Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/mzHmS-eH08XLn4-PSTFWSw54pag.roa
File: mzHmS-eH08XLn4-PSTFWSw54pag.roa (raw, json)
Hash identifier: QJ+eyPGWCp5Cs5k1uY2Lsj4bjdXAG8H/clw4jMeVvjw=
Subject key identifier: 9B:31:E6:4B:E7:87:D3:C5:CB:9F:8F:8F:49:31:56:4B:0E:78:A5:A8
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 50EE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mzHmS-eH08XLn4-PSTFWSw54pag.roa
Signing time: Mon 06 May 2024 11:53:49 +0000
ROA not before: Mon 06 May 2024 11:53:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20718 (0x50ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 6 11:53:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9B31E64BE787D3C5CB9F8F8F4931564B0E78A5A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:6f:b5:93:4d:24:25:dc:d5:c4:3e:f3:79:56:
64:97:44:4b:68:45:24:2c:e7:84:c3:e1:d6:95:0f:
d7:ec:f9:6c:22:4b:e9:e1:59:82:62:ef:79:09:22:
a0:f0:ab:25:06:53:14:61:e1:94:99:c7:7c:b9:b5:
5f:4f:2e:86:c7:eb:90:15:7d:08:63:6d:32:34:12:
99:22:1d:b5:e3:de:c5:ae:29:7e:0b:eb:5d:f6:d5:
15:09:c5:9d:81:03:10:c7:ef:1c:16:2e:a6:29:d9:
e2:80:ee:5c:10:9d:29:a9:bd:a1:f4:42:b0:be:77:
d0:88:6b:8b:ff:e0:c4:ad:f8:bd:9c:2c:aa:f1:f4:
13:16:c0:1c:ed:8b:e7:bb:b3:54:10:2b:56:59:2d:
83:f9:fc:b5:10:5b:2d:c4:6c:e9:44:cd:46:31:e0:
38:e2:20:d4:eb:b2:e8:ba:75:90:d6:02:19:0e:0b:
32:13:c7:46:2e:ee:ab:15:b1:bf:a6:15:35:5b:2c:
92:f3:07:18:66:12:86:87:f1:10:be:c2:28:f3:5a:
50:04:bb:9e:3e:52:0b:91:d6:84:a8:b7:7b:9a:20:
34:1d:f4:ae:bd:f4:17:c7:22:10:06:99:ae:43:e6:
74:e5:82:30:90:cc:e5:1e:f7:18:22:12:7a:2c:07:
4d:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:31:E6:4B:E7:87:D3:C5:CB:9F:8F:8F:49:31:56:4B:0E:78:A5:A8
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/mzHmS-eH08XLn4-PSTFWSw54pag.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2f:ba:0e:c3:12:9d:45:d3:f5:15:03:ff:87:ae:cc:e8:42:57:
5f:7f:21:dc:29:30:7a:84:db:fd:91:78:4a:2a:1c:17:1d:cc:
9a:29:c4:93:90:18:1b:1a:25:8b:a3:d9:e5:14:11:07:eb:1f:
a4:44:6c:42:95:ed:2d:d2:fe:59:15:ea:2c:e1:86:6d:b2:ac:
8c:a2:b4:34:f3:e9:57:26:df:f0:29:f8:aa:0c:e2:37:a7:61:
dd:fc:00:8c:9b:de:1e:4d:bc:1a:23:b3:90:8e:90:89:ab:8e:
67:0e:96:1c:75:66:8f:e5:95:b9:50:0e:82:74:a8:d5:b5:d6:
ff:e9:6c:b1:f8:77:3f:76:52:ba:73:42:63:89:6f:bf:0b:78:
46:7d:cd:6a:00:72:09:d3:1a:53:13:2f:13:5a:87:88:3e:99:
9b:cf:79:a6:22:db:87:81:5d:20:91:88:28:39:10:50:75:8f:
e8:08:cb:80:bd:9e:9c:ce:f6:30:58:f6:f7:07:7d:d0:04:df:
ea:e4:2f:4c:3a:dd:80:2d:e3:0c:e5:5f:61:c4:ae:fd:fc:82:
b9:d3:ca:ad:5d:06:1b:f2:65:24:af:3c:57:a7:0e:b3:76:f0:
48:02:f8:3c:73:9f:c3:58:87:3a:8f:30:bd:8b:4e:90:bb:0f:
bf:19:e2:2e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICUO4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDYx
MTUzNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlCMzFFNjRCRTc4N0Qz
QzVDQjlGOEY4RjQ5MzE1NjRCMEU3OEE1QTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWb7WTTSQl3NXEPvN5VmSXREtoRSQs54TD4daVD9fs+WwiS+nh
WYJi73kJIqDwqyUGUxRh4ZSZx3y5tV9PLobH65AVfQhjbTI0EpkiHbXj3sWuKX4L
61321RUJxZ2BAxDH7xwWLqYp2eKA7lwQnSmpvaH0QrC+d9CIa4v/4MSt+L2cLKrx
9BMWwBzti+e7s1QQK1ZZLYP5/LUQWy3EbOlEzUYx4DjiINTrsui6dZDWAhkOCzIT
x0Yu7qsVsb+mFTVbLJLzBxhmEoaH8RC+wijzWlAEu54+UguR1oSot3uaIDQd9K69
9BfHIhAGma5D5nTlgjCQzOUe9xgiEnosB00/AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUmzHmS+eH08XLn4+PSTFWSw54pagwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L216SG1TLWVIMDhYTG40
LVBTVEZXU3c1NHBhZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAL7oOwxKdRdP1FQP/h67M6EJXX38h3Ckw
eoTb/ZF4SiocFx3MminEk5AYGxoli6PZ5RQRB+sfpERsQpXtLdL+WRXqLOGGbbKs
jKK0NPPpVybf8Cn4qgziN6dh3fwAjJveHk28GiOzkI6QiauOZw6WHHVmj+WVuVAO
gnSo1bXW/+lssfh3P3ZSunNCY4lvvwt4Rn3NagByCdMaUxMvE1qHiD6Zm895piLb
h4FdIJGIKDkQUHWP6AjLgL2enM72MFj29wd90ATf6uQvTDrdgC3jDOVfYcSu/fyC
udPKrV0GG/JlJK88V6cOs3bwSAL4PHOfw1iHOo8wvYtOkLsPvxniLg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:07:01 2025 by rpki-client