Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/lgDtjXiYd575nzAAdR0czqFmFXY.roa
File: lgDtjXiYd575nzAAdR0czqFmFXY.roa (raw, json)
Hash identifier: cjy+2nBsKxR9tD4Q3qJwND8XlK9enYePND0h31NhoAQ=
Subject key identifier: 96:00:ED:8D:78:98:77:9E:F9:9F:30:00:75:1D:1C:CE:A1:66:15:76
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 5821
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lgDtjXiYd575nzAAdR0czqFmFXY.roa
Signing time: Thu 16 May 2024 02:24:16 +0000
ROA not before: Thu 16 May 2024 02:24:16 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22561 (0x5821)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 16 02:24:16 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=9600ED8D7898779EF99F3000751D1CCEA1661576
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:8e:22:60:b2:f1:65:46:d5:3d:e2:7b:55:60:
b3:14:2c:34:d4:d2:04:50:1e:f0:06:ff:c0:37:41:
a2:60:80:aa:6e:c4:5b:c3:51:76:3b:f4:5e:45:88:
e9:45:a7:d3:48:2c:42:3c:60:f0:c1:a6:4d:01:a0:
b4:cf:1a:8e:3e:d3:18:c3:da:f9:7c:c8:aa:91:36:
3b:1f:e1:62:5e:c9:1f:a1:e3:43:21:48:d6:42:6e:
2f:15:38:01:f4:0f:38:4c:67:e0:3e:ef:68:fd:b5:
9e:73:ee:e8:e3:d9:0d:42:ec:7f:ef:4f:23:ef:dc:
92:b5:a4:df:ce:07:53:ac:ba:96:0d:6b:47:a2:22:
cd:d9:70:49:7c:19:87:74:8c:75:6d:20:7d:6d:ba:
24:79:59:c2:65:f7:fc:39:b4:58:ef:4d:cc:39:af:
c6:b4:88:08:ce:3b:75:ab:21:8d:9d:42:f0:6c:1f:
e9:49:6b:85:52:92:31:52:77:92:9b:d8:d0:00:54:
fc:34:6f:f8:63:da:a9:3d:92:be:f0:d1:95:6b:8e:
9b:50:a0:1a:3f:70:22:ad:f6:94:1b:eb:b4:5f:67:
81:e1:1c:3e:5c:28:38:3f:f8:6d:38:2d:e6:f5:81:
2f:eb:1f:fd:f2:3a:f6:ea:bf:65:75:bf:68:0f:44:
0f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:00:ED:8D:78:98:77:9E:F9:9F:30:00:75:1D:1C:CE:A1:66:15:76
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lgDtjXiYd575nzAAdR0czqFmFXY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
40:f1:6c:41:76:c5:a7:13:44:cc:38:37:5a:83:15:f5:b4:98:
f4:86:7e:b2:50:fa:8b:04:be:8a:86:ad:e6:c9:4d:1b:87:3d:
29:57:8e:aa:02:6b:86:65:50:b1:dd:92:32:9d:1a:3a:e4:b3:
4b:1f:c1:01:76:57:e3:cd:77:52:02:3c:6b:ed:ba:07:67:6b:
26:a8:d3:ad:c3:b4:f3:b4:fc:be:c4:71:2d:d0:ef:a3:22:e6:
bf:ac:46:a2:df:c6:4c:6f:a0:fb:fe:d1:61:58:e9:42:58:72:
13:d3:ff:54:92:c0:6f:19:e7:58:eb:1d:e3:f5:89:ea:bb:b5:
78:70:ab:03:fc:fa:0c:4d:4a:48:15:53:0e:2c:13:96:80:36:
a7:58:c7:f8:a8:0b:84:6f:e0:60:76:d6:86:cd:f3:a4:60:e6:
f1:b4:67:0a:18:04:1a:83:eb:30:a1:a8:26:f6:60:4b:e7:ad:
01:5b:06:aa:62:db:75:c4:78:60:3a:0a:70:74:73:67:60:ff:
6c:3a:57:7b:a8:d6:d9:73:eb:5e:c1:7b:27:a5:27:f9:5b:7f:
8b:47:17:27:76:19:8a:44:61:28:cd:67:41:b9:ca:cf:1d:77:
ee:31:3f:57:18:95:cc:3b:7d:ea:f8:ca:77:aa:12:12:47:59:
fe:d3:b0:e2
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICWCEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MTYw
MjI0MTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk2MDBFRDhENzg5ODc3
OUVGOTlGMzAwMDc1MUQxQ0NFQTE2NjE1NzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhjiJgsvFlRtU94ntVYLMULDTU0gRQHvAG/8A3QaJggKpuxFvD
UXY79F5FiOlFp9NILEI8YPDBpk0BoLTPGo4+0xjD2vl8yKqRNjsf4WJeyR+h40Mh
SNZCbi8VOAH0DzhMZ+A+72j9tZ5z7ujj2Q1C7H/vTyPv3JK1pN/OB1OsupYNa0ei
Is3ZcEl8GYd0jHVtIH1tuiR5WcJl9/w5tFjvTcw5r8a0iAjOO3WrIY2dQvBsH+lJ
a4VSkjFSd5Kb2NAAVPw0b/hj2qk9kr7w0ZVrjptQoBo/cCKt9pQb67RfZ4HhHD5c
KDg/+G04Leb1gS/rH/3yOvbqv2V1v2gPRA/3AgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUlgDtjXiYd575nzAAdR0czqFmFXYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2xnRHRqWGlZZDU3NW56
QUFkUjBjenFGbUZYWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAEDxbEF2xacTRMw4
N1qDFfW0mPSGfrJQ+osEvoqGrebJTRuHPSlXjqoCa4ZlULHdkjKdGjrks0sfwQF2
V+PNd1ICPGvtugdnayao063DtPO0/L7EcS3Q76Mi5r+sRqLfxkxvoPv+0WFY6UJY
chPT/1SSwG8Z51jrHeP1ieq7tXhwqwP8+gxNSkgVUw4sE5aANqdYx/ioC4Rv4GB2
1obN86Rg5vG0ZwoYBBqD6zChqCb2YEvnrQFbBqpi23XEeGA6CnB0c2dg/2w6V3uo
1tlz617BeyelJ/lbf4tHFyd2GYpEYSjNZ0G5ys8dd+4xP1cYlcw7fer4yneqEhJH
Wf7TsOI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:44 2024 by rpki-client on console-fra.rpki-client.org