Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/lbf35EJMdL7zitkcTVN2Kdxukus.roa
File: lbf35EJMdL7zitkcTVN2Kdxukus.roa (raw, json)
Hash identifier: fw54yXcnf84Sj3MLGlBS8O+8kTBEXFbRCzXPJ0+2z2M=
Subject key identifier: 95:B7:F7:E4:42:4C:74:BE:F3:8A:D9:1C:4D:53:76:29:DC:6E:92:EB
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3559
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lbf35EJMdL7zitkcTVN2Kdxukus.roa
Signing time: Sat 30 Mar 2024 17:22:08 +0000
ROA not before: Sat 30 Mar 2024 17:22:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13657 (0x3559)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 17:22:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=95B7F7E4424C74BEF38AD91C4D537629DC6E92EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:2f:d2:db:56:24:b3:62:bd:ef:c3:f1:06:4b:
4f:80:1b:bb:57:ff:3f:85:0b:c4:d6:80:ce:55:a7:
d7:e9:45:25:6c:bb:56:c0:aa:76:42:8a:15:f0:03:
98:16:95:fe:12:ba:37:95:72:d0:dd:04:5c:3a:07:
33:12:b5:2a:1f:72:22:b4:23:95:e0:32:69:26:50:
bb:61:26:9e:1a:dc:cb:4b:ae:62:4e:d1:5c:e1:0d:
af:74:af:73:f5:e5:30:86:ea:64:ed:00:98:48:c3:
2d:28:35:0b:0a:12:9c:b5:69:43:f9:ba:0d:97:dd:
2e:83:ac:50:3d:66:49:20:dd:31:dd:71:a0:72:c3:
93:25:d4:e7:08:e3:ad:53:a6:a1:ab:4b:24:1b:03:
0b:fa:60:dd:40:bc:c1:09:00:aa:d9:48:70:e0:0a:
38:f5:39:29:af:b4:b6:a6:25:eb:57:99:9e:b6:c9:
5a:37:cb:c6:6b:42:64:49:37:91:96:d9:e2:67:44:
cb:af:d6:77:74:59:a7:a6:90:cc:f9:79:a8:28:1b:
f2:44:6e:c9:84:24:d6:2b:30:e4:42:f2:e8:40:89:
4b:a7:7a:04:cd:9b:ff:88:60:2f:5d:78:54:3d:4d:
d2:07:a5:21:28:db:55:d5:96:8c:9c:a7:17:9b:a9:
7c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:B7:F7:E4:42:4C:74:BE:F3:8A:D9:1C:4D:53:76:29:DC:6E:92:EB
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lbf35EJMdL7zitkcTVN2Kdxukus.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
82:99:6c:f6:eb:d2:0e:4a:34:a2:7b:c7:bf:26:5f:38:e3:37:
4f:22:07:b3:86:83:62:65:56:cf:eb:f1:6a:ee:42:7c:ef:4d:
ab:48:e5:06:38:aa:08:a6:46:23:28:84:e6:15:de:45:d7:51:
17:78:35:a7:d7:42:63:6f:d5:1d:04:58:ee:23:e8:eb:ed:a7:
e6:39:18:80:d9:f5:99:57:00:38:e9:14:e1:a3:e4:85:02:1e:
fc:e9:4b:e2:3d:21:b3:c4:81:e6:75:9b:2c:09:98:14:0e:26:
1a:dc:04:85:5e:4c:81:4a:c7:7e:60:b3:0d:27:ef:40:91:8b:
94:71:98:e5:0e:c6:f3:b5:af:a4:51:5c:b9:ca:4b:36:83:39:
66:a0:ff:ad:34:31:38:0d:9f:64:ac:83:1a:77:94:2e:5b:b5:
3a:d6:3b:53:d3:28:fa:78:58:2a:89:bc:e4:54:99:c7:7f:3f:
ed:b4:a0:12:51:d8:71:42:63:44:68:01:48:52:bf:47:27:70:
3d:e9:d8:05:4a:3b:9c:59:10:a6:e5:29:42:c7:bc:a3:91:9d:
58:6f:5e:63:f8:1d:33:61:df:29:16:99:1f:47:d6:52:10:f3:
17:03:f5:8d:20:5a:f3:7e:42:28:56:22:c6:9d:4d:b5:6c:56:
bf:d9:b5:2b
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNVkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAx
NzIyMDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk1QjdGN0U0NDI0Qzc0
QkVGMzhBRDkxQzRENTM3NjI5REM2RTkyRUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/L9LbViSzYr3vw/EGS0+AG7tX/z+FC8TWgM5Vp9fpRSVsu1bA
qnZCihXwA5gWlf4SujeVctDdBFw6BzMStSofciK0I5XgMmkmULthJp4a3MtLrmJO
0VzhDa90r3P15TCG6mTtAJhIwy0oNQsKEpy1aUP5ug2X3S6DrFA9Zkkg3THdcaBy
w5Ml1OcI461TpqGrSyQbAwv6YN1AvMEJAKrZSHDgCjj1OSmvtLamJetXmZ62yVo3
y8ZrQmRJN5GW2eJnRMuv1nd0WaemkMz5eagoG/JEbsmEJNYrMORC8uhAiUunegTN
m/+IYC9deFQ9TdIHpSEo21XVloycpxebqXxjAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUlbf35EJMdL7zitkcTVN2KdxukuswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2xiZjM1RUpNZEw3eml0
a2NUVk4yS2R4dWt1cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAIKZbPbr0g5KNKJ7
x78mXzjjN08iB7OGg2JlVs/r8WruQnzvTatI5QY4qgimRiMohOYV3kXXURd4NafX
QmNv1R0EWO4j6Ovtp+Y5GIDZ9ZlXADjpFOGj5IUCHvzpS+I9IbPEgeZ1mywJmBQO
JhrcBIVeTIFKx35gsw0n70CRi5RxmOUOxvO1r6RRXLnKSzaDOWag/600MTgNn2Ss
gxp3lC5btTrWO1PTKPp4WCqJvORUmcd/P+20oBJR2HFCY0RoAUhSv0cncD3p2AVK
O5xZEKblKULHvKORnVhvXmP4HTNh3ykWmR9H1lIQ8xcD9Y0gWvN+QihWIsadTbVs
Vr/ZtSs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:06 2024 by rpki-client on console-ams.rpki-client.org