Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/LDFEqC6GrWKiId3kF5ihi94XDTE.roa
File: LDFEqC6GrWKiId3kF5ihi94XDTE.roa (raw, json)
Hash identifier: g1bJqFop7AK5S0lKoiniCxEqSzbz6N1i0lpMmYikd+0=
Subject key identifier: 2C:31:44:A8:2E:86:AD:62:A2:21:DD:E4:17:98:A1:8B:DE:17:0D:31
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 37B5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LDFEqC6GrWKiId3kF5ihi94XDTE.roa
Signing time: Tue 02 Apr 2024 20:52:18 +0000
ROA not before: Tue 02 Apr 2024 20:52:18 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14261 (0x37b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 2 20:52:18 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2C3144A82E86AD62A221DDE41798A18BDE170D31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:27:0c:b6:11:e5:50:25:aa:69:03:3e:a3:27:
73:b1:8a:0a:97:06:d6:71:e2:59:39:e7:d4:8d:ad:
5c:b4:7c:75:f5:a1:47:06:f9:73:05:e3:af:d5:98:
d2:9b:65:b8:52:62:4f:5a:cc:c7:8c:3c:c8:6a:60:
e1:9d:90:cd:77:22:e7:e3:49:5c:07:33:ed:c5:41:
23:2f:34:8e:d2:3a:5b:be:a3:48:21:2e:5c:cd:cb:
36:35:64:d0:c6:75:b3:56:85:91:13:a5:98:1d:3d:
13:91:8a:77:46:0d:88:00:4c:6e:ba:f4:3c:e6:b2:
a4:91:56:13:a0:66:c4:d3:cc:48:ce:b5:b8:11:3b:
13:5e:9b:4a:22:19:e6:96:b4:51:5e:28:01:de:1c:
e6:47:cb:96:cf:5a:f4:ba:60:84:cf:9c:94:7e:15:
2a:ee:a2:e5:f1:49:d2:2e:f9:a8:72:5f:29:24:10:
46:ff:98:75:17:37:4a:6f:2f:af:a7:eb:1c:51:ba:
4c:02:e0:f1:d5:c9:8b:f1:18:8f:12:85:cd:87:0f:
ee:2b:98:c6:5e:b2:4d:d0:e8:a6:b3:3a:00:6d:95:
b4:7d:11:95:49:ab:88:ee:a3:52:78:6c:04:a1:b7:
a5:ef:92:1c:80:75:65:d6:34:08:88:d7:8e:69:24:
9f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:31:44:A8:2E:86:AD:62:A2:21:DD:E4:17:98:A1:8B:DE:17:0D:31
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LDFEqC6GrWKiId3kF5ihi94XDTE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
b7:7e:93:0e:ee:f4:3d:7a:c1:fa:2a:5b:b9:c5:72:db:08:5e:
b1:85:46:15:10:64:bd:32:0f:2d:ee:0a:6c:dc:92:2e:af:f2:
0f:49:dc:64:81:ff:c6:fc:e8:c5:68:5b:dd:bf:63:72:43:80:
f2:6b:f2:a4:fa:f4:12:47:0e:ab:29:98:c2:bb:a4:07:ef:7f:
3c:bf:61:ef:cb:05:02:78:ec:2c:be:27:93:d2:94:83:1d:44:
9b:3f:5f:09:ea:7e:a1:34:95:39:cc:8d:39:97:12:7f:b0:ec:
e2:9d:3b:42:f8:17:02:85:be:f9:f6:bc:2b:62:01:dc:f0:ca:
09:7d:6b:60:4c:e0:71:1c:e6:4d:75:53:9b:0a:fd:09:7f:2d:
e1:10:36:3e:7c:3d:bf:0c:13:40:c9:19:87:01:23:31:e2:47:
2e:0a:b9:92:f6:f5:48:bc:fa:a8:30:19:da:62:5a:8c:5b:cd:
ee:98:d9:68:9a:0b:63:ad:57:44:ff:9d:a6:7c:95:f6:84:92:
1c:22:8f:8d:9e:e2:86:90:c9:b4:4e:40:c1:fe:09:cf:28:12:
b5:38:15:91:93:7a:2a:f8:bc:04:37:59:30:84:a6:8d:26:5c:
4a:8d:14:d3:8f:fa:db:cc:5b:8d:9a:09:16:29:5a:ee:56:7f:
cd:c9:e3:e6
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICN7UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDIy
MDUyMThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJDMzE0NEE4MkU4NkFE
NjJBMjIxRERFNDE3OThBMThCREUxNzBEMzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVJwy2EeVQJappAz6jJ3OxigqXBtZx4lk559SNrVy0fHX1oUcG
+XMF46/VmNKbZbhSYk9azMeMPMhqYOGdkM13IufjSVwHM+3FQSMvNI7SOlu+o0gh
LlzNyzY1ZNDGdbNWhZETpZgdPRORindGDYgATG669DzmsqSRVhOgZsTTzEjOtbgR
OxNem0oiGeaWtFFeKAHeHOZHy5bPWvS6YITPnJR+FSruouXxSdIu+ahyXykkEEb/
mHUXN0pvL6+n6xxRukwC4PHVyYvxGI8Shc2HD+4rmMZesk3Q6KazOgBtlbR9EZVJ
q4juo1J4bASht6XvkhyAdWXWNAiI145pJJ+FAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQULDFEqC6GrWKiId3kF5ihi94XDTEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0xERkVxQzZHcldLaUlk
M2tGNWloaTk0WERURS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBALd+kw7u9D16wfoq
W7nFctsIXrGFRhUQZL0yDy3uCmzcki6v8g9J3GSB/8b86MVoW92/Y3JDgPJr8qT6
9BJHDqspmMK7pAfvfzy/Ye/LBQJ47Cy+J5PSlIMdRJs/XwnqfqE0lTnMjTmXEn+w
7OKdO0L4FwKFvvn2vCtiAdzwygl9a2BM4HEc5k11U5sK/Ql/LeEQNj58Pb8ME0DJ
GYcBIzHiRy4KuZL29Ui8+qgwGdpiWoxbze6Y2WiaC2OtV0T/naZ8lfaEkhwij42e
4oaQybROQMH+Cc8oErU4FZGTeir4vAQ3WTCEpo0mXEqNFNOP+tvMW42aCRYpWu5W
f83J4+Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:20 2024 by rpki-client on console-fra.rpki-client.org