Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/mi99OzOCNs27OWv_GuEu_5A7onE.roa
File: mi99OzOCNs27OWv_GuEu_5A7onE.roa (raw, json)
Hash identifier: 2b14nPL9jq9PcgMntQCVuItvsRndbo7hFn4ryaLZ5vE=
Subject key identifier: 9A:2F:7D:3B:33:82:36:CD:BB:39:6B:FF:1A:E1:2E:FF:90:3B:A2:71
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4432
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mi99OzOCNs27OWv_GuEu_5A7onE.roa
Signing time: Fri 19 Apr 2024 12:23:00 +0000
ROA not before: Fri 19 Apr 2024 12:23:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17458 (0x4432)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 19 12:23:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9A2F7D3B338236CDBB396BFF1AE12EFF903BA271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ba:ed:6a:ed:c1:02:aa:a5:b8:d7:02:2d:c4:
c8:5b:a4:92:2e:c7:83:a0:dd:2f:a4:b4:c6:38:ee:
60:a3:bc:24:1c:ab:c5:2a:31:55:0c:c6:6d:1a:de:
cb:c7:e9:6b:58:2f:83:47:e2:49:6d:c5:ca:f8:9c:
94:a0:23:f1:95:a2:88:3c:b6:b2:bc:a4:73:33:e8:
23:5d:bb:10:63:cc:2d:f0:9b:c5:80:58:5f:66:be:
c2:85:9d:7a:67:ed:b2:ec:00:a6:4e:95:4a:10:e4:
3b:4a:b6:70:94:bd:17:4c:12:18:dd:d3:fe:0b:c9:
31:8c:87:3f:f9:1d:ca:df:94:c5:f6:4c:a6:02:25:
92:06:85:ae:e0:44:44:da:1b:75:c7:f1:8c:cd:45:
66:35:51:fc:b5:c2:7f:e9:9e:ee:e3:dc:3a:c7:67:
1b:b3:48:54:90:11:45:bf:32:8b:d7:97:37:11:43:
04:ea:c7:c8:56:c6:d2:cf:0a:88:11:56:40:ba:36:
65:9c:18:0e:cb:c3:4e:15:db:93:5d:67:0e:27:3e:
04:28:18:c4:12:98:30:cd:4f:e8:25:8a:c4:9c:a4:
21:ec:87:7e:08:2c:a4:21:a0:d7:5c:8c:b6:28:46:
d0:f6:cd:fa:05:15:74:22:b0:da:eb:a2:48:78:0b:
3d:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:2F:7D:3B:33:82:36:CD:BB:39:6B:FF:1A:E1:2E:FF:90:3B:A2:71
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mi99OzOCNs27OWv_GuEu_5A7onE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7c:7c:53:e1:4f:92:c2:4d:6c:19:0c:66:63:17:6d:7d:d0:04:
c1:20:21:be:94:0b:0a:3e:f9:61:be:0d:05:ea:bf:32:55:ec:
2d:aa:59:3c:a7:aa:14:2f:bc:c9:ab:aa:18:a5:0e:43:a6:ae:
03:5b:a9:95:e6:7b:df:92:95:6d:ae:04:29:2d:5d:be:77:da:
21:a9:4f:b7:51:93:c2:e5:fb:16:67:f9:a5:2e:49:c9:2c:74:
5e:1f:e9:8b:49:09:b6:97:1e:51:90:e3:e6:03:fc:dc:91:33:
46:13:79:05:cf:b0:47:4e:d9:d2:0a:ba:fc:6c:01:10:17:ba:
4c:b2:14:22:a7:a6:ae:f6:80:14:2c:8e:e0:b4:90:6b:a3:3e:
5d:19:b1:11:73:1e:50:6f:c2:0e:b7:02:7b:d2:f6:3b:1b:41:
0a:63:27:5f:71:59:da:d8:be:56:78:f8:79:b6:f6:b6:f5:58:
44:b4:71:b7:a8:d9:d9:45:d7:71:54:24:50:32:40:ef:b0:91:
1e:46:2a:42:df:42:a4:07:6c:3e:2c:9b:f6:e5:b7:a7:49:a8:
24:77:d3:70:cb:ae:60:af:65:32:75:e6:90:a5:24:16:c9:16:
84:96:a7:d4:2e:77:ec:47:30:96:ef:e6:a8:88:da:12:56:9c:
89:7c:e2:19
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICRDIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTkx
MjIzMDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlBMkY3RDNCMzM4MjM2
Q0RCQjM5NkJGRjFBRTEyRUZGOTAzQkEyNzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOuu1q7cECqqW41wItxMhbpJIux4Og3S+ktMY47mCjvCQcq8Uq
MVUMxm0a3svH6WtYL4NH4kltxcr4nJSgI/GVoog8trK8pHMz6CNduxBjzC3wm8WA
WF9mvsKFnXpn7bLsAKZOlUoQ5DtKtnCUvRdMEhjd0/4LyTGMhz/5HcrflMX2TKYC
JZIGha7gRETaG3XH8YzNRWY1Ufy1wn/pnu7j3DrHZxuzSFSQEUW/MovXlzcRQwTq
x8hWxtLPCogRVkC6NmWcGA7Lw04V25NdZw4nPgQoGMQSmDDNT+glisScpCHsh34I
LKQhoNdcjLYoRtD2zfoFFXQisNrrokh4Cz2NAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUmi99OzOCNs27OWv/GuEu/5A7onEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L21pOTlPek9DTnMyN09X
dl9HdUV1XzVBN29uRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAfHxT4U+Swk1sGQxmYxdtfdAEwSAhvpQL
Cj75Yb4NBeq/MlXsLapZPKeqFC+8yauqGKUOQ6auA1upleZ735KVba4EKS1dvnfa
IalPt1GTwuX7Fmf5pS5JySx0Xh/pi0kJtpceUZDj5gP83JEzRhN5Bc+wR07Z0gq6
/GwBEBe6TLIUIqemrvaAFCyO4LSQa6M+XRmxEXMeUG/CDrcCe9L2OxtBCmMnX3FZ
2ti+Vnj4ebb2tvVYRLRxt6jZ2UXXcVQkUDJA77CRHkYqQt9CpAdsPiyb9uW3p0mo
JHfTcMuuYK9lMnXmkKUkFskWhJan1C537Ecwlu/mqIjaElaciXziGQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:45:01 2025 by rpki-client