Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/sOVZfeKgRSdmC3vqXBD046iDIpM.roa
File: sOVZfeKgRSdmC3vqXBD046iDIpM.roa (raw, json)
Hash identifier: Yx/rRRh2YFYCSzJm0gcFNFPe+9n/ThgEJwhKMFCQ6Po=
Subject key identifier: B0:E5:59:7D:E2:A0:45:27:66:0B:7B:EA:5C:10:F4:E3:A8:83:22:93
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5197
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sOVZfeKgRSdmC3vqXBD046iDIpM.roa
Signing time: Tue 07 May 2024 08:53:52 +0000
ROA not before: Tue 07 May 2024 08:53:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20887 (0x5197)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 7 08:53:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B0E5597DE2A04527660B7BEA5C10F4E3A8832293
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:58:e5:fc:1e:3a:0d:fa:93:e1:4d:a4:3d:ef:
83:85:6a:f7:e3:6e:60:4e:25:75:32:2d:13:93:0d:
7b:40:1c:41:d4:79:be:de:d2:8b:6f:5f:e7:94:9d:
07:34:5d:da:8f:5f:c9:25:e2:37:90:40:86:56:52:
f3:e1:7e:6a:f3:00:1d:3a:82:e6:23:6d:f7:46:2a:
58:4a:70:c8:1c:b9:7a:69:de:76:c9:a7:dd:d5:e2:
96:5b:e0:74:f1:23:ec:b5:0c:15:33:cb:8c:3e:bd:
a7:94:30:77:af:cf:ee:41:4e:f6:61:f1:fe:07:66:
b0:28:06:74:57:26:15:ad:4a:0c:42:fc:d4:6e:dd:
90:ce:4f:7d:a5:c9:a2:50:41:53:b2:bb:4b:cd:38:
7a:f3:e3:24:59:81:1e:46:f0:f3:e7:a9:27:42:57:
bb:86:ee:a6:18:0d:c8:4b:f0:01:96:4d:11:ae:08:
1b:00:79:c5:45:c8:b4:20:77:67:b3:76:0b:37:40:
27:8c:b3:b4:80:29:12:52:fc:e5:ca:97:13:78:6a:
de:14:65:db:c9:62:32:b4:57:57:9a:ff:07:50:83:
4c:81:e5:57:f0:19:2b:10:92:35:4f:01:85:f1:ac:
7f:16:c1:62:fa:98:e3:20:4c:d0:eb:b0:0d:48:00:
e4:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:E5:59:7D:E2:A0:45:27:66:0B:7B:EA:5C:10:F4:E3:A8:83:22:93
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sOVZfeKgRSdmC3vqXBD046iDIpM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
03:6e:5c:24:b7:a4:95:24:53:b5:30:d1:5e:f5:f3:c1:6c:41:
3e:50:24:04:7e:af:04:d7:51:e9:65:a3:92:a9:61:cf:13:03:
d4:27:d0:e3:94:25:eb:4c:85:29:80:9c:47:56:13:39:da:36:
04:6f:d0:20:95:70:85:f1:26:26:7e:fe:6e:db:53:d6:e0:77:
a0:50:a6:8d:53:bb:91:0b:98:4a:cc:20:19:36:57:a3:f6:6e:
8f:06:a9:92:6a:1c:a8:ba:f3:85:d5:78:7a:7c:89:41:3b:a0:
b1:f3:07:6d:eb:f3:62:2c:34:63:4e:56:75:2e:4c:4a:8c:ac:
4a:01:02:6c:ef:cd:34:34:1e:b8:f1:d1:0d:e7:e6:ad:ad:af:
c3:f5:5c:7c:01:4a:2d:f8:29:41:d4:e2:2d:a0:41:df:d4:ad:
ea:80:37:ad:14:6b:57:32:b9:51:d9:2c:b9:6f:03:67:e6:06:
9c:b4:eb:83:45:6b:aa:5a:12:cd:9a:96:2e:c7:e0:f2:fc:98:
ed:d6:85:7b:76:a8:82:05:70:1f:d9:73:05:48:d3:fd:18:a3:
a5:7f:61:c8:8a:f6:dc:a9:c0:d8:c2:b2:b8:a4:71:f1:fd:8a:
3c:83:07:10:a0:d5:16:fa:2c:7f:53:c2:72:b7:83:8f:96:19:
7d:23:f2:6b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICUZcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDcw
ODUzNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIwRTU1OTdERTJBMDQ1
Mjc2NjBCN0JFQTVDMTBGNEUzQTg4MzIyOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyWOX8HjoN+pPhTaQ974OFavfjbmBOJXUyLROTDXtAHEHUeb7e
0otvX+eUnQc0XdqPX8kl4jeQQIZWUvPhfmrzAB06guYjbfdGKlhKcMgcuXpp3nbJ
p93V4pZb4HTxI+y1DBUzy4w+vaeUMHevz+5BTvZh8f4HZrAoBnRXJhWtSgxC/NRu
3ZDOT32lyaJQQVOyu0vNOHrz4yRZgR5G8PPnqSdCV7uG7qYYDchL8AGWTRGuCBsA
ecVFyLQgd2ezdgs3QCeMs7SAKRJS/OXKlxN4at4UZdvJYjK0V1ea/wdQg0yB5Vfw
GSsQkjVPAYXxrH8WwWL6mOMgTNDrsA1IAOQPAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUsOVZfeKgRSdmC3vqXBD046iDIpMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3NPVlpmZUtnUlNkbUMz
dnFYQkQwNDZpRElwTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAANuXCS3pJUkU7Uw0V7188FsQT5QJAR+
rwTXUello5KpYc8TA9Qn0OOUJetMhSmAnEdWEznaNgRv0CCVcIXxJiZ+/m7bU9bg
d6BQpo1Tu5ELmErMIBk2V6P2bo8GqZJqHKi684XVeHp8iUE7oLHzB23r82IsNGNO
VnUuTEqMrEoBAmzvzTQ0Hrjx0Q3n5q2tr8P1XHwBSi34KUHU4i2gQd/UreqAN60U
a1cyuVHZLLlvA2fmBpy064NFa6paEs2ali7H4PL8mO3WhXt2qIIFcB/ZcwVI0/0Y
o6V/YciK9typwNjCsrikcfH9ijyDBxCg1Rb6LH9TwnK3g4+WGX0j8ms=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:50 2024 by rpki-client on console-fra.rpki-client.org