Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/LvTYJOqX85vUPLFhwYEbAA5YWnE.roa
File: LvTYJOqX85vUPLFhwYEbAA5YWnE.roa (raw, json)
Hash identifier: vSFdB2mDv8p9gPFcMR0ZAl95mgfCJ+2t9D5msQ2hsmg=
Subject key identifier: 2E:F4:D8:24:EA:97:F3:9B:D4:3C:B1:61:C1:81:1B:00:0E:58:5A:71
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4FEE
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LvTYJOqX85vUPLFhwYEbAA5YWnE.roa
Signing time: Sun 05 May 2024 03:54:01 +0000
ROA not before: Sun 05 May 2024 03:54:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.236.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20462 (0x4fee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 5 03:54:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2EF4D824EA97F39BD43CB161C1811B000E585A71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:fa:1f:b7:1f:0e:ae:db:e8:cd:88:ac:38:c7:
c8:4a:01:dd:c7:1b:8d:41:2e:28:0b:cd:4f:be:e2:
34:07:f1:20:cb:91:4e:b3:54:20:96:fd:5a:3a:af:
1c:39:be:ed:bd:31:ad:a0:cd:85:89:8c:d5:69:1b:
da:5e:2e:e5:65:06:77:62:0d:93:b5:dc:90:d8:2b:
2c:ab:1e:1b:61:03:2c:2e:72:eb:68:ff:ac:ce:f3:
fa:ec:02:e3:ca:d3:d5:d6:8f:93:26:4a:f6:fc:d4:
1e:17:f2:4c:3f:89:1c:16:b9:c1:21:bc:95:a9:a4:
c5:59:f8:7c:45:dc:dd:74:4f:9a:c0:a9:89:f7:47:
54:fc:61:05:62:0b:34:01:c8:5e:73:c6:af:6a:4f:
2d:0c:08:cc:35:96:4f:78:92:5d:19:36:0c:95:aa:
f9:aa:74:c8:b8:e6:6f:93:fc:e4:ed:9c:25:d9:23:
28:c8:82:19:da:0a:3d:2f:a8:3e:b5:c7:80:e9:e2:
69:4f:54:5e:d5:3a:8d:99:13:da:c2:0f:1a:53:28:
bd:2e:5c:0d:a8:ed:28:68:81:93:01:b5:37:74:6e:
91:1f:ec:67:24:8b:c2:74:ca:ac:25:13:27:69:42:
cb:6e:29:35:ec:b6:53:7e:f8:58:46:a1:90:a2:26:
2f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:F4:D8:24:EA:97:F3:9B:D4:3C:B1:61:C1:81:1B:00:0E:58:5A:71
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LvTYJOqX85vUPLFhwYEbAA5YWnE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.236.0.0/16
Signature Algorithm: sha256WithRSAEncryption
29:24:2c:ea:e6:4c:45:16:1b:43:4f:89:24:2f:99:20:1a:15:
48:a4:c3:2f:35:4f:ab:c8:c0:20:33:d0:94:a9:9c:90:b6:c4:
44:2a:43:6f:6a:fb:c9:c8:37:44:86:f4:fd:74:e5:aa:fb:84:
77:64:7e:c1:31:fd:f4:0d:39:b2:df:9b:3c:d3:75:d1:31:98:
cb:b6:f3:dc:0e:2d:d1:fe:3b:df:80:0c:ca:e5:82:22:e4:49:
6a:c1:36:90:75:ae:4d:0d:fb:f2:5e:52:53:d0:37:27:81:2c:
9f:ea:9f:f0:d6:39:69:9d:04:d7:58:fa:2d:d3:58:d1:17:98:
35:97:ca:73:74:eb:16:1a:7e:ca:eb:56:0c:f7:cc:87:c1:15:
1f:c3:3c:63:fc:b1:3a:89:fe:03:29:86:c3:8c:02:bb:ef:58:
08:25:d5:ad:fe:98:1a:fc:63:a2:77:bb:6b:3e:cd:c4:7d:06:
00:48:cd:d1:68:88:9e:65:56:b5:96:4d:3f:ed:76:68:9d:92:
c6:80:7a:c4:bf:6c:c5:0d:b9:57:81:db:a5:1d:be:29:c0:e5:
ee:f3:d2:c7:c6:a8:97:a7:ff:19:8e:27:d1:d0:3c:e0:6a:f1:
30:a2:07:c7:83:b2:34:c6:e1:59:c2:fc:a7:9f:86:54:d4:d8:
90:00:6a:76
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICT+4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDUw
MzU0MDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJFRjREODI0RUE5N0Yz
OUJENDNDQjE2MUMxODExQjAwMEU1ODVBNzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDj+h+3Hw6u2+jNiKw4x8hKAd3HG41BLigLzU++4jQH8SDLkU6z
VCCW/Vo6rxw5vu29Ma2gzYWJjNVpG9peLuVlBndiDZO13JDYKyyrHhthAywucuto
/6zO8/rsAuPK09XWj5MmSvb81B4X8kw/iRwWucEhvJWppMVZ+HxF3N10T5rAqYn3
R1T8YQViCzQByF5zxq9qTy0MCMw1lk94kl0ZNgyVqvmqdMi45m+T/OTtnCXZIyjI
ghnaCj0vqD61x4Dp4mlPVF7VOo2ZE9rCDxpTKL0uXA2o7ShogZMBtTd0bpEf7Gck
i8J0yqwlEydpQstuKTXstlN++FhGoZCiJi8pAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQULvTYJOqX85vUPLFhwYEbAA5YWnEwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0x2VFlKT3FYODV2VVBM
Rmh3WUViQUE1WVduRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwAr7DANBgkqhkiG9w0BAQsFAAOCAQEAKSQs6uZMRRYbQ0+JJC+ZIBoVSKTDLzVP
q8jAIDPQlKmckLbERCpDb2r7ycg3RIb0/XTlqvuEd2R+wTH99A05st+bPNN10TGY
y7bz3A4t0f4734AMyuWCIuRJasE2kHWuTQ378l5SU9A3J4Esn+qf8NY5aZ0E11j6
LdNY0ReYNZfKc3TrFhp+yutWDPfMh8EVH8M8Y/yxOon+AymGw4wCu+9YCCXVrf6Y
Gvxjone7az7NxH0GAEjN0WiInmVWtZZNP+12aJ2SxoB6xL9sxQ25V4HbpR2+KcDl
7vPSx8aol6f/GY4n0dA84GrxMKIHx4OyNMbhWcL8p5+GVNTYkABqdg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:20 2024 by rpki-client on console-fra.rpki-client.org