Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/o5hP3YorPZCSVjmzKeO5d7hxwAw.roa
File: o5hP3YorPZCSVjmzKeO5d7hxwAw.roa (raw, json)
Hash identifier: zbAU1q1RF7rz9rOwq/d9GQ8qv7bHJBXj0mvLbi6/syU=
Subject key identifier: A3:98:4F:DD:8A:2B:3D:90:92:56:39:B3:29:E3:B9:77:B8:71:C0:0C
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 48AF
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/o5hP3YorPZCSVjmzKeO5d7hxwAw.roa
Signing time: Thu 25 Apr 2024 11:53:41 +0000
ROA not before: Thu 25 Apr 2024 11:53:41 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18607 (0x48af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 25 11:53:41 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A3984FDD8A2B3D90925639B329E3B977B871C00C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:40:68:97:0f:db:d2:4f:c7:c5:55:c2:ab:c5:
36:25:60:b4:41:04:a0:44:3e:e2:88:e6:0a:5b:3a:
70:56:09:2e:71:b4:a9:d9:99:a2:aa:44:46:a3:03:
bf:8c:9b:e1:01:d0:dc:01:46:6a:24:4e:ea:f6:84:
9d:89:77:2b:60:b1:88:94:51:0d:90:1d:d3:46:46:
e5:1b:d0:a3:35:fc:2f:ea:5e:1f:dc:83:41:23:73:
c5:89:f7:c5:7c:74:ac:53:04:b9:bc:7b:e7:f7:5a:
d0:bb:3b:10:26:fe:eb:d8:ab:6a:58:d1:92:3a:03:
4b:20:96:33:7f:81:11:4e:7f:b7:5a:9f:ad:02:1f:
db:a8:cd:b5:5a:9a:ab:02:c0:13:2e:f7:1f:71:f7:
3b:78:52:b0:60:f0:fc:25:28:6c:64:32:63:09:31:
0c:7d:67:89:37:a5:76:67:9d:f5:9e:34:74:3b:92:
47:e5:fa:ff:b3:2e:56:f1:71:92:af:71:ee:a9:94:
54:ff:0b:dd:0f:a7:d3:0b:47:ec:c5:56:21:9a:ab:
8a:f2:c8:2a:ab:64:3e:7e:56:82:78:0e:37:3e:1a:
12:e3:15:ef:fe:64:87:f0:42:a0:b8:08:9c:5a:de:
41:29:be:47:37:18:ec:1b:81:b7:54:f1:c4:84:8a:
8d:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:98:4F:DD:8A:2B:3D:90:92:56:39:B3:29:E3:B9:77:B8:71:C0:0C
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/o5hP3YorPZCSVjmzKeO5d7hxwAw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
96:66:c8:71:14:e0:fe:57:4b:65:1c:b1:8d:b7:e1:67:ca:68:
f4:3f:e1:ab:a6:af:a7:7f:96:ad:61:0f:a6:e4:08:f0:a7:ad:
ca:da:18:eb:b1:00:d2:8f:e9:c3:ca:fe:13:59:02:ab:35:d9:
12:82:f6:ff:97:71:86:4b:d1:06:11:66:eb:9f:ba:5c:78:9b:
eb:cb:40:69:1f:94:6c:aa:70:1a:22:fc:3b:e1:fa:98:c3:76:
8d:a0:8f:aa:ee:32:6b:82:ed:da:ce:f1:1e:b0:53:38:3e:24:
43:b7:fa:f1:c0:ab:05:01:bf:82:b0:9b:d3:5e:2f:be:6c:37:
7c:f0:3d:57:a7:2f:91:c5:76:9c:40:e7:6d:4f:df:3c:10:98:
a8:91:10:a1:99:a8:43:8d:99:45:da:e3:24:c4:e9:e7:c9:d9:
91:26:01:b7:0b:31:12:ed:c7:3d:10:20:f6:e1:fa:ad:44:28:
af:20:7a:4e:f2:c1:f0:fe:f2:23:4e:d5:c8:13:f7:1b:0e:e1:
f1:fc:f7:9b:90:79:c3:3e:e3:3a:90:ea:49:d2:ab:7d:de:d6:
d1:3f:7e:51:0f:dd:ff:60:ac:f0:28:48:25:8b:5b:6a:82:c9:
85:9d:6e:4d:36:98:4f:f4:80:46:f4:bc:92:42:b3:ef:df:b5:
8a:d2:8f:76
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICSK8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjUx
MTUzNDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEEzOTg0RkREOEEyQjNE
OTA5MjU2MzlCMzI5RTNCOTc3Qjg3MUMwMEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxQGiXD9vST8fFVcKrxTYlYLRBBKBEPuKI5gpbOnBWCS5xtKnZ
maKqREajA7+Mm+EB0NwBRmokTur2hJ2JdytgsYiUUQ2QHdNGRuUb0KM1/C/qXh/c
g0Ejc8WJ98V8dKxTBLm8e+f3WtC7OxAm/uvYq2pY0ZI6A0sgljN/gRFOf7dan60C
H9uozbVamqsCwBMu9x9x9zt4UrBg8PwlKGxkMmMJMQx9Z4k3pXZnnfWeNHQ7kkfl
+v+zLlbxcZKvce6plFT/C90Pp9MLR+zFViGaq4ryyCqrZD5+VoJ4Djc+GhLjFe/+
ZIfwQqC4CJxa3kEpvkc3GOwbgbdU8cSEio19AgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUo5hP3YorPZCSVjmzKeO5d7hxwAwwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L281aFAzWW9yUFpDU1Zq
bXpLZU81ZDdoeHdBdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAJZmyHEU4P5XS2UcsY234WfKaPQ/4aum
r6d/lq1hD6bkCPCnrcraGOuxANKP6cPK/hNZAqs12RKC9v+XcYZL0QYRZuufulx4
m+vLQGkflGyqcBoi/Dvh+pjDdo2gj6ruMmuC7drO8R6wUzg+JEO3+vHAqwUBv4Kw
m9NeL75sN3zwPVenL5HFdpxA521P3zwQmKiREKGZqEONmUXa4yTE6efJ2ZEmAbcL
MRLtxz0QIPbh+q1EKK8gek7ywfD+8iNO1cgT9xsO4fH895uQecM+4zqQ6knSq33e
1tE/flEP3f9grPAoSCWLW2qCyYWdbk02mE/0gEb0vJJCs+/ftYrSj3Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:46 2024 by rpki-client on console-fra.rpki-client.org