Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/lbWBEOE-B8McGllicvRCzZOAt9Q.roa
File: lbWBEOE-B8McGllicvRCzZOAt9Q.roa (raw, json)
Hash identifier: 8XzSBUmZ4vTocvXSYTbQ6wMaP6wRdjQdb8Gw76QSOVE=
Subject key identifier: 95:B5:81:10:E1:3E:07:C3:1C:1A:59:62:72:F4:42:CD:93:80:B7:D4
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 0F
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/lbWBEOE-B8McGllicvRCzZOAt9Q.roa
Signing time: Wed 01 Jun 2022 07:07:36 +0000
ROA not before: Wed 01 Jun 2022 07:07:36 +0000
ROA not after: Thu 01 Jun 2023 06:58:54 +0000
asID: 4812
IP address blocks: 43.254.152.0/24 maxlen: 24
103.5.192.0/22 maxlen: 24
103.24.116.0/24 maxlen: 24
103.24.118.0/23 maxlen: 24
150.242.238.0/23 maxlen: 24
202.89.96.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15 (0xf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Jun 1 07:07:36 2022 GMT
Not After : Jun 1 06:58:54 2023 GMT
Subject: CN=95B58110E13E07C31C1A596272F442CD9380B7D4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c9:55:f1:4a:a0:04:c0:19:97:ac:fb:73:2f:
a3:fb:71:c2:4f:c0:83:f2:e1:9c:02:5a:ba:d7:d5:
ef:2f:6a:29:e1:1a:71:16:6c:76:f3:c9:30:8f:fd:
b3:0c:42:81:3e:ac:f6:43:4a:c8:1e:30:a4:10:a7:
78:8c:1c:50:c2:7a:89:a8:4b:33:d1:28:e1:2a:c8:
c6:b8:7c:4b:9d:6f:87:4d:98:17:fb:55:7b:c2:6a:
61:ed:c8:a7:2a:ae:e9:f0:db:c7:fe:af:a9:6a:b0:
b5:21:5a:b0:61:6c:84:e8:8e:6b:d7:ac:52:6a:e5:
29:37:90:79:06:45:a0:39:00:40:a8:e9:84:03:b6:
de:a5:f8:28:2b:f9:11:e8:38:97:b4:56:b1:b1:65:
4f:cb:86:9a:53:28:7a:ee:e6:fe:a4:1f:1c:de:89:
93:f1:96:4d:f1:f5:cf:63:e5:5a:cd:99:f8:52:67:
85:80:9c:c1:4e:f0:8e:7b:81:e2:21:9e:4c:03:da:
96:45:10:e0:bd:2b:36:29:59:ff:d9:46:78:be:b3:
94:47:20:4c:79:96:98:9c:7d:45:67:f3:3c:98:a0:
6b:43:8d:d9:21:de:6c:75:7d:65:ea:c2:f0:8d:1f:
3b:3d:eb:69:c3:0d:b5:0f:eb:2c:c1:88:41:c0:4e:
b8:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:B5:81:10:E1:3E:07:C3:1C:1A:59:62:72:F4:42:CD:93:80:B7:D4
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/lbWBEOE-B8McGllicvRCzZOAt9Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.152.0/24
103.5.192.0/22
103.24.116.0/24
103.24.118.0/23
150.242.238.0/23
202.89.96.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:a1:76:66:ba:a7:16:02:68:1e:e9:4d:73:26:33:7d:f4:5e:
aa:1a:73:19:00:de:de:e4:5a:7a:ef:5e:db:99:2c:aa:8a:08:
21:e1:37:fa:dc:08:8d:2d:9c:9f:35:4a:fd:59:91:e2:c6:21:
d3:4a:ad:84:dd:d7:b5:22:51:86:ff:85:31:c4:82:cb:7a:15:
30:eb:66:eb:4a:d2:64:4a:81:72:16:21:1b:07:c8:e7:1c:53:
50:16:92:69:40:19:57:55:54:73:75:e8:9b:10:25:b5:d4:3b:
9b:a7:29:05:e2:ac:22:d2:fa:fb:33:ff:6f:1c:17:4f:62:d3:
2e:58:ce:dc:53:74:a3:79:85:e4:e1:59:a4:8e:3a:ae:b2:68:
34:e6:2e:10:62:86:28:51:40:ec:aa:ef:2e:0f:fe:a3:4d:73:
f5:7b:76:cf:fb:38:74:dc:c5:13:f4:9f:ca:d3:e7:73:6c:d4:
33:18:dc:95:a7:34:a5:9b:0c:ca:2d:a8:ed:47:cc:1c:32:f7:
67:dc:b4:18:ff:e6:6a:2d:9c:c7:4c:16:11:80:5e:00:69:f8:
4b:6e:46:c8:ad:45:9b:72:81:66:2b:df:3a:2b:eb:e5:66:3f:
b7:bb:54:e5:bd:34:24:7a:1a:c5:23:d3:2b:67:03:9a:29:fb:
03:13:5b:0c
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIBDzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3NUI0
NzE0QzRGNjFCRUEwNEEwMkNGOUNGNTYzQUUxMzRGNDc5Qzg1MB4XDTIyMDYwMTA3
MDczNloXDTIzMDYwMTA2NTg1NFowMzExMC8GA1UEAxMoOTVCNTgxMTBFMTNFMDdD
MzFDMUE1OTYyNzJGNDQyQ0Q5MzgwQjdENDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMbJVfFKoATAGZes+3Mvo/txwk/Ag/LhnAJautfV7y9qKeEacRZs
dvPJMI/9swxCgT6s9kNKyB4wpBCneIwcUMJ6iahLM9Eo4SrIxrh8S51vh02YF/tV
e8JqYe3Ipyqu6fDbx/6vqWqwtSFasGFshOiOa9esUmrlKTeQeQZFoDkAQKjphAO2
3qX4KCv5Eeg4l7RWsbFlT8uGmlMoeu7m/qQfHN6Jk/GWTfH1z2PlWs2Z+FJnhYCc
wU7wjnuB4iGeTAPalkUQ4L0rNilZ/9lGeL6zlEcgTHmWmJx9RWfzPJiga0ON2SHe
bHV9ZerC8I0fOz3racMNtQ/rLMGIQcBOuIsCAwEAAaOCAg8wggILMB0GA1UdDgQW
BBSVtYEQ4T4HwxwaWWJy9ELNk4C31DAfBgNVHSMEGDAWgBR1tHFMT2G+oEoCz5z1
Y64TT0echTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFwGA1UdHwRVMFMwUaBP
oE2GS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC81Nzcv
ZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9kYlJ4VEU5aHZxQktBcy1jOVdPdUUwOUhuSVUuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBnAYIKwYBBQUHAQsEgY8wgYwwVwYIKwYBBQUHMAuGS3JzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC81NzcvbGJXQkVPRS1COE1jR2xs
aWN2UkN6Wk9BdDlRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmlj
LmNuL3JyZHAvbm90aWZ5LnhtbDA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAME
ACv+mAMEAmcFwAMEAGcYdAMEAWcYdgMEAZby7gMEAMpZYDANBgkqhkiG9w0BAQsF
AAOCAQEAHqF2ZrqnFgJoHulNcyYzffReqhpzGQDe3uRaeu9e25ksqooIIeE3+twI
jS2cnzVK/VmR4sYh00qthN3XtSJRhv+FMcSCy3oVMOtm60rSZEqBchYhGwfI5xxT
UBaSaUAZV1VUc3XomxAltdQ7m6cpBeKsItL6+zP/bxwXT2LTLljO3FN0o3mF5OFZ
pI46rrJoNOYuEGKGKFFA7KrvLg/+o01z9Xt2z/s4dNzFE/SfytPnc2zUMxjclac0
pZsMyi2o7UfMHDL3Z9y0GP/mai2cx0wWEYBeAGn4S25GyK1Fm3KBZivfOivr5WY/
t7tU5b00JHoaxSPTK2cDmin7AxNbDA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:18 2023 by rpki-client on console-ams.rpki-client.org