Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/MuS8JTuzigwMVd034Dw4KANELOQ.roa
File: MuS8JTuzigwMVd034Dw4KANELOQ.roa (raw, json)
Hash identifier: K4poIwf1l5BDYywNK1LhI75ab9btSbvPYvPSA5MPw6g=
Subject key identifier: 32:E4:BC:25:3B:B3:8A:0C:0C:55:DD:37:E0:3C:38:28:03:44:2C:E4
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 40D2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/MuS8JTuzigwMVd034Dw4KANELOQ.roa
Signing time: Mon 15 Apr 2024 00:22:53 +0000
ROA not before: Mon 15 Apr 2024 00:22:53 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16594 (0x40d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 15 00:22:53 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=32E4BC253BB38A0C0C55DD37E03C382803442CE4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1e:0d:76:48:91:62:eb:34:df:a4:21:f5:66:
ab:20:96:00:33:cb:8d:5c:8d:c5:74:30:5b:7f:ad:
9b:d9:8a:ba:3d:a7:d2:a6:b5:30:7e:74:b1:6d:38:
f5:50:a3:8b:67:73:77:6b:de:c9:52:b2:c8:06:6a:
15:1c:e8:a6:30:06:9e:32:98:1e:2e:1c:67:d6:6c:
75:a8:79:b0:7b:3a:93:1a:3e:11:fa:cb:11:c8:00:
10:1f:04:c3:61:92:ed:7d:11:dd:ac:36:0b:ba:24:
1f:46:8d:9b:42:2b:f7:d4:bc:04:c0:8f:81:dc:66:
6b:20:19:4a:4c:e0:82:87:24:3c:ef:2f:76:91:4f:
5e:20:42:82:99:e6:ef:dd:41:46:c3:04:5b:1c:2d:
26:25:61:bc:e5:c4:19:67:82:a8:90:fe:5b:b6:02:
a6:d7:44:7f:2d:3b:74:95:db:91:7d:dd:4a:c2:04:
e0:9a:81:c6:2c:98:32:23:45:f2:55:e7:b3:e4:a2:
2a:3f:72:83:29:3b:ca:7e:8f:18:59:bc:c9:88:29:
55:bc:93:fe:29:b3:05:20:86:c5:28:92:75:f7:a7:
4a:ca:22:95:08:c8:9b:44:1b:c0:ea:04:d8:25:51:
e2:b9:ea:f8:64:e4:49:07:d6:62:98:44:01:5d:01:
19:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:E4:BC:25:3B:B3:8A:0C:0C:55:DD:37:E0:3C:38:28:03:44:2C:E4
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/MuS8JTuzigwMVd034Dw4KANELOQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
17:53:43:d7:3d:be:e0:92:eb:6f:4a:70:f8:71:ce:09:e4:11:
1d:1e:2e:8e:e4:03:a4:de:a2:a9:20:93:8b:47:23:be:4b:d6:
5d:54:a5:6d:ce:72:14:8f:48:8e:75:27:07:cc:48:0d:03:72:
52:e5:d0:76:ad:81:56:88:31:14:dd:e5:f0:86:36:9b:df:54:
44:20:dc:31:61:31:a3:53:3a:f6:e0:65:5c:3a:10:d0:5e:4b:
c3:b5:93:c0:13:70:aa:6f:2c:3a:3f:22:79:10:bb:8c:a4:46:
8d:e0:af:a5:ca:d8:f7:25:a5:72:5b:4a:34:0f:19:81:67:fb:
b2:ba:05:93:e9:62:74:ab:fe:7a:30:74:e8:4b:d7:9c:3a:19:
1a:45:c9:6a:55:80:90:23:85:47:fc:8b:e6:47:85:ec:7b:b4:
6a:8d:49:34:77:c4:4d:da:b3:d9:01:ce:56:02:ec:af:2e:6a:
95:31:c6:de:ef:c0:ca:79:20:f2:8d:a7:13:09:e9:a7:f8:92:
a8:d0:6c:0f:5a:d7:94:cf:6f:05:97:98:1e:fb:17:55:07:a1:
fd:e2:c4:55:b7:79:c1:cd:58:26:4f:bc:9c:db:24:52:11:8a:
7b:f4:6f:59:7e:e9:9b:d5:0c:bf:c5:48:3f:be:14:80:39:89:
d3:3f:68:fc
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICQNIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTUw
MDIyNTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDMyRTRCQzI1M0JCMzhB
MEMwQzU1REQzN0UwM0MzODI4MDM0NDJDRTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8Hg12SJFi6zTfpCH1ZqsglgAzy41cjcV0MFt/rZvZiro9p9Km
tTB+dLFtOPVQo4tnc3dr3slSssgGahUc6KYwBp4ymB4uHGfWbHWoebB7OpMaPhH6
yxHIABAfBMNhku19Ed2sNgu6JB9GjZtCK/fUvATAj4HcZmsgGUpM4IKHJDzvL3aR
T14gQoKZ5u/dQUbDBFscLSYlYbzlxBlngqiQ/lu2AqbXRH8tO3SV25F93UrCBOCa
gcYsmDIjRfJV57Pkoio/coMpO8p+jxhZvMmIKVW8k/4pswUghsUoknX3p0rKIpUI
yJtEG8DqBNglUeK56vhk5EkH1mKYRAFdARnhAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUMuS8JTuzigwMVd034Dw4KANELOQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L011UzhKVHV6aWd3TVZk
MDM0RHc0S0FORUxPUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAF1ND1z2+4JLrb0pw+HHOCeQRHR4ujuQD
pN6iqSCTi0cjvkvWXVSlbc5yFI9IjnUnB8xIDQNyUuXQdq2BVogxFN3l8IY2m99U
RCDcMWExo1M69uBlXDoQ0F5Lw7WTwBNwqm8sOj8ieRC7jKRGjeCvpcrY9yWlcltK
NA8ZgWf7sroFk+lidKv+ejB06EvXnDoZGkXJalWAkCOFR/yL5keF7Hu0ao1JNHfE
Tdqz2QHOVgLsry5qlTHG3u/Aynkg8o2nEwnpp/iSqNBsD1rXlM9vBZeYHvsXVQeh
/eLEVbd5wc1YJk+8nNskUhGKe/RvWX7pm9UMv8VIP74UgDmJ0z9o/A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:34 2024 by rpki-client on console-ams.rpki-client.org