Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/LmQJK5qpPOWZRlbd1J5KBjVEqlc.roa
File: LmQJK5qpPOWZRlbd1J5KBjVEqlc.roa (raw, json)
Hash identifier: 8jZYetvwh+oIW4YnaIVwJcFbohvGXJyx6DtlJwn11Zw=
Subject key identifier: 2E:64:09:2B:9A:A9:3C:E5:99:46:56:DD:D4:9E:4A:06:35:44:AA:57
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 36D6
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LmQJK5qpPOWZRlbd1J5KBjVEqlc.roa
Signing time: Mon 01 Apr 2024 16:52:11 +0000
ROA not before: Mon 01 Apr 2024 16:52:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14038 (0x36d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 1 16:52:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2E64092B9AA93CE5994656DDD49E4A063544AA57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d3:5c:c3:82:ff:98:6b:fd:39:f7:bf:98:47:
fd:41:b2:1c:3f:78:06:78:2a:25:e8:8d:eb:e0:1c:
7d:21:10:bb:8c:88:f0:f9:7d:b3:e6:2e:0f:ee:8d:
d4:d3:ee:89:9e:1c:bb:01:dc:e9:60:a7:24:6a:6d:
ac:ca:31:98:35:8c:8f:cc:f6:d3:f9:c6:0d:8a:1e:
c8:40:59:30:e5:95:fb:94:ae:49:d8:10:04:2b:0a:
9f:95:98:a2:fb:45:b3:63:ba:03:15:1f:4a:3b:cd:
44:9e:ba:3d:67:ae:b5:2b:39:e4:2d:15:9b:d9:ad:
b4:73:b5:84:83:fb:94:ba:a5:1b:c3:dc:5b:31:b2:
d1:b4:e9:bc:86:1e:de:33:1d:88:7a:3a:6f:61:8a:
fb:c6:f2:12:bd:90:36:a4:71:4d:3d:84:11:56:d7:
d5:e1:ae:83:16:29:15:30:7a:ea:5f:ac:80:cd:2e:
57:1f:4a:13:ea:5c:27:d5:26:aa:ad:7a:de:21:17:
6d:31:ae:3e:bf:82:cb:3a:18:63:9b:ae:2d:10:aa:
42:b0:37:61:55:d7:ab:de:5d:64:8f:1f:08:30:58:
4a:7e:65:10:94:9c:fd:e1:d4:fc:b0:31:cb:ee:a4:
d0:e5:52:e9:d1:0d:16:d8:27:4f:7c:c8:0a:62:ce:
c4:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:64:09:2B:9A:A9:3C:E5:99:46:56:DD:D4:9E:4A:06:35:44:AA:57
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LmQJK5qpPOWZRlbd1J5KBjVEqlc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7b:1d:57:80:25:d4:56:1c:c4:23:99:ca:db:38:e0:58:66:90:
13:66:42:fa:ce:a7:bf:bf:9f:16:13:e1:9e:23:96:45:99:20:
6b:4d:e1:d0:29:59:48:12:92:37:d7:5d:83:ea:bd:e9:9d:36:
52:b6:60:e7:c9:53:8c:6f:b2:7f:99:16:d3:0a:73:5c:a6:fe:
37:7b:04:a1:86:fd:bf:49:f9:9b:bd:81:02:e5:69:73:ba:f8:
02:c1:4f:af:ba:11:ef:07:0b:f0:9f:f5:0d:ef:c1:ad:4e:97:
57:b4:b9:5b:7c:f5:1b:cd:41:7f:1c:2d:73:d4:7f:ae:62:92:
26:1f:55:2d:c2:6a:5f:40:00:22:2a:16:5b:b4:5a:05:ce:4f:
8f:31:5e:25:76:6f:aa:34:76:5e:8a:dc:4f:19:71:40:c8:37:
6a:e5:bf:3d:e7:80:a3:95:6d:6a:f5:9d:bb:dd:54:90:d6:53:
68:d0:d3:2f:72:75:de:4e:14:e4:fc:69:14:aa:41:db:05:e4:
51:8f:ea:f2:ce:1b:78:41:fb:53:e6:ec:da:12:99:a6:ef:2c:
e8:13:dc:88:bd:66:28:a8:d8:79:74:ba:06:8b:72:3e:04:85:
56:7f:d4:4a:7f:ee:bf:bc:f8:18:d7:ec:cf:79:75:67:c0:4a:
62:6b:14:cc
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICNtYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDEx
NjUyMTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJFNjQwOTJCOUFBOTND
RTU5OTQ2NTZEREQ0OUU0QTA2MzU0NEFBNTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDE01zDgv+Ya/0597+YR/1Bshw/eAZ4KiXojevgHH0hELuMiPD5
fbPmLg/ujdTT7omeHLsB3OlgpyRqbazKMZg1jI/M9tP5xg2KHshAWTDllfuUrknY
EAQrCp+VmKL7RbNjugMVH0o7zUSeuj1nrrUrOeQtFZvZrbRztYSD+5S6pRvD3Fsx
stG06byGHt4zHYh6Om9hivvG8hK9kDakcU09hBFW19XhroMWKRUweupfrIDNLlcf
ShPqXCfVJqqtet4hF20xrj6/gss6GGObri0QqkKwN2FV16veXWSPHwgwWEp+ZRCU
nP3h1PywMcvupNDlUunRDRbYJ098yApizsTxAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQULmQJK5qpPOWZRlbd1J5KBjVEqlcwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0xtUUpLNXFwUE9XWlJs
YmQxSjVLQmpWRXFsYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAex1XgCXUVhzEI5nK2zjgWGaQE2ZC+s6n
v7+fFhPhniOWRZkga03h0ClZSBKSN9ddg+q96Z02UrZg58lTjG+yf5kW0wpzXKb+
N3sEoYb9v0n5m72BAuVpc7r4AsFPr7oR7wcL8J/1De/BrU6XV7S5W3z1G81Bfxwt
c9R/rmKSJh9VLcJqX0AAIioWW7RaBc5PjzFeJXZvqjR2XorcTxlxQMg3auW/PeeA
o5VtavWdu91UkNZTaNDTL3J13k4U5PxpFKpB2wXkUY/q8s4beEH7U+bs2hKZpu8s
6BPciL1mKKjYeXS6BotyPgSFVn/USn/uv7z4GNfsz3l1Z8BKYmsUzA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:20 2024 by rpki-client on console-fra.rpki-client.org