Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/lhmLCQWQrLzhvR1HjM7GzF0b9GI.roa
File: lhmLCQWQrLzhvR1HjM7GzF0b9GI.roa (raw, json)
Hash identifier: YkBD3l2yCajsJ+vCD+pWBqZtvLQfI1sAARcB6/44vf8=
Subject key identifier: 96:19:8B:09:05:90:AC:BC:E1:BD:1D:47:8C:CE:C6:CC:5D:1B:F4:62
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 44C5
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lhmLCQWQrLzhvR1HjM7GzF0b9GI.roa
Signing time: Sat 20 Apr 2024 06:53:09 +0000
ROA not before: Sat 20 Apr 2024 06:53:09 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17605 (0x44c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 20 06:53:09 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=96198B090590ACBCE1BD1D478CCEC6CC5D1BF462
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:46:82:53:44:16:bc:b9:f1:da:81:93:d7:25:
11:90:42:e8:34:c1:7c:65:a8:57:95:d9:3a:70:d4:
0d:d1:06:c4:31:e8:6d:ad:88:5c:ea:fc:db:f8:d5:
c4:c9:e1:08:35:4a:9f:09:36:27:0c:60:6b:ec:ff:
a2:a9:87:a8:98:b3:4d:ee:cc:49:54:d7:cb:e2:d5:
f3:ab:e3:4a:18:e5:d8:d9:81:67:27:ab:d4:90:b0:
ad:c6:13:76:65:1e:e7:22:25:26:ab:23:e2:d4:e2:
73:5c:b3:4b:95:3c:28:94:a5:66:54:a5:81:66:38:
90:57:ba:e7:73:97:e7:06:09:ec:57:61:98:c8:0f:
b0:34:4e:83:28:e4:7b:95:9b:70:c6:99:ce:8b:ad:
2e:11:45:99:3f:66:43:06:e0:af:eb:01:0a:cb:0d:
f3:24:b1:46:80:4d:10:ee:67:48:4b:ee:ba:e5:da:
b8:97:fd:79:d0:b5:9e:4f:10:89:94:cc:9f:76:a0:
bc:71:5e:0f:07:13:b3:e7:aa:17:5f:a8:fc:40:07:
2a:cb:1a:31:80:54:8d:66:23:86:3a:aa:c4:19:a0:
12:a9:00:a5:1a:ce:97:81:51:7d:cb:a9:43:70:14:
6a:27:2b:ca:bb:82:b8:68:c2:93:67:ff:cc:a9:be:
05:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:19:8B:09:05:90:AC:BC:E1:BD:1D:47:8C:CE:C6:CC:5D:1B:F4:62
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/lhmLCQWQrLzhvR1HjM7GzF0b9GI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
78:53:36:3e:d5:f3:02:e2:9d:18:55:f6:b4:64:91:f7:58:2b:
2e:7d:c6:4b:36:3f:d3:e5:47:7b:99:26:91:e6:7e:f0:8e:c7:
73:d4:59:7b:e7:e1:52:7b:d0:d0:2e:c0:3f:3d:59:16:ac:0d:
29:8f:b2:f0:46:b1:36:20:d6:f3:ec:cd:8b:e9:1a:79:30:f9:
c6:24:77:ea:10:17:01:9c:69:ef:88:86:3c:40:8d:77:ac:4c:
66:20:00:7f:ba:88:eb:67:4c:6f:bd:ca:ba:dd:3c:9c:df:16:
43:f5:87:23:ba:00:a2:c8:bd:9f:29:fc:31:69:f3:a9:59:09:
6f:d7:c0:1e:01:fa:9d:9f:b9:c4:5f:22:1c:ed:85:86:5d:3b:
9b:29:88:45:10:b6:b1:e1:29:ae:11:43:41:21:26:1e:f9:43:
34:92:e8:2c:6b:cc:e2:10:39:1e:5a:d9:e4:0d:63:61:a4:9d:
11:bd:51:57:f0:0d:c5:a5:69:c9:56:1c:b1:73:88:b2:ff:07:
87:9a:2f:d3:76:d4:f8:2b:ed:7e:75:0f:12:16:9c:35:57:19:
d0:e4:31:a4:59:90:bc:80:74:1b:9f:1e:5d:c0:d3:8c:0a:89:
ec:c6:4f:ec:f5:13:c9:a2:18:ea:aa:f0:36:07:93:7d:da:7c:
9c:77:4f:4e
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICRMUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MjAw
NjUzMDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk2MTk4QjA5MDU5MEFD
QkNFMUJEMUQ0NzhDQ0VDNkNDNUQxQkY0NjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhRoJTRBa8ufHagZPXJRGQQug0wXxlqFeV2Tpw1A3RBsQx6G2t
iFzq/Nv41cTJ4Qg1Sp8JNicMYGvs/6Kph6iYs03uzElU18vi1fOr40oY5djZgWcn
q9SQsK3GE3ZlHuciJSarI+LU4nNcs0uVPCiUpWZUpYFmOJBXuudzl+cGCexXYZjI
D7A0ToMo5HuVm3DGmc6LrS4RRZk/ZkMG4K/rAQrLDfMksUaATRDuZ0hL7rrl2riX
/XnQtZ5PEImUzJ92oLxxXg8HE7PnqhdfqPxAByrLGjGAVI1mI4Y6qsQZoBKpAKUa
zpeBUX3LqUNwFGonK8q7grhowpNn/8ypvgXPAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUlhmLCQWQrLzhvR1HjM7GzF0b9GIwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2xobUxDUVdRckx6aHZS
MUhqTTdHekYwYjlHSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAHhTNj7V8wLinRhV
9rRkkfdYKy59xks2P9PlR3uZJpHmfvCOx3PUWXvn4VJ70NAuwD89WRasDSmPsvBG
sTYg1vPszYvpGnkw+cYkd+oQFwGcae+IhjxAjXesTGYgAH+6iOtnTG+9yrrdPJzf
FkP1hyO6AKLIvZ8p/DFp86lZCW/XwB4B+p2fucRfIhzthYZdO5spiEUQtrHhKa4R
Q0EhJh75QzSS6CxrzOIQOR5a2eQNY2GknRG9UVfwDcWlaclWHLFziLL/B4eaL9N2
1Pgr7X51DxIWnDVXGdDkMaRZkLyAdBufHl3A04wKiezGT+z1E8miGOqq8DYHk33a
fJx3T04=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:44 2024 by rpki-client on console-fra.rpki-client.org