Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/MnvACQuu82b-iBsKbDeqv3d93zk.roa
File: MnvACQuu82b-iBsKbDeqv3d93zk.roa (raw, json)
Hash identifier: 0OAuTAM/EHUGkrLPZHli2Xmg/sQjGu8Najd5HRzMKxg=
Subject key identifier: 32:7B:C0:09:0B:AE:F3:66:FE:88:1B:0A:6C:37:AA:BF:77:7D:DF:39
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 344E
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/MnvACQuu82b-iBsKbDeqv3d93zk.roa
Signing time: Fri 29 Mar 2024 07:52:05 +0000
ROA not before: Fri 29 Mar 2024 07:52:05 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13390 (0x344e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 29 07:52:05 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=327BC0090BAEF366FE881B0A6C37AABF777DDF39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e9:10:59:ad:02:fd:66:68:71:2d:be:70:ec:
a2:03:43:ea:e0:80:d5:1f:dc:5b:97:6b:82:11:f4:
f0:f5:ea:83:f2:8a:29:d9:9a:44:c5:b9:98:5e:c4:
32:98:2d:00:97:66:f6:33:bb:50:ca:ff:92:ea:11:
23:0e:a2:38:39:f6:08:ba:d2:29:35:e4:97:e7:0e:
5d:1d:b8:79:a0:d1:60:6e:69:bc:fc:4d:de:e3:37:
b5:c7:96:3a:05:5f:92:78:c7:98:22:29:9c:ce:e8:
50:18:21:0e:38:a3:31:9a:b6:d3:3d:77:6c:8f:2e:
66:54:e1:2a:c7:97:1c:c7:92:07:c9:c2:3a:f8:cc:
c6:8d:be:62:4f:e5:5d:27:31:f9:a2:61:38:9d:8e:
24:90:d6:7c:70:c4:00:73:93:1d:fa:67:d5:00:da:
db:84:90:26:fb:0d:c9:a1:eb:06:f9:84:ac:08:fb:
d9:d3:b8:20:d2:d6:6a:57:3c:43:20:6a:4e:23:ff:
1f:10:28:34:46:be:ba:c0:d9:3e:36:53:9a:84:09:
88:8e:cf:dc:20:96:a5:32:e4:18:1e:1f:26:e1:34:
12:67:bc:d0:8a:b1:69:42:e6:de:7c:52:45:e2:7b:
50:53:74:06:3c:a5:0d:1e:71:57:41:b6:18:0d:24:
fd:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:7B:C0:09:0B:AE:F3:66:FE:88:1B:0A:6C:37:AA:BF:77:7D:DF:39
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/MnvACQuu82b-iBsKbDeqv3d93zk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
48:81:36:f3:22:2c:75:91:ab:0b:93:8f:38:a5:4b:56:2a:b1:
1a:90:b5:e1:0f:8e:1f:9b:fa:50:52:de:f6:69:82:4d:e4:78:
98:ff:53:d5:3c:73:ef:d6:64:01:d1:43:5b:aa:b3:57:c4:ba:
66:50:41:92:3d:c4:e1:96:55:21:c9:16:c4:c7:26:44:7f:ea:
8f:4f:6d:1f:fd:8e:a6:69:7d:a9:60:a3:f9:4f:15:f6:19:41:
0f:03:87:75:27:42:3b:b3:62:09:3f:9d:1a:2f:33:d8:26:fb:
c5:81:00:93:2c:96:2b:74:36:ad:f9:91:32:43:8c:58:81:ca:
14:28:69:15:6b:19:2a:fc:dd:68:8c:aa:0e:bc:82:21:00:bf:
32:7a:d1:1b:76:3d:1d:0c:33:b7:6a:90:74:e4:c9:41:cd:97:
46:62:55:3d:b7:94:3b:59:5e:9a:96:5f:47:a2:d9:7e:77:16:
20:f3:a2:34:37:72:bc:a5:ae:6c:af:86:3a:4d:84:1b:f1:52:
f7:49:68:b4:18:6c:37:c5:c4:72:cb:37:e2:7f:7f:26:e2:fb:
a2:69:5e:46:4c:e6:ed:93:8c:e5:40:76:bb:7c:eb:ec:b6:ab:
47:7e:bc:f7:73:27:54:ce:bb:ad:4b:61:e0:37:de:84:cb:6b:
fe:e3:f1:ee
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNE4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjkw
NzUyMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDMyN0JDMDA5MEJBRUYz
NjZGRTg4MUIwQTZDMzdBQUJGNzc3RERGMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCw6RBZrQL9ZmhxLb5w7KIDQ+rggNUf3FuXa4IR9PD16oPyiinZ
mkTFuZhexDKYLQCXZvYzu1DK/5LqESMOojg59gi60ik15JfnDl0duHmg0WBuabz8
Td7jN7XHljoFX5J4x5giKZzO6FAYIQ44ozGattM9d2yPLmZU4SrHlxzHkgfJwjr4
zMaNvmJP5V0nMfmiYTidjiSQ1nxwxABzkx36Z9UA2tuEkCb7Dcmh6wb5hKwI+9nT
uCDS1mpXPEMgak4j/x8QKDRGvrrA2T42U5qECYiOz9wglqUy5BgeHybhNBJnvNCK
sWlC5t58UkXie1BTdAY8pQ0ecVdBthgNJP3RAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUMnvACQuu82b+iBsKbDeqv3d93zkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L01udkFDUXV1ODJiLWlC
c0tiRGVxdjNkOTN6ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEASIE28yIsdZGrC5OPOKVLViqxGpC14Q+O
H5v6UFLe9mmCTeR4mP9T1Txz79ZkAdFDW6qzV8S6ZlBBkj3E4ZZVIckWxMcmRH/q
j09tH/2Opml9qWCj+U8V9hlBDwOHdSdCO7NiCT+dGi8z2Cb7xYEAkyyWK3Q2rfmR
MkOMWIHKFChpFWsZKvzdaIyqDryCIQC/MnrRG3Y9HQwzt2qQdOTJQc2XRmJVPbeU
O1lempZfR6LZfncWIPOiNDdyvKWubK+GOk2EG/FS90lotBhsN8XEcss34n9/JuL7
omleRkzm7ZOM5UB2u3zr7LarR36893MnVM67rUth4DfehMtr/uPx7g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:21 2024 by rpki-client on console-fra.rpki-client.org