Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/dOaHAjDY3KL7D7MJmAbuTkRyq90.roa
File: dOaHAjDY3KL7D7MJmAbuTkRyq90.roa (raw, json)
Hash identifier: X6KjIrc95Xe9uZPBuoHzWsjJLfC54m1hyugksq4vTf0=
Subject key identifier: 74:E6:87:02:30:D8:DC:A2:FB:0F:B3:09:98:06:EE:4E:44:72:AB:DD
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 522F
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/dOaHAjDY3KL7D7MJmAbuTkRyq90.roa
Signing time: Wed 08 May 2024 03:53:57 +0000
ROA not before: Wed 08 May 2024 03:53:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21039 (0x522f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 8 03:53:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=74E6870230D8DCA2FB0FB3099806EE4E4472ABDD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:26:5f:8c:fe:4c:0e:bf:28:78:43:5f:15:4d:
d3:ac:e2:c0:0e:c9:f0:9b:ce:99:47:e6:1d:72:f1:
7c:23:49:45:74:c6:80:9d:cb:fd:90:51:08:5e:53:
a5:d3:d7:3e:e5:88:82:7a:0b:7d:d5:5b:17:a1:af:
2c:3c:9a:cd:39:9d:66:a4:58:f6:28:59:a7:ce:fe:
bd:6c:62:a1:3d:40:f7:c4:eb:6f:40:41:30:ee:f8:
d5:a4:f6:aa:ea:65:eb:f1:12:fe:b6:f8:11:de:7c:
49:81:0a:c2:0c:c1:5b:17:53:ed:56:bf:ad:e1:b1:
7c:32:c6:b7:3b:1d:a8:51:ac:19:9a:43:05:9b:3d:
da:3e:e8:a3:db:97:4d:79:40:6d:2d:d8:39:f6:cd:
4d:86:b2:ba:f5:d8:15:5b:cc:46:b0:41:0a:1f:da:
0a:0d:0d:0b:74:fa:10:de:bf:1b:8a:fe:80:06:77:
36:74:31:07:d0:d5:e3:07:94:70:e4:ba:18:59:fd:
fe:f2:06:78:ee:f8:e0:38:73:ac:ca:da:fc:bb:bd:
ab:24:18:34:55:57:00:2e:72:cd:31:1f:6c:52:a3:
7d:7f:4a:0b:a9:e1:12:67:72:69:55:c4:45:13:c7:
a7:48:ae:f5:d4:6b:be:96:33:84:78:bf:8d:56:4f:
19:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:E6:87:02:30:D8:DC:A2:FB:0F:B3:09:98:06:EE:4E:44:72:AB:DD
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/dOaHAjDY3KL7D7MJmAbuTkRyq90.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
30:50:3a:fe:a0:84:87:a6:5d:50:03:16:96:e2:0d:71:84:71:
e2:a6:ea:30:de:bc:6d:74:67:0b:56:4d:3a:9c:f1:45:1f:12:
19:dd:c7:90:5e:79:fa:36:6d:5c:8b:9d:e4:94:57:8e:35:0c:
d9:18:0b:90:25:22:b6:79:d0:81:64:3c:48:1c:79:7d:84:43:
49:d8:4f:c1:a4:73:52:f3:36:b3:14:36:69:65:ff:bf:75:7b:
fe:93:6a:17:66:b5:26:ee:ae:97:2f:07:c1:ab:a6:e0:54:5b:
b5:c8:09:e5:87:9e:7b:4b:fd:14:a1:cb:23:5d:d2:17:ea:b7:
65:b5:ef:e5:8c:0b:24:15:d4:b3:bf:c9:64:a8:ec:e1:b0:0f:
fc:6b:59:b2:0f:c6:1d:ca:14:78:d9:30:4d:89:0e:e2:9f:8f:
45:15:28:22:b9:1d:b4:f3:e1:dd:30:94:92:d0:ea:ef:ec:c5:
ad:62:29:c0:bc:1c:74:21:23:dc:d4:d8:dc:0e:30:d0:e4:f9:
81:21:f0:64:40:0a:b0:11:dd:85:3c:0a:f0:8d:b9:03:5f:4b:
2e:c4:5d:b3:89:d4:3b:1c:40:45:a5:30:1f:f0:9f:9e:4e:38:
9f:c8:d1:01:da:6c:a1:a0:b8:55:af:cf:15:be:9c:ab:e6:27:
cb:fc:33:74
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICUi8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDgw
MzUzNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc0RTY4NzAyMzBEOERD
QTJGQjBGQjMwOTk4MDZFRTRFNDQ3MkFCREQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKJl+M/kwOvyh4Q18VTdOs4sAOyfCbzplH5h1y8XwjSUV0xoCd
y/2QUQheU6XT1z7liIJ6C33VWxehryw8ms05nWakWPYoWafO/r1sYqE9QPfE629A
QTDu+NWk9qrqZevxEv62+BHefEmBCsIMwVsXU+1Wv63hsXwyxrc7HahRrBmaQwWb
Pdo+6KPbl015QG0t2Dn2zU2Gsrr12BVbzEawQQof2goNDQt0+hDevxuK/oAGdzZ0
MQfQ1eMHlHDkuhhZ/f7yBnju+OA4c6zK2vy7vaskGDRVVwAucs0xH2xSo31/Sgup
4RJncmlVxEUTx6dIrvXUa76WM4R4v41WTxkxAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUdOaHAjDY3KL7D7MJmAbuTkRyq90wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2RPYUhBakRZM0tMN0Q3
TUptQWJ1VGtSeXE5MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBADBQOv6ghIemXVADFpbiDXGEceKm6jDe
vG10ZwtWTTqc8UUfEhndx5Beefo2bVyLneSUV441DNkYC5AlIrZ50IFkPEgceX2E
Q0nYT8Gkc1LzNrMUNmll/791e/6TahdmtSburpcvB8GrpuBUW7XICeWHnntL/RSh
yyNd0hfqt2W17+WMCyQV1LO/yWSo7OGwD/xrWbIPxh3KFHjZME2JDuKfj0UVKCK5
HbTz4d0wlJLQ6u/sxa1iKcC8HHQhI9zU2NwOMNDk+YEh8GRACrAR3YU8CvCNuQNf
Sy7EXbOJ1DscQEWlMB/wn55OOJ/I0QHabKGguFWvzxW+nKvmJ8v8M3Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:57 2024 by rpki-client on console-ams.rpki-client.org