Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/mii3QqxKAlQZRuieeCXwfzLybIo.roa
File: mii3QqxKAlQZRuieeCXwfzLybIo.roa (raw, json)
Hash identifier: a+ghbyuscfgX30fBcgT7KYkEu823mLoBFe5AIROhbQo=
Subject key identifier: 9A:28:B7:42:AC:4A:02:54:19:46:E8:9E:78:25:F0:7F:32:F2:6C:8A
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 331E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mii3QqxKAlQZRuieeCXwfzLybIo.roa
Signing time: Wed 27 Mar 2024 17:52:03 +0000
ROA not before: Wed 27 Mar 2024 17:52:03 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13086 (0x331e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 27 17:52:03 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9A28B742AC4A02541946E89E7825F07F32F26C8A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:53:3c:91:64:ec:50:cc:5e:d9:09:7d:f8:17:
34:99:e9:b9:a5:00:db:99:ec:cc:ed:e5:a3:3f:e1:
d1:f2:d7:13:0f:aa:0e:d6:ea:0c:9a:cf:a5:ea:67:
fd:dd:66:21:d7:11:8e:bf:1e:d0:93:9e:1e:01:79:
34:f2:a4:b2:22:40:4f:a0:56:8f:da:f5:3c:4b:4d:
59:ae:e2:c1:6c:14:9c:a7:28:df:12:57:c8:f0:d1:
07:0a:5d:2e:eb:25:31:0f:67:ea:b3:9c:31:93:e1:
f8:57:c0:c2:4b:d4:5d:f4:8e:4a:00:32:e0:2c:09:
f5:45:55:e2:a5:5a:71:fc:61:f7:db:94:44:60:a6:
89:de:fc:f7:93:8e:4d:17:db:fa:7d:3f:43:5b:32:
e1:56:7b:a0:ae:4d:b6:87:a0:98:e6:82:a2:44:36:
bd:59:e4:d1:cf:cd:46:76:6e:75:9a:44:8d:28:6b:
ec:33:06:d4:f7:3f:49:63:87:0a:86:ec:a6:53:db:
f7:7a:ea:43:45:58:55:73:98:e3:0d:ee:8b:d1:e5:
3c:5a:21:75:b3:70:66:62:47:82:29:30:26:ee:ae:
b5:2d:c3:1c:3a:9f:0e:49:2e:58:ff:ce:88:36:5d:
69:86:75:56:26:4e:d8:da:3c:fc:5d:88:07:c6:2c:
8a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:28:B7:42:AC:4A:02:54:19:46:E8:9E:78:25:F0:7F:32:F2:6C:8A
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mii3QqxKAlQZRuieeCXwfzLybIo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6a:40:d5:30:8e:28:11:e1:51:6b:f4:7a:13:0c:7b:8f:e8:c9:
f0:50:d0:73:23:2e:75:4b:05:d0:cd:c2:7f:ce:dd:3c:27:05:
03:a6:e5:9a:2f:2f:0f:5b:64:18:34:60:d6:e2:fd:42:86:0e:
13:23:69:8b:15:6c:63:00:e2:81:f1:ea:38:68:02:d1:d4:50:
8a:77:e2:7c:25:a5:22:4a:c6:8f:f0:c6:8f:d7:bf:91:28:63:
90:5f:40:48:38:bb:25:18:b7:83:71:2b:63:36:59:89:d9:c1:
db:6d:8d:07:cd:4f:bb:30:a8:2f:a6:e4:43:58:74:a3:65:7e:
a9:8d:b9:36:dd:09:c6:2e:56:f0:fc:e6:0d:92:12:4e:e9:2a:
ce:d5:2c:1a:48:70:9e:d4:99:7a:c3:e0:10:48:27:35:26:ff:
82:49:a9:c8:a6:9a:be:0e:b3:98:af:6c:45:cf:6d:8d:48:f6:
44:9b:22:74:e4:64:86:d7:dc:d3:c4:32:8b:cc:41:66:be:a7:
29:3d:7d:4f:8b:cc:5b:ea:68:99:21:7f:97:d6:7b:bc:85:85:
80:06:c1:bf:3a:d9:e9:2b:8b:a8:42:a1:8b:92:1b:dd:de:a4:
ce:31:9d:51:33:48:01:12:6f:19:e7:e8:ac:5e:47:1a:d7:9b:
e0:a6:af:2a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICMx4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjcx
NzUyMDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlBMjhCNzQyQUM0QTAy
NTQxOTQ2RTg5RTc4MjVGMDdGMzJGMjZDOEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTUzyRZOxQzF7ZCX34FzSZ6bmlANuZ7Mzt5aM/4dHy1xMPqg7W
6gyaz6XqZ/3dZiHXEY6/HtCTnh4BeTTypLIiQE+gVo/a9TxLTVmu4sFsFJynKN8S
V8jw0QcKXS7rJTEPZ+qznDGT4fhXwMJL1F30jkoAMuAsCfVFVeKlWnH8YffblERg
pone/PeTjk0X2/p9P0NbMuFWe6CuTbaHoJjmgqJENr1Z5NHPzUZ2bnWaRI0oa+wz
BtT3P0ljhwqG7KZT2/d66kNFWFVzmOMN7ovR5TxaIXWzcGZiR4IpMCburrUtwxw6
nw5JLlj/zog2XWmGdVYmTtjaPPxdiAfGLIo7AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUmii3QqxKAlQZRuieeCXwfzLybIowHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L21paTNRcXhLQWxRWlJ1
aWVlQ1h3ZnpMeWJJby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAakDVMI4oEeFRa/R6Ewx7j+jJ8FDQcyMu
dUsF0M3Cf87dPCcFA6blmi8vD1tkGDRg1uL9QoYOEyNpixVsYwDigfHqOGgC0dRQ
infifCWlIkrGj/DGj9e/kShjkF9ASDi7JRi3g3ErYzZZidnB222NB81PuzCoL6bk
Q1h0o2V+qY25Nt0Jxi5W8PzmDZISTukqztUsGkhwntSZesPgEEgnNSb/gkmpyKaa
vg6zmK9sRc9tjUj2RJsidORkhtfc08Qyi8xBZr6nKT19T4vMW+pomSF/l9Z7vIWF
gAbBvzrZ6SuLqEKhi5Ib3d6kzjGdUTNIARJvGeforF5HGteb4KavKg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:34:55 2025 by rpki-client