Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/sOoEM2-bbp3CrzlfkPiGnUtx7QU.roa
File: sOoEM2-bbp3CrzlfkPiGnUtx7QU.roa (raw, json)
Hash identifier: aV8/mWOaBTu62+FUfxpIUTjKhBJvRQSu0Lg7U/A89IQ=
Subject key identifier: B0:EA:04:33:6F:9B:6E:9D:C2:AF:39:5F:90:F8:86:9D:4B:71:ED:05
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4143
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sOoEM2-bbp3CrzlfkPiGnUtx7QU.roa
Signing time: Mon 15 Apr 2024 14:22:55 +0000
ROA not before: Mon 15 Apr 2024 14:22:55 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16707 (0x4143)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 15 14:22:55 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B0EA04336F9B6E9DC2AF395F90F8869D4B71ED05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:88:ae:0f:47:09:27:62:ba:01:f2:c0:13:79:
10:4f:79:78:ca:d0:dd:ef:3e:10:77:10:39:d7:2d:
47:b0:d1:d4:67:17:47:f0:fe:7b:d7:0b:f6:04:2b:
9b:a4:73:9c:c3:4b:7f:d4:1b:23:d9:44:31:0c:2f:
f8:a2:f2:30:69:f2:4c:7c:e3:6c:df:a3:ad:34:2d:
06:34:76:3f:c1:45:ce:7f:ce:5a:ce:75:a6:e4:07:
4e:32:73:f1:76:f3:46:c4:35:ad:fc:bb:02:5c:fe:
4c:82:fe:97:c9:b5:61:2e:ba:29:88:5a:ff:45:3c:
ac:a0:33:63:80:94:40:aa:d4:19:9c:ec:60:68:27:
9f:4a:76:e6:19:f4:ea:b0:af:76:42:64:73:ee:7c:
70:6d:d3:15:9b:07:3b:c1:1d:f5:bb:16:17:ae:35:
32:3f:25:ad:2b:84:70:6f:5c:06:ad:95:15:47:59:
a8:84:81:db:30:66:03:a2:36:7b:f6:b7:25:0a:f6:
6e:8b:0f:33:2c:cb:89:00:7b:3d:0e:14:ed:1b:40:
4b:11:55:23:da:6e:b9:18:1f:9c:2e:7e:84:30:26:
c1:75:b7:b9:49:28:59:05:fd:8f:ac:27:00:fa:01:
99:c6:15:b4:52:a2:17:e2:bc:08:3b:02:28:e2:88:
c2:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:EA:04:33:6F:9B:6E:9D:C2:AF:39:5F:90:F8:86:9D:4B:71:ED:05
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/sOoEM2-bbp3CrzlfkPiGnUtx7QU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
6f:84:99:b5:35:5a:64:5f:35:14:1f:18:a1:b8:d9:9f:b8:0a:
1c:85:15:aa:4c:54:39:04:0d:bb:41:ed:fe:56:43:45:52:3c:
1a:ff:f3:ca:b5:ce:c4:e5:e7:c1:23:12:c0:6a:10:07:17:0a:
0a:a0:71:f8:b7:83:90:f9:07:d0:d9:d2:64:a8:81:03:69:a0:
f7:6c:ea:f6:6f:0f:91:19:98:ee:3c:a5:9f:41:40:44:48:33:
52:83:85:09:31:76:58:ee:ed:04:7c:9f:e3:72:b4:34:01:6d:
14:56:76:da:ec:70:37:bd:01:0a:b5:93:b9:35:59:8d:36:1d:
68:02:f1:68:25:8e:d8:1e:a7:02:64:74:83:f8:2e:5c:9f:0d:
51:82:32:03:47:06:06:7a:48:b1:3f:85:0f:1b:58:bf:a1:50:
b6:3c:17:e5:d9:a1:16:60:6f:71:aa:9d:93:f8:5b:27:1f:af:
4d:55:87:a2:6b:da:43:af:09:e9:75:e1:8b:4f:28:99:36:3e:
f1:52:3f:e3:2c:21:d2:5b:4f:ae:d2:76:5a:8a:8a:46:d1:11:
42:72:d6:f5:8f:14:9a:9f:84:bc:09:13:c2:17:7f:09:d8:3f:
a2:30:8d:78:3a:0e:2d:74:5c:69:29:11:07:91:56:52:37:8b:
f5:2d:84:9a
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICQUMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTUx
NDIyNTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIwRUEwNDMzNkY5QjZF
OURDMkFGMzk1RjkwRjg4NjlENEI3MUVEMDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1iK4PRwknYroB8sATeRBPeXjK0N3vPhB3EDnXLUew0dRnF0fw
/nvXC/YEK5ukc5zDS3/UGyPZRDEML/ii8jBp8kx842zfo600LQY0dj/BRc5/zlrO
dabkB04yc/F280bENa38uwJc/kyC/pfJtWEuuimIWv9FPKygM2OAlECq1Bmc7GBo
J59KduYZ9Oqwr3ZCZHPufHBt0xWbBzvBHfW7FheuNTI/Ja0rhHBvXAatlRVHWaiE
gdswZgOiNnv2tyUK9m6LDzMsy4kAez0OFO0bQEsRVSPabrkYH5wufoQwJsF1t7lJ
KFkF/Y+sJwD6AZnGFbRSohfivAg7AijiiMKbAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUsOoEM2+bbp3CrzlfkPiGnUtx7QUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L3NPb0VNMi1iYnAzQ3J6
bGZrUGlHblV0eDdRVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAG+EmbU1WmRfNRQfGKG42Z+4ChyFFapM
VDkEDbtB7f5WQ0VSPBr/88q1zsTl58EjEsBqEAcXCgqgcfi3g5D5B9DZ0mSogQNp
oPds6vZvD5EZmO48pZ9BQERIM1KDhQkxdlju7QR8n+NytDQBbRRWdtrscDe9AQq1
k7k1WY02HWgC8WgljtgepwJkdIP4LlyfDVGCMgNHBgZ6SLE/hQ8bWL+hULY8F+XZ
oRZgb3GqnZP4Wycfr01Vh6Jr2kOvCel14YtPKJk2PvFSP+MsIdJbT67SdlqKikbR
EUJy1vWPFJqfhLwJE8IXfwnYP6IwjXg6Di10XGkpEQeRVlI3i/UthJo=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:38:50 2025 by rpki-client