Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/oKwYwsFRV_WLxYr58AFWigH_ef4.roa
File: oKwYwsFRV_WLxYr58AFWigH_ef4.roa (raw, json)
Hash identifier: WucNVMyrTuhimiPHkhAAi4vvk5VU+vjibaz3YPoKc1M=
Subject key identifier: A0:AC:18:C2:C1:51:57:F5:8B:C5:8A:F9:F0:01:56:8A:01:FF:79:FE
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3647
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/oKwYwsFRV_WLxYr58AFWigH_ef4.roa
Signing time: Sun 31 Mar 2024 22:52:10 +0000
ROA not before: Sun 31 Mar 2024 22:52:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13895 (0x3647)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 22:52:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A0AC18C2C15157F58BC58AF9F001568A01FF79FE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:1a:94:3b:53:54:6e:eb:6c:20:c7:16:9d:4d:
b8:a6:f4:28:08:41:46:08:38:a2:42:75:ad:6a:ec:
dc:2a:76:44:f2:8c:1c:f6:c3:3e:e8:69:ff:9d:d5:
5c:34:e2:fc:dd:a9:27:94:34:b0:1e:34:01:c2:e9:
50:77:df:ed:34:46:47:aa:b5:ba:70:e4:ca:76:74:
8d:23:51:85:c4:fa:1f:10:86:e7:04:8e:5e:39:e6:
43:92:b9:4f:84:fe:de:88:2c:06:92:08:43:08:da:
51:d8:71:fc:6b:e0:07:b3:75:3a:24:13:50:cf:c4:
c0:d9:69:69:d7:e4:c0:e9:c4:5a:59:4f:3f:c8:44:
dc:64:c8:e8:66:b5:06:d7:22:ec:28:6f:e0:33:56:
a3:1b:bc:cd:72:5d:c9:01:a2:db:72:82:26:78:b8:
b5:21:08:a2:e6:58:9d:98:d6:b7:18:f0:aa:71:9a:
6a:a6:1d:1d:e8:7e:03:0e:09:dd:19:a9:82:9c:fb:
53:19:64:b1:e0:cc:f1:de:14:7e:54:4a:33:a2:05:
03:27:43:0e:cc:a2:5e:a4:fa:29:23:7b:46:7f:8d:
fd:e1:a3:74:53:71:9b:dd:a0:8d:c8:1d:a0:fa:15:
92:3c:8f:b9:45:a8:b0:91:ae:a8:98:ab:90:00:5b:
1d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:AC:18:C2:C1:51:57:F5:8B:C5:8A:F9:F0:01:56:8A:01:FF:79:FE
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/oKwYwsFRV_WLxYr58AFWigH_ef4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
84:f2:78:56:95:ca:fb:ed:61:22:be:41:ef:d8:44:55:e8:08:
b5:cd:a1:d0:e0:57:50:7e:d3:13:5b:2e:46:9e:49:5d:18:c8:
21:39:58:93:15:b0:bd:a7:d0:77:3b:a7:42:7e:16:50:ce:a6:
ed:1e:74:f4:ac:09:fe:97:b1:f7:fb:dc:46:a4:29:4d:36:a3:
51:05:40:92:6c:e1:f6:10:9a:33:31:7e:f4:fc:c1:cb:c3:27:
fa:81:a2:e5:ed:3b:af:65:4f:c9:4f:bc:18:ae:83:91:61:4e:
31:36:b4:79:a0:2a:1e:23:f2:ad:b3:06:ae:5a:dc:af:36:38:
2e:14:ad:81:94:4c:06:9b:bf:9f:ed:e0:ff:6c:9f:d5:59:f1:
ff:72:28:34:a5:8e:60:bd:e7:5d:28:45:ba:2d:13:0a:93:37:
e4:ee:98:db:9f:2a:14:13:a9:9c:74:64:e4:d6:6a:ff:ba:29:
48:88:b6:41:e6:66:d0:98:46:1b:a9:52:08:d3:d2:ff:a5:ae:
b7:64:68:1f:55:07:af:99:3c:88:84:0e:1a:7c:a2:a0:0f:31:
90:82:fe:19:02:5f:e4:ed:c5:bf:b1:c8:b6:86:9a:1a:4d:e1:
12:41:64:00:8e:94:47:ea:50:7c:d1:6a:72:f5:82:0a:2b:fa:
24:21:3b:18
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICNkcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEy
MjUyMTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEEwQUMxOEMyQzE1MTU3
RjU4QkM1OEFGOUYwMDE1NjhBMDFGRjc5RkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQGpQ7U1Ru62wgxxadTbim9CgIQUYIOKJCda1q7NwqdkTyjBz2
wz7oaf+d1Vw04vzdqSeUNLAeNAHC6VB33+00Rkeqtbpw5Mp2dI0jUYXE+h8QhucE
jl455kOSuU+E/t6ILAaSCEMI2lHYcfxr4AezdTokE1DPxMDZaWnX5MDpxFpZTz/I
RNxkyOhmtQbXIuwob+AzVqMbvM1yXckBottygiZ4uLUhCKLmWJ2Y1rcY8Kpxmmqm
HR3ofgMOCd0ZqYKc+1MZZLHgzPHeFH5USjOiBQMnQw7Mol6k+ikje0Z/jf3ho3RT
cZvdoI3IHaD6FZI8j7lFqLCRrqiYq5AAWx2lAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUoKwYwsFRV/WLxYr58AFWigH/ef4wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L29Ld1l3c0ZSVl9XTHhZ
cjU4QUZXaWdIX2VmNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAITyeFaVyvvtYSK+Qe/YRFXoCLXNodDg
V1B+0xNbLkaeSV0YyCE5WJMVsL2n0Hc7p0J+FlDOpu0edPSsCf6Xsff73EakKU02
o1EFQJJs4fYQmjMxfvT8wcvDJ/qBouXtO69lT8lPvBiug5FhTjE2tHmgKh4j8q2z
Bq5a3K82OC4UrYGUTAabv5/t4P9sn9VZ8f9yKDSljmC9510oRbotEwqTN+TumNuf
KhQTqZx0ZOTWav+6KUiItkHmZtCYRhupUgjT0v+lrrdkaB9VB6+ZPIiEDhp8oqAP
MZCC/hkCX+Ttxb+xyLaGmhpN4RJBZACOlEfqUHzRanL1ggor+iQhOxg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:46 2024 by rpki-client on console-fra.rpki-client.org