Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/LbvXZGF0jkwgY9COlZCuAYGWasM.roa
File: LbvXZGF0jkwgY9COlZCuAYGWasM.roa (raw, json)
Hash identifier: 5TDCTdHxDHgQ2wS/tuh2gupjH/YdSsYxqHEpVOGVNeo=
Subject key identifier: 2D:BB:D7:64:61:74:8E:4C:20:63:D0:8E:95:90:AE:01:81:96:6A:C3
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 36A6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LbvXZGF0jkwgY9COlZCuAYGWasM.roa
Signing time: Mon 01 Apr 2024 10:52:17 +0000
ROA not before: Mon 01 Apr 2024 10:52:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13990 (0x36a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 1 10:52:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2DBBD76461748E4C2063D08E9590AE0181966AC3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:7e:16:f2:44:cf:1d:0a:7b:dd:cf:e8:39:79:
b0:a5:cd:64:fc:11:03:9f:86:57:8c:e1:50:86:06:
8a:22:b0:20:4b:1c:e4:4e:c6:ba:1c:f7:05:a6:97:
34:95:c8:4b:8f:bf:c0:14:69:58:78:62:55:ea:c6:
04:fd:54:23:a6:77:97:a2:4f:29:52:fa:2c:69:6f:
bb:ee:4a:00:41:45:7e:a0:cb:21:c3:6d:c6:e0:e3:
64:2f:0c:e6:87:b0:65:64:8e:aa:55:eb:72:32:ce:
35:08:25:c2:fa:ec:56:a3:69:72:ec:99:17:a2:8f:
d7:55:f4:c2:27:8e:d0:f3:70:75:21:77:17:13:3b:
f8:80:29:34:eb:5f:cf:12:2c:ed:99:3e:8b:6b:17:
5a:1b:55:c5:d8:1b:a6:2d:27:a6:f9:4e:1c:eb:5e:
d8:c6:19:2a:f9:c1:7c:5a:c1:69:3a:9b:0d:88:b7:
f5:10:6d:fe:6e:5e:7f:60:c6:7c:f8:1e:44:3e:eb:
33:52:22:7d:e8:af:9a:d0:c5:f3:c3:78:f7:80:e6:
8d:fc:ce:5e:b0:89:16:f5:38:45:41:f9:d0:76:e0:
58:22:48:32:c9:cd:fe:30:f0:f5:10:b0:ea:94:24:
7d:8d:fe:ae:4c:77:33:a2:a8:a2:15:3a:b5:d1:51:
ec:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:BB:D7:64:61:74:8E:4C:20:63:D0:8E:95:90:AE:01:81:96:6A:C3
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LbvXZGF0jkwgY9COlZCuAYGWasM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
72:97:b1:1d:0a:1b:ae:12:c7:2f:10:0c:00:3a:cf:cc:78:e2:
fd:6a:10:82:b8:7e:4a:dd:c8:90:47:e8:32:45:00:04:21:2f:
8a:a5:9d:34:43:91:cc:2d:f3:be:fb:e0:d8:15:5a:44:46:5f:
ea:ed:33:ba:76:9b:70:35:22:4e:97:29:df:00:8a:ac:e0:e3:
db:8e:67:92:90:c5:15:cb:29:0f:48:99:a0:68:48:98:ef:68:
ac:f6:7c:72:d4:f9:f3:4f:4d:6b:b9:59:ba:39:61:9d:2f:db:
10:7c:3d:a8:e3:2f:1a:85:e8:d0:67:48:cc:c1:a8:de:36:56:
3e:53:87:b9:25:57:61:6f:b9:e0:f6:82:ed:51:16:9b:60:25:
3c:21:9b:d0:06:82:c9:d1:d0:f5:c7:3f:f7:4f:ec:91:e1:2d:
75:04:ef:39:34:a4:2c:ff:59:d2:96:15:74:7b:17:05:76:61:
d2:bc:62:b4:19:40:bf:d8:2d:d6:f6:76:0a:b3:32:97:f8:31:
98:36:80:b1:a3:fd:8d:e6:0b:93:18:6a:f1:20:68:d3:2c:17:
12:ff:15:19:e1:86:df:49:58:36:ce:1e:d8:c4:45:5d:64:2f:
ab:56:f5:f5:3e:eb:b2:27:6e:86:c5:34:a5:5e:74:21:20:10:
63:db:ff:88
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNqYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDEx
MDUyMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJEQkJENzY0NjE3NDhF
NEMyMDYzRDA4RTk1OTBBRTAxODE5NjZBQzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD4fhbyRM8dCnvdz+g5ebClzWT8EQOfhleM4VCGBooisCBLHORO
xroc9wWmlzSVyEuPv8AUaVh4YlXqxgT9VCOmd5eiTylS+ixpb7vuSgBBRX6gyyHD
bcbg42QvDOaHsGVkjqpV63IyzjUIJcL67FajaXLsmReij9dV9MInjtDzcHUhdxcT
O/iAKTTrX88SLO2ZPotrF1obVcXYG6YtJ6b5ThzrXtjGGSr5wXxawWk6mw2It/UQ
bf5uXn9gxnz4HkQ+6zNSIn3or5rQxfPDePeA5o38zl6wiRb1OEVB+dB24FgiSDLJ
zf4w8PUQsOqUJH2N/q5MdzOiqKIVOrXRUexfAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQULbvXZGF0jkwgY9COlZCuAYGWasMwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0xidlhaR0Ywamt3Z1k5
Q09sWkN1QVlHV2FzTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAcpexHQobrhLHLxAMADrPzHji/WoQgrh+
St3IkEfoMkUABCEviqWdNEORzC3zvvvg2BVaREZf6u0zunabcDUiTpcp3wCKrODj
245nkpDFFcspD0iZoGhImO9orPZ8ctT5809Na7lZujlhnS/bEHw9qOMvGoXo0GdI
zMGo3jZWPlOHuSVXYW+54PaC7VEWm2AlPCGb0AaCydHQ9cc/90/skeEtdQTvOTSk
LP9Z0pYVdHsXBXZh0rxitBlAv9gt1vZ2CrMyl/gxmDaAsaP9jeYLkxhq8SBo0ywX
Ev8VGeGG30lYNs4e2MRFXWQvq1b19T7rsiduhsU0pV50ISAQY9v/iA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:48:33 2024 by rpki-client on console-ams.rpki-client.org