Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/LMxzZiwc7lP38Ntm7GC6OaApsCs.roa
File: LMxzZiwc7lP38Ntm7GC6OaApsCs.roa (raw, json)
Hash identifier: btPEn+Zn48Z+Mjg4dnNh13oYPV6z04n6xw3WR2LFk/w=
Subject key identifier: 2C:CC:73:66:2C:1C:EE:53:F7:F0:DB:66:EC:60:BA:39:A0:29:B0:2B
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3705
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LMxzZiwc7lP38Ntm7GC6OaApsCs.roa
Signing time: Mon 01 Apr 2024 22:52:14 +0000
ROA not before: Mon 01 Apr 2024 22:52:14 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14085 (0x3705)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 1 22:52:14 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2CCC73662C1CEE53F7F0DB66EC60BA39A029B02B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:17:d6:e9:b0:f4:51:56:ca:f4:a2:cf:79:a3:
2a:ba:eb:99:b3:92:45:b4:97:a1:fb:1d:13:38:9f:
b6:31:ce:47:4b:72:31:d3:5e:61:3b:09:d2:71:f5:
f7:de:b7:f5:47:1c:21:35:31:fc:d5:69:7b:bf:e3:
69:f9:5c:88:ee:b9:0c:14:ca:de:21:90:ec:fe:2f:
d4:6c:c9:44:59:3e:f1:00:93:82:e6:df:c2:61:8c:
17:98:f3:d2:d0:1d:7f:32:ca:40:d9:d2:cb:b0:95:
c0:3b:da:47:96:f5:45:d5:bd:c1:9a:10:84:cf:32:
4c:dc:56:8f:8b:a8:98:3e:99:22:10:25:8c:53:a5:
9e:16:6e:50:fe:37:22:a9:3e:66:c5:82:c5:7a:09:
48:a0:65:e7:95:eb:27:26:0c:af:45:76:ca:25:c7:
ec:18:f4:2e:97:f8:b9:e3:ce:35:a2:67:a2:8a:d7:
d6:51:68:d5:f2:87:4c:27:40:2f:90:fa:eb:01:20:
2f:68:2f:5c:7e:56:97:3b:e8:c7:01:2f:17:ad:e0:
0d:70:89:ef:e4:ff:eb:1d:af:9f:e4:ef:47:57:54:
e0:55:8e:a8:64:e6:c1:d1:7e:15:5c:ca:2e:2b:57:
d3:b9:33:82:ca:1c:c8:68:ff:6b:ba:f9:88:b3:a0:
f4:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:CC:73:66:2C:1C:EE:53:F7:F0:DB:66:EC:60:BA:39:A0:29:B0:2B
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/LMxzZiwc7lP38Ntm7GC6OaApsCs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
8e:5e:a4:00:f6:9f:7b:23:2e:53:45:7f:04:ed:90:80:77:25:
cc:80:d2:6b:cc:88:32:15:bd:bc:f4:88:af:cf:cc:d7:16:be:
c9:bb:b1:3c:80:c4:08:b9:7e:69:c0:be:4d:cd:2c:65:56:38:
cc:1e:2b:a8:b8:13:ab:84:c2:62:f4:4a:59:af:21:79:82:17:
75:8f:12:8e:ae:b3:42:d2:9a:f3:0e:81:b1:c6:41:ad:3c:f1:
b0:38:c6:c6:cc:e4:aa:09:64:bf:9d:59:8f:e6:97:57:31:c8:
76:0b:9f:f4:e6:8a:4a:e9:95:a7:16:47:a9:55:9c:fa:8a:05:
a1:89:7f:23:68:c0:46:65:43:ee:d5:c5:93:bd:3a:99:95:f0:
d5:fe:bc:81:d5:ee:a5:95:61:31:83:1c:83:fa:eb:3f:2d:3a:
85:da:04:31:90:dd:90:97:53:ff:51:83:4c:34:af:8e:07:3b:
fc:45:d9:11:42:53:5a:2d:d9:36:0e:17:35:fe:5b:7d:26:3c:
01:7c:77:7a:16:e0:a8:0d:11:3c:e7:54:3e:3f:13:29:c4:a5:
19:69:df:65:2f:bb:0b:a7:f4:c2:cb:d9:1b:e3:3b:44:db:b2:
a7:ea:06:27:98:24:16:26:29:2d:90:7b:b2:44:5f:b0:8b:3a:
00:9a:23:f6
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNwUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDEy
MjUyMTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJDQ0M3MzY2MkMxQ0VF
NTNGN0YwREI2NkVDNjBCQTM5QTAyOUIwMkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgF9bpsPRRVsr0os95oyq665mzkkW0l6H7HRM4n7YxzkdLcjHT
XmE7CdJx9ffet/VHHCE1MfzVaXu/42n5XIjuuQwUyt4hkOz+L9RsyURZPvEAk4Lm
38JhjBeY89LQHX8yykDZ0suwlcA72keW9UXVvcGaEITPMkzcVo+LqJg+mSIQJYxT
pZ4WblD+NyKpPmbFgsV6CUigZeeV6ycmDK9Fdsolx+wY9C6X+LnjzjWiZ6KK19ZR
aNXyh0wnQC+Q+usBIC9oL1x+Vpc76McBLxet4A1wie/k/+sdr5/k70dXVOBVjqhk
5sHRfhVcyi4rV9O5M4LKHMho/2u6+YizoPThAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQULMxzZiwc7lP38Ntm7GC6OaApsCswHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0xNeHpaaXdjN2xQMzhO
dG03R0M2T2FBcHNDcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAI5epAD2n3sjLlNF
fwTtkIB3JcyA0mvMiDIVvbz0iK/PzNcWvsm7sTyAxAi5fmnAvk3NLGVWOMweK6i4
E6uEwmL0SlmvIXmCF3WPEo6us0LSmvMOgbHGQa088bA4xsbM5KoJZL+dWY/ml1cx
yHYLn/TmikrplacWR6lVnPqKBaGJfyNowEZlQ+7VxZO9OpmV8NX+vIHV7qWVYTGD
HIP66z8tOoXaBDGQ3ZCXU/9Rg0w0r44HO/xF2RFCU1ot2TYOFzX+W30mPAF8d3oW
4KgNETznVD4/EynEpRlp32Uvuwun9MLL2RvjO0TbsqfqBieYJBYmKS2Qe7JEX7CL
OgCaI/Y=
-----END CERTIFICATE-----
Generated at Tue Apr 2 07:08:13 2024 by rpki-client on console.sobornost.net