Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/aooP-FA2o9IVHIfSmtAH1yR07zA.roa
File: aooP-FA2o9IVHIfSmtAH1yR07zA.roa (raw, json)
Hash identifier: JHG1f5y6SzYAmkK50MChWxtJLHEzCuHB+wJPVjFaGEk=
Subject key identifier: 6A:8A:0F:F8:50:36:A3:D2:15:1C:87:D2:9A:D0:07:D7:24:74:EF:30
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 529B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/aooP-FA2o9IVHIfSmtAH1yR07zA.roa
Signing time: Wed 08 May 2024 17:23:57 +0000
ROA not before: Wed 08 May 2024 17:23:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21147 (0x529b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 8 17:23:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=6A8A0FF85036A3D2151C87D29AD007D72474EF30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:22:92:f0:df:59:e5:17:a7:a9:f9:c8:35:23:
2f:36:98:c8:40:ed:52:96:2d:69:2e:d5:e6:e3:48:
6d:e6:6d:9b:7f:90:24:2f:69:54:f7:63:24:7e:7c:
f1:e7:8d:25:30:68:b6:57:7b:bc:60:79:bf:6f:80:
ae:ba:75:a0:09:b5:5f:93:f4:32:83:cc:cc:e5:89:
da:c4:19:f0:2e:b8:b0:5e:e5:23:91:c0:6e:8b:8b:
d1:9c:f7:f2:6c:71:40:d1:f1:08:e9:cf:5d:2f:26:
f7:7d:27:a6:38:33:05:74:d6:27:3b:dd:5c:a1:33:
0e:3c:08:c2:00:fb:b1:7e:a3:be:0f:24:25:ae:5c:
67:a8:7e:78:05:b3:12:9e:db:4d:91:8a:84:13:94:
df:fe:9c:68:fe:33:a0:73:fa:45:b5:1d:d3:69:e8:
65:7a:bc:dc:2e:09:5f:02:b8:fe:bf:ed:96:66:71:
5e:76:9c:7e:dd:d5:4b:fb:be:e3:6b:e0:1b:d2:19:
9b:13:a0:7a:39:5e:e1:06:0d:99:bf:59:24:b8:cc:
c4:88:31:b2:e6:f0:21:1d:92:60:69:05:b2:4e:fd:
80:75:cd:66:25:e6:15:57:7f:78:f9:0a:17:18:ab:
77:29:ce:6d:0b:ad:c2:55:45:d9:f9:5a:b2:e9:96:
d3:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:8A:0F:F8:50:36:A3:D2:15:1C:87:D2:9A:D0:07:D7:24:74:EF:30
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/aooP-FA2o9IVHIfSmtAH1yR07zA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
03:dd:c0:47:b3:0e:e8:84:7e:2f:ec:22:e4:f5:c1:c4:5a:0b:
74:32:cd:ba:85:b2:7d:bc:22:71:57:de:bf:ed:b7:bb:b8:8b:
f0:32:c3:e9:07:3f:45:0f:6b:96:b7:d9:57:8b:b1:c6:50:51:
d9:5a:08:a6:1c:8d:48:b9:d7:37:ed:95:40:71:d0:41:8f:3f:
bc:55:70:ec:34:57:53:1e:1b:b4:d3:3c:99:15:f5:d9:67:84:
0e:df:c9:35:cf:73:3b:c5:de:7d:7c:bb:d5:b1:da:c3:3e:d4:
6f:e9:7f:30:67:d7:d6:a6:f4:19:0a:27:79:84:a9:67:e5:57:
95:a2:32:72:cc:c1:03:08:fc:cf:82:31:c0:1d:5d:ec:b1:04:
85:41:ed:7b:81:f3:71:33:27:02:f3:13:18:06:f4:1e:a4:bd:
08:95:2b:7a:6a:ee:b1:cb:04:5e:d8:bb:e2:84:d9:cc:ca:fe:
79:63:d9:58:8e:af:fa:36:56:26:a7:2a:39:db:c3:fc:e1:fb:
2c:57:e5:e0:2b:40:02:42:2c:a8:a7:44:26:43:ef:f5:cf:d7:
7d:c8:83:34:01:05:a9:71:44:c0:6c:09:e8:f3:71:86:3d:24:
e3:73:5e:0a:e0:b9:b3:b2:5c:83:74:a2:1c:52:e3:13:fc:b5:
d2:df:59:4b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICUpswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDgx
NzIzNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZBOEEwRkY4NTAzNkEz
RDIxNTFDODdEMjlBRDAwN0Q3MjQ3NEVGMzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDvIpLw31nlF6ep+cg1Iy82mMhA7VKWLWku1ebjSG3mbZt/kCQv
aVT3YyR+fPHnjSUwaLZXe7xgeb9vgK66daAJtV+T9DKDzMzlidrEGfAuuLBe5SOR
wG6Li9Gc9/JscUDR8Qjpz10vJvd9J6Y4MwV01ic73VyhMw48CMIA+7F+o74PJCWu
XGeofngFsxKe202RioQTlN/+nGj+M6Bz+kW1HdNp6GV6vNwuCV8CuP6/7ZZmcV52
nH7d1Uv7vuNr4BvSGZsToHo5XuEGDZm/WSS4zMSIMbLm8CEdkmBpBbJO/YB1zWYl
5hVXf3j5ChcYq3cpzm0LrcJVRdn5WrLpltN7AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUaooP+FA2o9IVHIfSmtAH1yR07zAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2Fvb1AtRkEybzlJVkhJ
ZlNtdEFIMXlSMDd6QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAAPdwEezDuiEfi/sIuT1wcRaC3QyzbqF
sn28InFX3r/tt7u4i/Ayw+kHP0UPa5a32VeLscZQUdlaCKYcjUi51zftlUBx0EGP
P7xVcOw0V1MeG7TTPJkV9dlnhA7fyTXPczvF3n18u9Wx2sM+1G/pfzBn19am9BkK
J3mEqWflV5WiMnLMwQMI/M+CMcAdXeyxBIVB7XuB83EzJwLzExgG9B6kvQiVK3pq
7rHLBF7Yu+KE2czK/nlj2ViOr/o2VianKjnbw/zh+yxX5eArQAJCLKinRCZD7/XP
133IgzQBBalxRMBsCejzcYY9JONzXgrgubOyXIN0ohxS4xP8tdLfWUs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:34 2024 by rpki-client on console-fra.rpki-client.org