Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/OfnUDe5UxLUe0w15JqKwbMofQCc.roa
File: OfnUDe5UxLUe0w15JqKwbMofQCc.roa (raw, json)
Hash identifier: 8PsvHShoer6joXo10gBahctlcDpSziWsZTawmk8A3/w=
Subject key identifier: 39:F9:D4:0D:EE:54:C4:B5:1E:D3:0D:79:26:A2:B0:6C:CA:1F:40:27
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 37BF
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/OfnUDe5UxLUe0w15JqKwbMofQCc.roa
Signing time: Tue 02 Apr 2024 21:52:20 +0000
ROA not before: Tue 02 Apr 2024 21:52:20 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14271 (0x37bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 2 21:52:20 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=39F9D40DEE54C4B51ED30D7926A2B06CCA1F4027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:25:fb:25:8a:35:f2:d3:67:64:c3:0f:ef:d8:
51:21:7d:73:5b:89:b4:62:3c:be:3c:3b:8d:f7:03:
05:d4:10:06:42:f8:e4:1f:1a:86:bf:a0:0d:b0:48:
02:40:2b:bc:aa:6f:74:1e:ec:8e:79:47:ba:ff:f5:
27:5e:8e:71:34:c2:aa:e9:f0:a0:b4:92:c6:bb:a9:
ae:7e:44:5f:69:ac:44:0a:2d:af:77:8d:05:46:7f:
85:50:a6:73:84:f8:11:c6:5a:de:82:c3:22:44:85:
51:a0:cc:30:1a:6c:e2:4d:54:7d:11:66:4d:2d:ae:
ea:13:a0:ef:24:d0:21:83:4f:d6:f9:f7:81:17:f7:
9c:08:bb:5c:ae:87:e3:c8:91:b9:e2:9e:57:ea:8e:
9f:99:f4:35:a9:c9:b0:d9:61:50:d3:20:6e:39:c1:
44:f9:5e:5a:d2:cd:1f:60:9e:2a:15:9a:1a:a7:90:
32:0d:5c:cb:a9:9f:b9:d5:21:13:3a:2a:2b:d8:47:
68:80:3a:94:9a:58:ee:53:bc:4b:9c:03:ce:4e:dc:
c4:e8:77:ec:f6:c7:59:cd:76:15:99:5f:5d:79:50:
0d:4a:2e:4c:90:4d:c3:c4:b6:e0:10:39:60:cd:96:
79:ef:53:4a:7a:11:71:6a:1a:a6:68:be:2d:85:33:
ea:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:F9:D4:0D:EE:54:C4:B5:1E:D3:0D:79:26:A2:B0:6C:CA:1F:40:27
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/OfnUDe5UxLUe0w15JqKwbMofQCc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
6d:51:e4:de:a8:f0:37:88:08:89:a8:69:0e:44:ec:4f:30:4f:
2e:77:98:61:1f:ab:04:87:75:36:23:2a:0a:8b:26:36:9d:2f:
ec:77:74:1b:ef:c4:5e:d4:4b:35:c4:59:50:ef:c0:8a:83:9c:
bd:73:de:c9:a4:76:6a:46:a1:38:3d:5e:27:b1:32:e8:1a:83:
95:bc:15:d5:8b:b3:df:20:64:75:87:16:24:43:4c:a7:e3:ac:
36:0a:f0:28:2c:1a:ba:c2:28:38:84:4e:86:cb:04:23:ac:d3:
4b:c8:f4:6d:28:d7:48:e0:eb:7e:20:3f:36:70:fc:03:b5:2d:
c2:bd:01:fc:c1:d5:51:6c:5c:e5:42:ed:4e:6d:14:23:7c:ff:
b7:21:16:be:be:a4:3c:12:cc:e7:f6:70:dd:8a:09:56:a3:3c:
52:97:0d:f5:b9:ee:1c:b9:c4:f6:85:bc:2d:3d:aa:ad:51:e7:
d2:ca:16:b8:fb:c5:82:c3:6f:c9:7f:85:61:40:a4:52:38:59:
0c:b3:2f:a4:96:97:ba:f8:21:0e:e7:f4:cf:0b:27:75:82:f4:
c5:b8:ba:43:30:f4:24:f3:d5:df:30:53:82:0a:ea:aa:cd:97:
22:9a:55:56:3b:41:ae:30:5e:1a:61:52:f5:04:c0:62:c3:2b:
ac:82:7d:7b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICN78wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDIy
MTUyMjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM5RjlENDBERUU1NEM0
QjUxRUQzMEQ3OTI2QTJCMDZDQ0ExRjQwMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrJfslijXy02dkww/v2FEhfXNbibRiPL48O433AwXUEAZC+OQf
Goa/oA2wSAJAK7yqb3Qe7I55R7r/9SdejnE0wqrp8KC0ksa7qa5+RF9prEQKLa93
jQVGf4VQpnOE+BHGWt6CwyJEhVGgzDAabOJNVH0RZk0truoToO8k0CGDT9b594EX
95wIu1yuh+PIkbninlfqjp+Z9DWpybDZYVDTIG45wUT5XlrSzR9gnioVmhqnkDIN
XMupn7nVIRM6KivYR2iAOpSaWO5TvEucA85O3MTod+z2x1nNdhWZX115UA1KLkyQ
TcPEtuAQOWDNlnnvU0p6EXFqGqZovi2FM+opAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUOfnUDe5UxLUe0w15JqKwbMofQCcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L09mblVEZTVVeExVZTB3
MTVKcUt3Yk1vZlFDYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAG1R5N6o8DeICImoaQ5E7E8wTy53mGEf
qwSHdTYjKgqLJjadL+x3dBvvxF7USzXEWVDvwIqDnL1z3smkdmpGoTg9XiexMuga
g5W8FdWLs98gZHWHFiRDTKfjrDYK8CgsGrrCKDiETobLBCOs00vI9G0o10jg634g
PzZw/AO1LcK9AfzB1VFsXOVC7U5tFCN8/7chFr6+pDwSzOf2cN2KCVajPFKXDfW5
7hy5xPaFvC09qq1R59LKFrj7xYLDb8l/hWFApFI4WQyzL6SWl7r4IQ7n9M8LJ3WC
9MW4ukMw9CTz1d8wU4IK6qrNlyKaVVY7Qa4wXhphUvUEwGLDK6yCfXs=
-----END CERTIFICATE-----
Generated at Wed Apr 3 06:11:29 2024 by rpki-client on console.sobornost.net