Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/LmkxByNCXBu9pV-l_kxZvzGLUqQ.roa
File: LmkxByNCXBu9pV-l_kxZvzGLUqQ.roa (raw, json)
Hash identifier: 4/3TDARZc03QhtSHrYZGg+Qr3yS5LJ+Oz1W++6TM4B8=
Subject key identifier: 2E:69:31:07:23:42:5C:1B:BD:A5:5F:A5:FE:4C:59:BF:31:8B:52:A4
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3335
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LmkxByNCXBu9pV-l_kxZvzGLUqQ.roa
Signing time: Wed 27 Mar 2024 20:52:00 +0000
ROA not before: Wed 27 Mar 2024 20:52:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13109 (0x3335)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 27 20:52:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2E69310723425C1BBDA55FA5FE4C59BF318B52A4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:8c:80:17:75:cf:83:87:79:9a:bc:00:7c:18:
7f:ce:45:fc:08:17:31:b2:d3:e6:7a:f9:94:a1:0d:
42:d5:81:6f:34:69:bf:89:6a:e8:fd:66:8f:40:bf:
9c:77:79:c7:98:c2:32:58:53:25:94:f8:00:42:94:
19:06:dc:e3:0b:b9:d0:99:45:1f:45:4e:c3:9a:05:
f6:7e:98:21:22:f5:57:16:4c:b9:e6:f4:1e:0c:f8:
e6:22:6e:7a:dd:f1:9b:53:62:40:bc:a8:94:59:0a:
57:87:3b:7b:46:9d:4b:6f:69:72:b7:f6:fd:d2:79:
7d:23:dc:28:76:f9:59:d3:5e:66:78:d4:2a:69:36:
55:60:99:16:f4:b8:ba:21:dc:f2:5f:29:79:4c:4a:
c5:8f:32:a4:36:ef:ad:39:da:18:43:15:92:7b:63:
1b:c2:15:93:05:2f:81:41:22:b6:b3:23:91:b0:e4:
75:b0:b9:17:06:32:79:f1:1e:f5:0c:7c:e7:7d:43:
9e:73:2b:4d:8a:d9:38:ff:58:a8:9f:54:40:0f:bc:
c9:17:e5:dc:ea:34:ed:51:1d:03:3d:6a:db:59:16:
8e:b0:e0:88:ef:62:e4:b1:70:63:4c:f9:af:48:90:
37:e5:f0:0f:d6:f6:fb:be:74:2e:cd:46:30:4b:ef:
a9:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:69:31:07:23:42:5C:1B:BD:A5:5F:A5:FE:4C:59:BF:31:8B:52:A4
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LmkxByNCXBu9pV-l_kxZvzGLUqQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
60:74:cb:bb:ab:22:73:84:b9:31:1d:10:57:b8:be:65:5e:32:
7c:ee:69:5c:1c:a4:83:5c:f9:1b:a4:31:2f:32:5e:c0:9b:d8:
07:fe:3e:9d:99:03:e5:af:14:cf:33:b7:e7:a6:d3:5b:17:87:
8b:03:ac:2a:bf:cf:cc:5f:85:a2:a3:46:b3:35:7c:65:1e:3b:
af:8f:e4:9d:08:81:1c:6f:f0:72:b3:23:2e:21:0b:82:e1:2b:
18:14:37:f7:41:c5:84:c3:04:40:fa:d7:af:6b:7b:87:6b:4c:
a5:d1:d5:2c:e2:c6:35:4a:54:e3:a3:10:a5:f0:c8:a4:86:5c:
5f:9a:2e:3e:4b:0e:1f:d0:83:bd:ef:8b:66:70:75:71:f0:54:
28:c9:7f:02:85:3a:c0:d1:0e:4a:0e:bf:d8:d1:e4:c8:e2:68:
96:d0:6b:41:03:24:b1:60:c6:0c:cf:40:88:54:13:bb:53:6e:
d1:51:98:0e:1e:42:96:42:44:f5:1e:99:9a:b8:0f:92:2a:c8:
eb:83:01:1b:fd:26:22:66:a3:da:af:7e:d2:b7:a1:2e:9a:c9:
f8:46:64:e9:a0:5c:2e:76:58:e9:ed:e6:f7:51:49:e5:f5:8a:
95:1e:05:40:64:41:c5:4b:67:9e:dc:c1:a4:3b:cf:22:a6:64:
0d:75:ae:92
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICMzUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMjcy
MDUyMDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJFNjkzMTA3MjM0MjVD
MUJCREE1NUZBNUZFNEM1OUJGMzE4QjUyQTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCljIAXdc+Dh3mavAB8GH/ORfwIFzGy0+Z6+ZShDULVgW80ab+J
auj9Zo9Av5x3eceYwjJYUyWU+ABClBkG3OMLudCZRR9FTsOaBfZ+mCEi9VcWTLnm
9B4M+OYibnrd8ZtTYkC8qJRZCleHO3tGnUtvaXK39v3SeX0j3Ch2+VnTXmZ41Cpp
NlVgmRb0uLoh3PJfKXlMSsWPMqQ276052hhDFZJ7YxvCFZMFL4FBIrazI5Gw5HWw
uRcGMnnxHvUMfOd9Q55zK02K2Tj/WKifVEAPvMkX5dzqNO1RHQM9attZFo6w4Ijv
YuSxcGNM+a9IkDfl8A/W9vu+dC7NRjBL76klAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQULmkxByNCXBu9pV+l/kxZvzGLUqQwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0xta3hCeU5DWEJ1OXBW
LWxfa3hadnpHTFVxUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAGB0y7urInOEuTEd
EFe4vmVeMnzuaVwcpINc+RukMS8yXsCb2Af+Pp2ZA+WvFM8zt+em01sXh4sDrCq/
z8xfhaKjRrM1fGUeO6+P5J0IgRxv8HKzIy4hC4LhKxgUN/dBxYTDBED6169re4dr
TKXR1SzixjVKVOOjEKXwyKSGXF+aLj5LDh/Qg73vi2ZwdXHwVCjJfwKFOsDRDkoO
v9jR5MjiaJbQa0EDJLFgxgzPQIhUE7tTbtFRmA4eQpZCRPUemZq4D5IqyOuDARv9
JiJmo9qvftK3oS6ayfhGZOmgXC52WOnt5vdRSeX1ipUeBUBkQcVLZ57cwaQ7zyKm
ZA11rpI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:20 2024 by rpki-client on console-fra.rpki-client.org