:98:3a:92:
89:70:b6:2e:47:49:64:b1:d3:b9:fb:51:2d:13:cb:
11:7a:6a:2e:d5:f1:8a:d7:b8:76:ed:fa:ad:c5:17:
97:5a:ae:c9:96:3f:e2:f8:e0:9a:99:09:de:99:d4:
9c:77:6d:d4:0c:99:a3:23:be:48:04:a7:2a:c1:b4:
89:9b:dd:c0:d7:a5:a1:a0:99:b3:06:21:f2:b0:36:
8c:e1:f7:cc:8d:f5:32:59:ae:44:17:1d:d3:ed:b2:
0d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:87:CE:8F:FA:25:97:E2:95:4B:B8:DD:BD:87:A2:EB:25:5F:D1:25
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/X4fOj_oll-KVS7jdvYei6yVf0SU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
41:e5:4c:a8:29:be:82:69:fd:6c:f2:67:53:4c:32:01:f6:89:
99:fd:bd:39:78:39:dd:b5:f3:63:f2:a7:49:92:30:a0:bf:25:
bc:2f:25:27:b4:7e:11:6e:3c:5d:ca:a2:49:eb:41:c9:ce:ae:
78:ee:58:00:72:c5:94:54:8a:16:f8:b5:84:13:9c:60:34:bd:
50:e0:2a:4b:3b:5e:76:1a:08:3f:84:de:0e:3a:e5:3d:30:79:
ca:b5:ba:24:e4:dd:07:58:c5:e8:b4:5f:f7:a5:5f:5f:8d:4d:
82:50:59:82:08:96:8b:9f:75:e1:d2:bd:0e:cb:b1:53:41:f2:
43:09:d5:0d:fb:00:1f:c8:39:2e:bc:c9:d9:b7:b1:45:39:42:
15:52:ee:7c:aa:b2:05:42:7d:90:44:4b:db:aa:39:9a:81:95:
9b:5c:f3:54:4a:ea:f1:95:a0:fe:b3:2f:b4:53:a5:b8:44:6e:
2b:c9:bd:b0:4a:90:ed:b5:11:85:89:ac:8f:a4:a4:c3:5d:f6:
eb:63:5d:2a:65:b9:41:fb:c4:71:fb:27:79:c9:d4:3b:f4:f6:
02:43:33:f3:8e:b8:b5:39:49:7a:5e:bf:ea:eb:a2:01:57:3e:
27:07:39:b5:5d:02:ad:60:8a:f7:30:f9:c6:12:f1:02:de:4f:
98:df:f5:62
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNzMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDIw
NDIyMTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVGODdDRThGRkEyNTk3
RTI5NTRCQjhEREJEODdBMkVCMjU1RkQxMjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIsln0WYvvavLIoeUr5eksNI5i4pz1WyzYwxIW6XrvoVYq4ada
lXAbx/3ay+SaFjt8fBydortqDiwN+OAVzloPoRDT/7fqJi8D3ucXkqfxh7K0fIPs
F3/EKynGJOKMBUTHoRisfQDOuOvqhtFKKR9N/rKhFqobhf58JAShuz1Crs6t6Qbd
eHZpyyCWfVQEALptXKFHAeMlSrJNijKe6k8Yypg6kolwti5HSWSx07n7US0TyxF6
ai7V8YrXuHbt+q3FF5darsmWP+L44JqZCd6Z1Jx3bdQMmaMjvkgEpyrBtImb3cDX
paGgmbMGIfKwNozh98yN9TJZrkQXHdPtsg0jAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUX4fOj/oll+KVS7jdvYei6yVf0SUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1g0Zk9qX29sbC1LVlM3
amR2WWVpNnlWZjBTVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAEHlTKgpvoJp/WzyZ1NMMgH2iZn9vTl4
Od2182Pyp0mSMKC/JbwvJSe0fhFuPF3KoknrQcnOrnjuWAByxZRUihb4tYQTnGA0
vVDgKks7XnYaCD+E3g465T0wecq1uiTk3QdYxei0X/elX1+NTYJQWYIIloufdeHS
vQ7LsVNB8kMJ1Q37AB/IOS68ydm3sUU5QhVS7nyqsgVCfZBES9uqOZqBlZtc81RK
6vGVoP6zL7RTpbhEbivJvbBKkO21EYWJrI+kpMNd9utjXSpluUH7xHH7J3nJ1Dv0
9gJDM/OOuLU5SXpev+rrogFXPicHObVdAq1givcw+cYS8QLeT5jf9WI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:30 2024 by rpki-client on console-fra.rpki-client.org