Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/mJuvrYaNgR5R5qNX1RDZClObN9k.roa
File: mJuvrYaNgR5R5qNX1RDZClObN9k.roa (raw, json)
Hash identifier: NcbkSNrIL1L7cS6Fpe8GAHI1X5qBwCnNBe9YZ6YaW2o=
Subject key identifier: 98:9B:AF:AD:86:8D:81:1E:51:E6:A3:57:D5:10:D9:0A:53:9B:37:D9
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4906
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mJuvrYaNgR5R5qNX1RDZClObN9k.roa
Signing time: Thu 25 Apr 2024 22:53:20 +0000
ROA not before: Thu 25 Apr 2024 22:53:20 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18694 (0x4906)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 25 22:53:20 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=989BAFAD868D811E51E6A357D510D90A539B37D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1d:3b:da:f7:27:fb:6c:74:76:a1:62:b8:67:
5b:24:22:b6:6d:b8:da:0f:2d:4f:69:2b:01:d6:d7:
f8:85:90:89:78:22:65:fd:33:de:e5:51:e9:42:45:
1f:3c:e5:a0:34:bf:c0:4d:9d:2b:86:8c:04:9f:fc:
13:19:11:1a:75:f4:af:3d:6f:5d:84:bf:24:41:dd:
2b:4b:8e:44:06:d2:6d:d6:4b:88:b6:a5:cf:d3:35:
1f:e3:9c:d6:2e:c5:de:a8:5a:16:fa:05:6b:19:7b:
da:f7:bb:47:79:a7:46:18:39:3e:d8:b1:f2:79:c2:
54:73:52:88:6f:ef:14:71:ab:4b:be:1a:dd:ef:15:
ac:ad:e8:f3:86:fb:1e:b3:29:e3:04:d0:1a:82:39:
46:d2:db:2f:b0:fc:d1:f6:21:e5:cb:91:73:c6:72:
71:c4:0c:15:1f:77:e0:f6:94:18:e7:e6:e2:3e:5f:
78:e3:21:a8:fc:88:78:1c:dd:a3:88:1e:0c:26:83:
b8:cd:1f:b7:db:99:6f:1f:3a:9c:c6:4d:8e:5e:6f:
86:04:05:bf:1b:ec:7a:1a:4d:5c:7a:dd:37:6f:e1:
4d:f0:d3:cd:74:7a:28:7c:43:15:72:88:86:8f:14:
37:40:dd:5b:7d:25:c1:0c:10:ef:1b:cb:ad:4b:c4:
07:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:9B:AF:AD:86:8D:81:1E:51:E6:A3:57:D5:10:D9:0A:53:9B:37:D9
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mJuvrYaNgR5R5qNX1RDZClObN9k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9e:7d:f2:9f:77:93:3b:33:72:98:f1:d8:37:cb:78:20:0a:2e:
be:dc:ff:f0:00:6a:61:15:b5:07:e8:fe:f1:0e:f0:ed:4c:79:
fe:00:72:32:ad:dc:bd:60:82:18:fc:56:99:45:a1:3d:b9:14:
bc:f0:88:a5:b9:28:5a:c7:52:c4:61:4c:59:9e:7e:75:6f:35:
ca:01:9a:fc:1b:e6:e9:5d:56:ea:70:d6:ef:f8:ea:c1:38:0f:
7b:dc:ad:f5:58:d0:c4:63:6e:56:7f:ef:91:6c:2a:a1:a0:d5:
84:fc:c3:b3:7f:08:40:b5:1f:e2:0b:aa:13:d2:91:d9:26:20:
fe:69:9b:37:41:7a:f6:8f:4b:db:fa:42:d9:0b:0c:7c:75:fb:
fc:f3:c4:02:05:7a:01:64:90:e6:04:a1:31:a5:5b:0b:f0:5d:
2b:3e:61:52:f9:f6:ec:ae:e5:72:7d:5d:9d:a8:b0:13:e5:af:
0d:fe:b5:0a:09:2e:75:0b:92:ac:9d:46:30:43:40:29:c2:35:
81:a0:84:a3:9b:33:e2:81:e9:c1:d9:74:5c:97:15:4b:cd:0e:
86:20:59:53:2f:c8:1f:54:0a:c2:9c:74:05:cc:45:25:05:25:
11:ba:16:5b:48:a6:5f:6b:b0:71:2e:55:d5:be:e8:1f:7f:3f:
b3:1c:b6:61
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICSQYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjUy
MjUzMjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk4OUJBRkFEODY4RDgx
MUU1MUU2QTM1N0Q1MTBEOTBBNTM5QjM3RDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8HTva9yf7bHR2oWK4Z1skIrZtuNoPLU9pKwHW1/iFkIl4ImX9
M97lUelCRR885aA0v8BNnSuGjASf/BMZERp19K89b12EvyRB3StLjkQG0m3WS4i2
pc/TNR/jnNYuxd6oWhb6BWsZe9r3u0d5p0YYOT7YsfJ5wlRzUohv7xRxq0u+Gt3v
Fayt6POG+x6zKeME0BqCOUbS2y+w/NH2IeXLkXPGcnHEDBUfd+D2lBjn5uI+X3jj
Iaj8iHgc3aOIHgwmg7jNH7fbmW8fOpzGTY5eb4YEBb8b7HoaTVx63Tdv4U3w0810
eih8QxVyiIaPFDdA3Vt9JcEMEO8by61LxAd5AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUmJuvrYaNgR5R5qNX1RDZClObN9kwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L21KdXZyWWFOZ1I1UjVx
TlgxUkRaQ2xPYk45ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAnn3yn3eTOzNymPHYN8t4IAouvtz/8ABq
YRW1B+j+8Q7w7Ux5/gByMq3cvWCCGPxWmUWhPbkUvPCIpbkoWsdSxGFMWZ5+dW81
ygGa/Bvm6V1W6nDW7/jqwTgPe9yt9VjQxGNuVn/vkWwqoaDVhPzDs38IQLUf4guq
E9KR2SYg/mmbN0F69o9L2/pC2QsMfHX7/PPEAgV6AWSQ5gShMaVbC/BdKz5hUvn2
7K7lcn1dnaiwE+WvDf61CgkudQuSrJ1GMENAKcI1gaCEo5sz4oHpwdl0XJcVS80O
hiBZUy/IH1QKwpx0BcxFJQUlEboWW0imX2uwcS5V1b7oH38/sxy2YQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:42:21 2025 by rpki-client