Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/LVK6KM5Sa1gHAMVUc8pXMKfSpOY.roa
File: LVK6KM5Sa1gHAMVUc8pXMKfSpOY.roa (raw, json)
Hash identifier: 8n6pLcaY7yMr0LfZObfGg2jUxKqKaJw79q4m28yFCuQ=
Subject key identifier: 2D:52:BA:28:CE:52:6B:58:07:00:C5:54:73:CA:57:30:A7:D2:A4:E6
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4EEA
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LVK6KM5Sa1gHAMVUc8pXMKfSpOY.roa
Signing time: Fri 03 May 2024 19:23:54 +0000
ROA not before: Fri 03 May 2024 19:23:54 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20202 (0x4eea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 3 19:23:54 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2D52BA28CE526B580700C55473CA5730A7D2A4E6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:13:0d:a8:8a:90:3d:13:01:19:20:a2:94:e8:
26:19:b5:c9:7a:26:b3:78:4c:da:97:a8:5c:83:36:
87:2e:56:ed:fd:e0:4f:97:e2:2d:4a:d3:8b:eb:8b:
11:12:ec:e4:cd:e9:65:12:5c:f8:5b:e6:fa:8a:be:
2c:bb:19:9d:29:ce:89:0e:b8:f2:60:61:de:81:c8:
aa:5e:85:4e:ce:57:e6:a4:53:08:a8:5c:25:26:40:
b1:64:29:e1:69:e2:d7:38:2f:d9:21:c0:f2:95:1f:
2f:4e:34:3c:9c:1e:aa:cf:66:07:65:35:75:bd:84:
f3:d8:37:98:e2:9e:85:1b:b3:b9:3f:20:06:cc:bc:
38:57:ff:00:d3:40:b4:eb:a2:46:eb:59:48:9d:85:
61:f6:db:d9:b6:a8:74:1b:86:8d:c8:b9:2b:d7:f9:
85:90:72:ac:2f:68:11:e1:83:28:94:53:02:58:e9:
b6:f1:6a:c4:d7:8b:f1:81:db:5e:3e:92:b8:2d:16:
24:b1:23:df:fd:95:ea:f4:b8:35:9a:2a:9f:ec:12:
80:6a:a3:03:67:b9:ce:32:9b:d5:2a:2f:27:dd:ba:
a4:03:68:41:f3:08:52:b1:3a:e3:ed:2a:bf:33:ca:
2a:39:bc:10:2a:7d:96:25:e1:89:69:d3:ef:c1:73:
b5:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:52:BA:28:CE:52:6B:58:07:00:C5:54:73:CA:57:30:A7:D2:A4:E6
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LVK6KM5Sa1gHAMVUc8pXMKfSpOY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1e:2e:92:4d:f0:52:79:d4:09:33:1a:36:e8:66:08:b7:f9:90:
9e:fa:26:8b:6a:0b:a3:c4:32:5e:fc:ed:2a:ce:56:50:66:44:
18:56:7b:06:b1:cf:25:c0:2e:6a:a0:56:31:4a:d9:a7:4a:96:
c3:23:49:6e:12:0d:15:d0:0b:28:65:ed:cc:40:e1:f1:0e:f8:
0f:22:6e:f3:1f:4e:54:78:45:ca:ae:22:f8:b7:75:b3:7e:54:
1b:4a:36:2c:99:df:08:41:5f:a4:91:51:5a:e3:de:ca:53:0d:
1b:f2:91:bf:6d:d4:ad:f2:14:28:26:da:6e:c3:3c:e9:e6:3c:
13:52:f9:74:ab:73:7e:f8:9e:bc:7e:b8:a4:8b:9f:9a:68:04:
a4:d8:b5:51:0c:d9:e7:d3:a6:00:ec:d1:dd:92:46:77:36:85:
dc:f4:6b:73:e2:49:22:c8:08:57:3f:22:28:d3:16:a2:ee:bd:
73:00:9a:87:f8:62:c1:3c:ea:1d:fa:66:74:57:2a:a3:f4:26:
26:91:a1:bb:a6:bd:23:b1:44:b0:8a:44:7e:35:d6:6e:73:7f:
bd:12:72:ab:fb:8b:e0:71:e7:cb:cb:84:b8:69:9c:94:3e:dc:
c9:77:b5:be:07:d4:ac:01:8e:04:69:d6:66:98:8a:12:e9:93:
c8:f1:97:18
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICTuowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDMx
OTIzNTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJENTJCQTI4Q0U1MjZC
NTgwNzAwQzU1NDczQ0E1NzMwQTdEMkE0RTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtEw2oipA9EwEZIKKU6CYZtcl6JrN4TNqXqFyDNocuVu394E+X
4i1K04vrixES7OTN6WUSXPhb5vqKviy7GZ0pzokOuPJgYd6ByKpehU7OV+akUwio
XCUmQLFkKeFp4tc4L9khwPKVHy9ONDycHqrPZgdlNXW9hPPYN5jinoUbs7k/IAbM
vDhX/wDTQLTrokbrWUidhWH229m2qHQbho3IuSvX+YWQcqwvaBHhgyiUUwJY6bbx
asTXi/GB214+krgtFiSxI9/9ler0uDWaKp/sEoBqowNnuc4ym9UqLyfduqQDaEHz
CFKxOuPtKr8zyio5vBAqfZYl4Ylp0+/Bc7UdAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQULVK6KM5Sa1gHAMVUc8pXMKfSpOYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0xWSzZLTTVTYTFnSEFN
VlVjOHBYTUtmU3BPWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAHi6STfBSedQJMxo26GYIt/mQnvomi2oL
o8QyXvztKs5WUGZEGFZ7BrHPJcAuaqBWMUrZp0qWwyNJbhINFdALKGXtzEDh8Q74
DyJu8x9OVHhFyq4i+Ld1s35UG0o2LJnfCEFfpJFRWuPeylMNG/KRv23UrfIUKCba
bsM86eY8E1L5dKtzfvievH64pIufmmgEpNi1UQzZ59OmAOzR3ZJGdzaF3PRrc+JJ
IsgIVz8iKNMWou69cwCah/hiwTzqHfpmdFcqo/QmJpGhu6a9I7FEsIpEfjXWbnN/
vRJyq/uL4HHny8uEuGmclD7cyXe1vgfUrAGOBGnWZpiKEumTyPGXGA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:38:57 2025 by rpki-client