Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/LBO_nmsajZox3TdgVKJP23a7IIY.roa
File: LBO_nmsajZox3TdgVKJP23a7IIY.roa (raw, json)
Hash identifier: i+3niDfZx4FFQbNJF9dDqfVl8nQ2M971mbGaEidsJnE=
Subject key identifier: 2C:13:BF:9E:6B:1A:8D:9A:31:DD:37:60:54:A2:4F:DB:76:BB:20:86
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3EF2
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LBO_nmsajZox3TdgVKJP23a7IIY.roa
Signing time: Fri 12 Apr 2024 12:22:49 +0000
ROA not before: Fri 12 Apr 2024 12:22:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16114 (0x3ef2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 12 12:22:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2C13BF9E6B1A8D9A31DD376054A24FDB76BB2086
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:56:b4:b9:9f:06:23:b2:68:3c:75:03:7c:0d:
ac:5e:2a:3e:5d:8a:5c:0f:8d:57:1c:f9:66:22:cd:
21:31:6f:11:9d:41:a9:40:ce:3f:8d:2f:5c:72:18:
71:a6:3b:30:0c:c9:cc:bc:ac:41:15:05:78:e2:95:
b1:c1:7d:78:94:b6:bb:26:a3:df:cc:ec:7d:4d:03:
00:3d:53:fd:55:22:af:cd:7f:9a:9a:7c:74:14:ad:
2a:20:7c:c0:60:97:8a:71:ba:34:9e:43:2a:24:b7:
82:a0:b4:70:6e:e6:2a:44:37:65:ad:e4:99:b5:25:
46:5c:d3:e9:4b:85:1b:8e:4d:9d:a2:87:74:47:99:
37:a4:81:43:4d:f6:2e:5a:f3:ba:55:6d:f9:09:7e:
46:2a:f9:b1:93:2a:29:57:a9:a1:85:c9:f3:cc:06:
a0:bc:56:aa:5e:24:4a:6b:4d:26:14:89:df:04:77:
99:5c:7f:93:ec:70:24:48:ad:34:1e:51:e8:a7:08:
c2:91:2c:01:9d:98:84:35:1f:c9:04:92:d4:10:b8:
a4:6e:a1:4d:71:3f:1b:3d:5b:6c:ac:7f:d6:e8:c6:
94:49:c1:00:c6:d6:42:e9:8d:58:5d:d6:b8:42:c8:
a4:41:cf:14:a9:7c:33:4b:78:54:f3:00:44:3a:0e:
47:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:13:BF:9E:6B:1A:8D:9A:31:DD:37:60:54:A2:4F:DB:76:BB:20:86
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LBO_nmsajZox3TdgVKJP23a7IIY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b3:2d:9e:70:14:90:08:90:40:28:d0:31:00:00:c6:60:48:a5:
7d:6a:f4:86:e4:fd:21:8c:1e:f7:50:24:18:76:50:e6:79:8b:
b7:45:ab:9d:82:3b:ff:9b:75:28:0b:e9:09:c1:5b:e5:5d:ce:
a0:d8:e5:c0:56:7b:8a:57:e7:09:79:f5:9a:9e:f0:ca:ee:29:
5c:dc:83:19:d3:b8:2d:14:8e:73:c4:8d:c9:4c:3e:0f:70:15:
98:17:dd:42:b0:be:e5:79:0c:1f:df:36:f0:7f:a2:e3:ee:47:
99:e5:7c:a8:83:37:42:49:60:8c:8f:42:a4:1d:3b:23:df:01:
8b:2f:c8:db:5a:49:8b:b6:33:29:52:6e:1e:22:a2:36:72:e7:
7a:e5:cf:2d:a0:8f:e6:a3:d8:4f:6e:f3:89:a4:60:e0:ac:c8:
86:c6:b2:00:0b:86:6a:6e:79:12:55:e5:41:f8:78:1c:ac:36:
27:27:d1:9e:8a:13:39:fa:33:50:94:22:ec:4d:ac:76:39:a8:
88:75:0e:92:b3:9a:2b:28:e8:1a:30:cb:2b:4e:7b:af:c2:13:
ce:40:94:a6:cb:48:5a:9d:c8:9a:de:8a:ea:37:d5:2a:72:f4:
69:3a:c7:25:64:6d:98:9b:5a:0a:09:97:6a:2f:a7:3e:42:e8:
3d:ad:fb:32
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICPvIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MTIx
MjIyNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJDMTNCRjlFNkIxQThE
OUEzMUREMzc2MDU0QTI0RkRCNzZCQjIwODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFVrS5nwYjsmg8dQN8DaxeKj5dilwPjVcc+WYizSExbxGdQalA
zj+NL1xyGHGmOzAMycy8rEEVBXjilbHBfXiUtrsmo9/M7H1NAwA9U/1VIq/Nf5qa
fHQUrSogfMBgl4pxujSeQyokt4KgtHBu5ipEN2Wt5Jm1JUZc0+lLhRuOTZ2ih3RH
mTekgUNN9i5a87pVbfkJfkYq+bGTKilXqaGFyfPMBqC8VqpeJEprTSYUid8Ed5lc
f5PscCRIrTQeUeinCMKRLAGdmIQ1H8kEktQQuKRuoU1xPxs9W2ysf9boxpRJwQDG
1kLpjVhd1rhCyKRBzxSpfDNLeFTzAEQ6DketAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQULBO/nmsajZox3TdgVKJP23a7IIYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0xCT19ubXNhalpveDNU
ZGdWS0pQMjNhN0lJWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAsy2ecBSQCJBAKNAxAADGYEilfWr0huT9
IYwe91AkGHZQ5nmLt0WrnYI7/5t1KAvpCcFb5V3OoNjlwFZ7ilfnCXn1mp7wyu4p
XNyDGdO4LRSOc8SNyUw+D3AVmBfdQrC+5XkMH9828H+i4+5HmeV8qIM3QklgjI9C
pB07I98Biy/I21pJi7YzKVJuHiKiNnLneuXPLaCP5qPYT27ziaRg4KzIhsayAAuG
am55ElXlQfh4HKw2JyfRnooTOfozUJQi7E2sdjmoiHUOkrOaKyjoGjDLK057r8IT
zkCUpstIWp3Imt6K6jfVKnL0aTrHJWRtmJtaCgmXai+nPkLoPa37Mg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:27:37 2025 by rpki-client