Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/okJOyFYZJcqjuskUXnuzdAEoLKI.roa
File: okJOyFYZJcqjuskUXnuzdAEoLKI.roa (raw, json)
Hash identifier: TS8PiF4pbQ2MYWKHILOpXOuw3G62WtEoFqUW5sPQJHA=
Subject key identifier: A2:42:4E:C8:56:19:25:CA:A3:BA:C9:14:5E:7B:B3:74:01:28:2C:A2
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4C33
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/okJOyFYZJcqjuskUXnuzdAEoLKI.roa
Signing time: Tue 30 Apr 2024 04:23:53 +0000
ROA not before: Tue 30 Apr 2024 04:23:53 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19507 (0x4c33)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 30 04:23:53 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A2424EC8561925CAA3BAC9145E7BB37401282CA2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d9:d3:1d:64:bd:8e:20:13:39:77:31:fd:a9:
cd:cb:ff:e1:e1:ca:83:eb:61:8e:8e:ff:cf:97:03:
81:ff:6c:b3:97:b6:af:ee:61:0e:7d:85:9c:91:3c:
c9:fa:6c:02:96:1e:cd:00:61:f3:7d:31:5c:09:b8:
80:25:5a:a7:5f:e8:bb:e9:1b:67:77:d5:6c:0f:a1:
8b:0d:3e:23:9b:96:79:35:6c:43:1f:55:08:d9:84:
6d:d4:51:de:d9:63:e6:dd:cb:cf:21:4c:c5:30:42:
01:c5:7a:8b:b3:ab:6f:99:75:c6:aa:37:46:0f:f2:
81:81:55:a5:09:23:14:b7:9b:ca:13:a3:ab:d1:3b:
7b:bf:44:23:97:5c:a8:a7:66:c3:97:27:19:c5:d7:
35:df:f9:32:59:8c:9e:4a:03:4f:bc:18:f2:f3:47:
4c:a4:73:d7:01:9c:d5:9e:85:5a:e9:63:dc:c6:cd:
66:e0:4a:da:36:f2:b8:f4:c6:6a:6b:6c:03:85:91:
09:91:ca:92:de:2e:58:c2:85:cc:9c:2a:91:84:15:
4f:92:cb:7e:5f:40:b0:5a:35:42:47:68:6f:00:ce:
f1:0c:61:fb:15:1a:a3:c0:70:7f:db:7f:76:24:50:
85:0c:13:68:65:0c:aa:7a:b4:25:1e:3c:a8:91:26:
9b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:42:4E:C8:56:19:25:CA:A3:BA:C9:14:5E:7B:B3:74:01:28:2C:A2
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/okJOyFYZJcqjuskUXnuzdAEoLKI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
4a:2d:25:71:e5:5d:2b:f4:df:70:fa:fe:98:47:88:a4:e4:5e:
5c:37:89:c0:d3:89:f6:27:66:c0:c4:ff:22:1c:eb:3e:58:47:
5e:9a:0f:20:58:6a:b2:10:40:db:08:ef:f0:50:3c:c6:61:01:
e7:bc:2d:c1:f4:96:12:57:80:38:e0:59:bc:2d:1c:73:bb:e2:
94:6a:9c:bb:7b:8d:64:6e:a2:21:b6:7b:c0:f3:2c:fe:1c:6b:
46:f9:30:82:0a:77:37:9d:e7:ab:c7:d1:b8:d3:24:e8:6a:59:
a5:59:a7:ee:6d:17:3c:30:73:12:98:ec:97:04:16:4a:25:10:
64:70:91:91:7a:68:54:c5:a3:3f:77:dd:5b:16:03:7a:44:8b:
d5:e6:65:d9:20:00:4b:ef:c7:bb:a2:6d:37:8f:d0:b0:a7:57:
a7:72:ac:40:07:95:3e:71:0f:8b:17:3c:89:3d:cd:01:8d:af:
05:8e:b6:41:84:01:6b:bd:90:3a:df:94:d0:dc:2d:9c:4c:62:
a5:53:9b:66:b1:97:aa:2a:c6:c8:5e:c9:8e:e4:9f:39:ec:e6:
e2:ac:40:79:fa:17:f3:df:e7:ba:bb:c9:37:09:29:5d:a9:3e:
51:fa:01:96:d4:29:8e:4d:7f:e6:32:98:56:71:4b:a1:43:19:
3f:12:12:28
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTDMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MzAw
NDIzNTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEEyNDI0RUM4NTYxOTI1
Q0FBM0JBQzkxNDVFN0JCMzc0MDEyODJDQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDA2dMdZL2OIBM5dzH9qc3L/+HhyoPrYY6O/8+XA4H/bLOXtq/u
YQ59hZyRPMn6bAKWHs0AYfN9MVwJuIAlWqdf6LvpG2d31WwPoYsNPiOblnk1bEMf
VQjZhG3UUd7ZY+bdy88hTMUwQgHFeouzq2+ZdcaqN0YP8oGBVaUJIxS3m8oTo6vR
O3u/RCOXXKinZsOXJxnF1zXf+TJZjJ5KA0+8GPLzR0ykc9cBnNWehVrpY9zGzWbg
Sto28rj0xmprbAOFkQmRypLeLljChcycKpGEFU+Sy35fQLBaNUJHaG8AzvEMYfsV
GqPAcH/bf3YkUIUME2hlDKp6tCUePKiRJpuZAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUokJOyFYZJcqjuskUXnuzdAEoLKIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L29rSk95RllaSmNxanVz
a1VYbnV6ZEFFb0xLSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAEotJXHlXSv033D6/phHiKTkXlw3icDT
ifYnZsDE/yIc6z5YR16aDyBYarIQQNsI7/BQPMZhAee8LcH0lhJXgDjgWbwtHHO7
4pRqnLt7jWRuoiG2e8DzLP4ca0b5MIIKdzed56vH0bjTJOhqWaVZp+5tFzwwcxKY
7JcEFkolEGRwkZF6aFTFoz933VsWA3pEi9XmZdkgAEvvx7uibTeP0LCnV6dyrEAH
lT5xD4sXPIk9zQGNrwWOtkGEAWu9kDrflNDcLZxMYqVTm2axl6oqxsheyY7knzns
5uKsQHn6F/Pf57q7yTcJKV2pPlH6AZbUKY5Nf+YymFZxS6FDGT8SEig=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:47 2024 by rpki-client on console-fra.rpki-client.org