Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/LKBaT_1TaBvc-hvXY7GtnIl3NVU.roa
File: LKBaT_1TaBvc-hvXY7GtnIl3NVU.roa (raw, json)
Hash identifier: lbgXJ6d0d1KSNJqiO/10LGezvixEzK7D2CnaobJ7mIA=
Subject key identifier: 2C:A0:5A:4F:FD:53:68:1B:DC:FA:1B:D7:63:B1:AD:9C:89:77:35:55
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 35F5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LKBaT_1TaBvc-hvXY7GtnIl3NVU.roa
Signing time: Sun 31 Mar 2024 12:52:10 +0000
ROA not before: Sun 31 Mar 2024 12:52:10 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13813 (0x35f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 31 12:52:10 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2CA05A4FFD53681BDCFA1BD763B1AD9C89773555
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e7:08:d1:53:65:43:ac:dd:91:bb:71:99:c5:
44:96:c5:00:92:d4:bb:12:53:70:bc:29:9b:d7:59:
7f:c3:44:a5:df:f1:97:ef:79:a4:ec:6c:cc:94:a8:
48:b7:7a:c7:cf:e2:7d:9b:da:ed:69:0d:d7:9d:e9:
76:1d:7a:28:44:77:d2:ad:38:38:93:88:6b:29:4b:
6f:b8:a3:ff:73:02:76:66:b7:ac:ef:b9:66:b4:56:
ed:38:34:df:e3:86:64:41:1d:d7:e3:56:c6:25:fe:
37:3b:40:70:36:2b:00:29:7b:be:72:6a:07:c7:f7:
71:da:36:49:8b:f7:d5:e1:ac:a9:29:53:18:e5:5a:
04:6a:e2:c6:80:79:c3:59:a3:8d:da:4a:35:5c:03:
ca:14:76:dc:ae:df:01:3a:c4:ba:d6:90:d1:32:80:
de:de:61:2e:60:47:50:a8:01:06:00:75:d4:74:2f:
f2:38:c8:7a:6a:ba:4b:28:9e:cd:bb:50:d1:1f:34:
6a:92:49:c1:d2:fe:2a:dd:9c:e4:04:58:63:f2:a5:
bb:d5:90:00:3c:e7:0f:6f:56:1e:22:a2:d3:81:12:
72:6a:9b:66:27:7b:00:df:98:45:12:f7:8a:04:4f:
74:f8:01:ad:ba:cf:eb:a3:ed:0a:6b:ce:df:eb:f0:
f5:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:A0:5A:4F:FD:53:68:1B:DC:FA:1B:D7:63:B1:AD:9C:89:77:35:55
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LKBaT_1TaBvc-hvXY7GtnIl3NVU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
97:2e:af:78:0f:39:30:77:67:bf:89:2a:c6:3a:67:6d:0c:18:
7a:11:a3:ab:f4:c8:7a:51:a0:08:e6:f4:79:45:04:40:37:b1:
23:1d:86:0b:9b:23:db:ff:c0:29:8a:eb:5d:60:34:8f:db:92:
5a:87:6e:67:ce:0d:25:a0:44:72:a7:17:94:3b:dd:04:c4:9b:
da:63:dc:e7:1f:dc:fa:8f:e6:4c:7d:4b:5f:87:4c:40:4c:62:
7b:5d:0c:97:f0:2d:ed:d9:c9:50:c3:b4:65:b6:ef:23:0d:11:
9f:4a:65:b0:78:a0:25:a8:3c:4e:e0:9a:4b:24:63:b4:d1:c9:
c0:6f:71:6a:8e:8d:1c:00:50:c9:7b:ab:a1:27:fb:a8:85:c1:
da:13:75:fa:4f:7e:2f:83:1b:87:9d:70:88:1e:42:8b:b7:e0:
c2:fd:cd:dd:fe:39:da:d5:4e:3e:38:03:ba:dd:8e:c4:3b:1c:
8e:2a:ae:ea:a1:e4:c2:18:f5:2d:53:1c:45:de:dd:39:c4:88:
71:e3:7a:15:ea:96:eb:2c:ea:a0:c5:4b:8b:17:76:bf:f1:ea:
f4:0d:0f:c4:94:a5:dc:57:29:59:f3:d2:61:69:10:58:8a:3c:
d4:0b:57:96:2c:b0:89:b6:a1:2a:83:dd:b1:73:c0:aa:12:e3:
49:4e:83:16
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNfUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzEx
MjUyMTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJDQTA1QTRGRkQ1MzY4
MUJEQ0ZBMUJENzYzQjFBRDlDODk3NzM1NTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC25wjRU2VDrN2Ru3GZxUSWxQCS1LsSU3C8KZvXWX/DRKXf8Zfv
eaTsbMyUqEi3esfP4n2b2u1pDded6XYdeihEd9KtODiTiGspS2+4o/9zAnZmt6zv
uWa0Vu04NN/jhmRBHdfjVsYl/jc7QHA2KwApe75yagfH93HaNkmL99XhrKkpUxjl
WgRq4saAecNZo43aSjVcA8oUdtyu3wE6xLrWkNEygN7eYS5gR1CoAQYAddR0L/I4
yHpquksons27UNEfNGqSScHS/irdnOQEWGPypbvVkAA85w9vVh4iotOBEnJqm2Yn
ewDfmEUS94oET3T4Aa26z+uj7Qprzt/r8PVrAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQULKBaT/1TaBvc+hvXY7GtnIl3NVUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0xLQmFUXzFUYUJ2Yy1o
dlhZN0d0bklsM05WVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAJcur3gPOTB3Z7+J
KsY6Z20MGHoRo6v0yHpRoAjm9HlFBEA3sSMdhgubI9v/wCmK611gNI/bklqHbmfO
DSWgRHKnF5Q73QTEm9pj3Ocf3PqP5kx9S1+HTEBMYntdDJfwLe3ZyVDDtGW27yMN
EZ9KZbB4oCWoPE7gmkskY7TRycBvcWqOjRwAUMl7q6En+6iFwdoTdfpPfi+DG4ed
cIgeQou34ML9zd3+OdrVTj44A7rdjsQ7HI4qruqh5MIY9S1THEXe3TnEiHHjehXq
luss6qDFS4sXdr/x6vQND8SUpdxXKVnz0mFpEFiKPNQLV5YssIm2oSqD3bFzwKoS
40lOgxY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:32 2024 by rpki-client on console-ams.rpki-client.org