Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/890/m8Mbp3fOk0mfKmCfNvkt2fmUd30.roa
File: m8Mbp3fOk0mfKmCfNvkt2fmUd30.roa (raw, json)
Hash identifier: 6PVM1OMBTNJ2+7s4aPik4DaNu6ngPai+hTo90igXodQ=
Subject key identifier: 9B:C3:1B:A7:77:CE:93:49:9F:2A:60:9F:36:F9:2D:D9:F9:94:77:7D
Certificate issuer: /CN=0EE863AC570AEEA1F930BEA5E76AAE7DD553804E
Certificate serial: 08A8
Authority key identifier: 0E:E8:63:AC:57:0A:EE:A1:F9:30:BE:A5:E7:6A:AE:7D:D5:53:80:4E
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DuhjrFcK7qH5ML6l52qufdVTgE4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/m8Mbp3fOk0mfKmCfNvkt2fmUd30.roa
Signing time: Tue 17 Dec 2024 06:24:29 +0000
ROA not before: Tue 17 Dec 2024 06:24:29 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 63567
IP address blocks: 43.226.96.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2216 (0x8a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0EE863AC570AEEA1F930BEA5E76AAE7DD553804E
Validity
Not Before: Dec 17 06:24:29 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=9BC31BA777CE93499F2A609F36F92DD9F994777D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:98:f7:eb:a9:8b:03:86:af:8e:33:25:40:bb:
d8:35:bd:99:42:bd:24:b2:12:39:69:03:f5:ea:68:
09:fa:1a:01:d6:df:9d:72:89:40:69:46:65:2f:5f:
a5:0c:5a:5e:82:17:ef:28:5f:ba:29:f7:2b:4b:30:
f6:6c:d9:d1:c5:ca:7e:d6:50:03:b4:4d:45:77:88:
1a:3a:23:35:85:92:23:86:6c:e2:66:40:0e:ed:01:
26:e0:ac:c4:86:a0:92:29:58:f2:8f:08:91:90:07:
a8:bd:76:af:96:cd:3d:f4:5e:e0:68:70:23:7e:8e:
b9:82:c8:8b:56:2e:6e:81:a0:0e:32:32:3d:fe:be:
e2:d8:51:ef:f0:aa:f6:fb:3c:42:c6:75:d6:99:33:
35:1a:23:e0:05:97:65:55:7c:a1:28:3d:ae:aa:a8:
95:28:6b:d1:bf:e6:69:ee:04:d9:90:3c:34:c7:56:
f0:da:ab:c6:d0:fb:43:29:7e:cc:fa:31:a8:40:ba:
be:d4:a8:f7:52:de:48:bd:40:e6:cd:79:9a:77:af:
6f:9c:e3:e7:66:fb:38:2e:7e:fc:dd:64:d2:b1:7a:
17:5d:6f:49:db:2d:1d:f8:7b:ed:7c:08:1a:4b:ed:
1e:88:ef:86:0a:3d:65:0a:c9:ab:c3:d0:54:a7:fc:
4b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:C3:1B:A7:77:CE:93:49:9F:2A:60:9F:36:F9:2D:D9:F9:94:77:7D
X509v3 Authority Key Identifier:
keyid:0E:E8:63:AC:57:0A:EE:A1:F9:30:BE:A5:E7:6A:AE:7D:D5:53:80:4E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/DuhjrFcK7qH5ML6l52qufdVTgE4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DuhjrFcK7qH5ML6l52qufdVTgE4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/m8Mbp3fOk0mfKmCfNvkt2fmUd30.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.226.96.0/20
Signature Algorithm: sha256WithRSAEncryption
43:62:00:b5:8c:94:bd:03:55:3f:63:c5:f3:aa:eb:16:69:b5:
e8:06:56:c0:d7:0a:f4:b0:dc:af:7f:50:f0:1e:fa:32:97:35:
1c:a6:a4:4d:8c:5b:fb:be:09:3d:69:cc:38:b5:7b:39:27:3a:
7a:4e:b5:17:9a:41:57:c3:9a:4d:4a:de:50:6a:06:5a:7f:23:
b2:57:cc:49:86:66:af:0a:e6:5f:5a:38:88:18:f2:fc:b1:a7:
9c:87:24:62:56:48:39:d3:69:f7:8c:08:6b:a0:87:97:e6:ad:
7c:c5:f5:f3:95:94:89:1a:7a:9e:ef:69:94:95:88:bf:61:7c:
12:8a:24:5f:45:d3:02:0f:9f:bf:97:fe:de:bc:7e:82:9a:d4:
3e:10:70:11:4d:1f:82:5f:c9:27:d8:f3:21:e8:70:42:75:f8:
73:43:a9:09:b7:3b:94:cb:b9:31:35:63:dc:e9:1b:b0:ac:c5:
42:20:fc:42:ad:4a:c3:6e:b7:18:44:4b:56:d7:b8:ab:97:a8:
08:95:77:65:98:fa:46:cb:55:5e:ed:a7:ce:45:72:c1:7d:e2:
47:ac:ad:c9:5d:56:1e:61:e0:47:3b:92:cc:9d:b6:51:35:76:
90:81:44:4e:de:57:4a:65:2e:e7:7d:bb:58:27:f6:04:47:89:
ee:1f:15:38
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICCKgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEVF
ODYzQUM1NzBBRUVBMUY5MzBCRUE1RTc2QUFFN0RENTUzODA0RTAeFw0yNDEyMTcw
NjI0MjlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDlCQzMxQkE3NzdDRTkz
NDk5RjJBNjA5RjM2RjkyREQ5Rjk5NDc3N0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCumPfrqYsDhq+OMyVAu9g1vZlCvSSyEjlpA/XqaAn6GgHW351y
iUBpRmUvX6UMWl6CF+8oX7op9ytLMPZs2dHFyn7WUAO0TUV3iBo6IzWFkiOGbOJm
QA7tASbgrMSGoJIpWPKPCJGQB6i9dq+WzT30XuBocCN+jrmCyItWLm6BoA4yMj3+
vuLYUe/wqvb7PELGddaZMzUaI+AFl2VVfKEoPa6qqJUoa9G/5mnuBNmQPDTHVvDa
q8bQ+0Mpfsz6MahAur7UqPdS3ki9QObNeZp3r2+c4+dm+zgufvzdZNKxehddb0nb
LR34e+18CBpL7R6I74YKPWUKyavD0FSn/EszAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUm8Mbp3fOk0mfKmCfNvkt2fmUd30wHwYDVR0jBBgwFoAUDuhjrFcK7qH5ML6l
52qufdVTgE4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkw
L0R1aGpyRmNLN3FINU1MNmw1MnF1ZmRWVGdFNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvRHVoanJGY0s3cUg1TUw2bDUycXVmZFZUZ0U0LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkwL204TWJwM2ZPazBtZktt
Q2ZOdmt0MmZtVWQzMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAQr4mAwDQYJKoZIhvcNAQELBQADggEBAENiALWMlL0DVT9jxfOq6xZptegGVsDX
CvSw3K9/UPAe+jKXNRympE2MW/u+CT1pzDi1ezknOnpOtReaQVfDmk1K3lBqBlp/
I7JXzEmGZq8K5l9aOIgY8vyxp5yHJGJWSDnTafeMCGugh5fmrXzF9fOVlIkaep7v
aZSViL9hfBKKJF9F0wIPn7+X/t68foKa1D4QcBFNH4JfySfY8yHocEJ1+HNDqQm3
O5TLuTE1Y9zpG7CsxUIg/EKtSsNutxhES1bXuKuXqAiVd2WY+kbLVV7tp85FcsF9
4kesrcldVh5h4Ec7ksydtlE1dpCBRE7eV0plLud9u1gn9gRHie4fFTg=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:24:37 2025 by rpki-client