Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/oCDXO81yiocwFHUDKfynXrgOYvc.roa
File: oCDXO81yiocwFHUDKfynXrgOYvc.roa (raw, json)
Hash identifier: G7drSOVHPuaUBkkppxvfBAMKQ5l6+PpngdPcNAMIeVc=
Subject key identifier: A0:20:D7:3B:CD:72:8A:87:30:14:75:03:29:FC:A7:5E:B8:0E:62:F7
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 51AF
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/oCDXO81yiocwFHUDKfynXrgOYvc.roa
Signing time: Tue 07 May 2024 11:53:52 +0000
ROA not before: Tue 07 May 2024 11:53:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20911 (0x51af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 7 11:53:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A020D73BCD728A873014750329FCA75EB80E62F7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:1c:ae:a7:4c:01:94:80:f4:de:2f:26:aa:87:
fc:46:6a:2b:c5:6d:6d:fe:93:15:62:cb:5e:31:3d:
92:9f:fe:f5:c6:42:0f:22:7d:2f:72:22:e9:cb:40:
a2:62:f4:e1:e0:7b:b1:37:62:77:76:83:55:1a:f9:
81:f8:39:d7:d1:9d:cb:fd:6d:ea:a1:ff:3f:09:f2:
fc:d1:67:f5:b1:a8:4a:f1:95:f5:ad:b9:6a:bd:46:
40:1d:1f:4c:ee:ce:aa:8d:20:81:50:ee:be:e4:fc:
aa:da:26:6b:f1:eb:b4:e9:ca:77:d9:40:4e:9b:62:
0e:f1:d9:3c:59:a2:f1:7c:60:6f:1a:b5:4d:61:ff:
73:70:60:c6:d7:2c:ae:79:bc:ca:ef:54:41:4a:1d:
21:12:86:e6:82:02:32:3e:fe:e8:5c:ec:45:72:49:
db:6f:b9:05:7f:7a:33:96:cc:58:9a:ec:ec:5e:27:
19:38:c2:3b:b4:f8:67:43:84:09:fc:e3:0d:bf:a8:
a3:3d:87:63:9c:42:0b:d5:3e:08:9c:d8:03:11:45:
96:28:5d:5a:8f:ad:53:ae:d1:93:53:23:93:8c:21:
f5:74:0d:4e:11:cd:0d:89:24:b0:f9:db:dc:40:0a:
e8:ae:10:09:94:4c:c8:ad:af:be:58:6a:58:95:6d:
63:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:20:D7:3B:CD:72:8A:87:30:14:75:03:29:FC:A7:5E:B8:0E:62:F7
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/oCDXO81yiocwFHUDKfynXrgOYvc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
66:2f:37:92:78:e5:8f:5a:d4:29:64:b5:2c:94:34:9c:a9:b8:
5f:1f:fe:7d:81:40:41:54:09:eb:ba:20:9f:fa:5f:60:76:7b:
de:c9:97:35:5f:8c:0b:55:31:94:92:b2:7e:d1:57:c6:a3:b6:
17:cb:9b:f2:38:f6:f2:be:5b:12:f4:2d:c8:cf:1a:57:98:11:
c9:0d:ae:b0:08:ab:22:4f:15:71:e1:2a:c6:f1:6c:dc:44:c7:
2f:09:d3:1d:07:ef:b0:5c:d0:4c:a9:3e:54:8b:76:20:73:57:
c9:9b:2d:54:35:95:39:2c:12:5c:4f:20:ac:8f:f2:e7:65:bf:
76:f3:02:38:93:5b:b6:1a:d9:8f:02:f8:e0:2e:76:32:83:c9:
18:18:8a:7a:02:78:de:65:22:65:a9:40:3e:fa:de:71:ed:09:
8c:22:a4:3b:50:b9:00:44:1f:5e:e7:fe:39:2c:26:34:28:e6:
02:a5:78:39:e7:a7:ea:07:76:29:64:da:47:d0:51:26:fa:41:
93:a8:6c:d6:d9:c7:b7:aa:90:ba:da:be:05:7f:0a:d8:07:dc:
89:9f:7c:93:67:fc:0b:25:fd:51:29:5d:a2:d6:4c:47:db:cd:
8a:57:d2:d3:e0:9c:0f:74:3b:9a:77:f6:3c:a5:4a:64:29:15:
47:38:26:a0
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICUa8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDcx
MTUzNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEEwMjBENzNCQ0Q3MjhB
ODczMDE0NzUwMzI5RkNBNzVFQjgwRTYyRjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQHK6nTAGUgPTeLyaqh/xGaivFbW3+kxViy14xPZKf/vXGQg8i
fS9yIunLQKJi9OHge7E3Ynd2g1Ua+YH4OdfRncv9beqh/z8J8vzRZ/WxqErxlfWt
uWq9RkAdH0zuzqqNIIFQ7r7k/KraJmvx67TpynfZQE6bYg7x2TxZovF8YG8atU1h
/3NwYMbXLK55vMrvVEFKHSEShuaCAjI+/uhc7EVySdtvuQV/ejOWzFia7OxeJxk4
wju0+GdDhAn84w2/qKM9h2OcQgvVPgic2AMRRZYoXVqPrVOu0ZNTI5OMIfV0DU4R
zQ2JJLD529xACuiuEAmUTMitr75YaliVbWNbAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUoCDXO81yiocwFHUDKfynXrgOYvcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L29DRFhPODF5aW9jd0ZI
VURLZnluWHJnT1l2Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAGYvN5J45Y9a1ClktSyUNJypuF8f/n2B
QEFUCeu6IJ/6X2B2e97JlzVfjAtVMZSSsn7RV8ajthfLm/I49vK+WxL0LcjPGleY
EckNrrAIqyJPFXHhKsbxbNxExy8J0x0H77Bc0EypPlSLdiBzV8mbLVQ1lTksElxP
IKyP8udlv3bzAjiTW7Ya2Y8C+OAudjKDyRgYinoCeN5lImWpQD763nHtCYwipDtQ
uQBEH17n/jksJjQo5gKleDnnp+oHdilk2kfQUSb6QZOobNbZx7eqkLravgV/CtgH
3ImffJNn/Asl/VEpXaLWTEfbzYpX0tPgnA90O5p39jylSmQpFUc4JqA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:46 2024 by rpki-client on console-fra.rpki-client.org