Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/PKRFWdQv7It3P10B5bZxnQ4IJgA.roa
File: PKRFWdQv7It3P10B5bZxnQ4IJgA.roa (raw, json)
Hash identifier: 7n2LiEd2WQCtDAKjbs392YdtjeHCCAU0iETY1AwY8bU=
Subject key identifier: 3C:A4:45:59:D4:2F:EC:8B:77:3F:5D:01:E5:B6:71:9D:0E:08:26:00
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3525
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/PKRFWdQv7It3P10B5bZxnQ4IJgA.roa
Signing time: Sat 30 Mar 2024 10:52:08 +0000
ROA not before: Sat 30 Mar 2024 10:52:08 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13605 (0x3525)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Mar 30 10:52:08 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3CA44559D42FEC8B773F5D01E5B6719D0E082600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e6:89:ab:60:62:94:d0:c3:86:60:29:db:50:
06:eb:2b:af:bb:48:7c:93:9b:66:24:10:c6:bd:d1:
0f:c4:f4:e7:4f:52:db:07:ec:ab:76:b4:da:47:67:
dc:32:2e:69:da:f5:3e:d7:e9:6c:c5:90:8d:6a:ee:
d3:84:7b:6f:7b:d9:e1:6a:ee:77:5c:8c:f6:09:36:
61:b6:92:b6:6e:63:3a:5f:0d:41:a3:0c:a1:87:b7:
66:1d:3a:63:51:49:5f:fc:1b:80:65:b8:4a:54:e4:
04:cf:2d:7a:06:ba:da:49:e3:69:ae:9b:17:17:ab:
64:d0:65:a8:c3:3d:61:18:6d:48:7c:62:fc:3b:af:
97:5a:f2:3f:63:9a:d3:48:41:3b:a9:d8:dc:17:29:
05:a1:ff:f3:91:7a:90:8b:e7:ee:19:5c:a9:36:92:
d4:11:c9:e9:cf:34:e6:56:73:ea:37:a7:ed:ae:0e:
89:4c:81:dc:cb:3f:bb:10:72:b6:b1:88:16:28:e9:
82:84:a8:ef:95:9a:f1:d9:35:66:e3:f0:9f:bd:ac:
fb:a8:dc:ed:d9:fb:42:21:16:7e:94:22:a9:af:86:
e5:45:84:09:f6:4d:df:13:78:14:1c:ff:d9:ef:0a:
83:43:53:03:f2:0d:7b:ab:a6:ee:5d:ca:62:7b:c2:
70:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A4:45:59:D4:2F:EC:8B:77:3F:5D:01:E5:B6:71:9D:0E:08:26:00
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/PKRFWdQv7It3P10B5bZxnQ4IJgA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
7e:dd:c8:b6:50:09:25:a8:71:0e:5c:a4:7e:e8:d6:94:65:6a:
a0:9d:71:4c:7f:99:3f:bf:60:87:ff:ac:ab:92:ea:f9:62:d1:
b5:d5:21:ad:9f:9a:b1:ba:3a:66:78:b0:6c:a6:8d:f9:31:12:
33:29:d3:ae:ce:d8:fe:5d:fb:b3:dc:47:da:b8:4a:aa:04:e7:
9d:05:d6:4a:ab:97:22:89:7b:45:3f:22:dd:78:4b:8b:cd:30:
44:82:b8:92:14:ee:14:d7:05:14:9e:98:0e:bf:bb:41:00:82:
39:79:5b:c9:0b:0b:89:48:72:c2:d0:a1:81:5d:6d:56:b5:5e:
43:5d:a6:87:32:92:e8:22:1b:c8:40:e5:77:cf:32:12:88:0d:
0d:73:ae:e6:41:79:4e:dc:64:b5:07:1f:19:dc:14:7f:49:40:
75:11:c4:ca:e5:10:d7:8a:26:5c:a6:aa:54:af:7a:1e:6b:42:
79:6b:93:04:74:46:ad:21:24:1c:1b:ca:0b:68:90:68:db:12:
34:81:c5:bf:fe:5f:ee:c1:f0:f0:7c:ad:bb:a7:b1:d6:b0:05:
1f:88:0c:d5:3a:19:04:45:8b:f2:0a:3c:e2:b9:5b:e9:69:be:
62:e2:98:88:eb:22:0b:15:86:90:bb:1c:62:04:1d:5c:f7:be:
3b:98:cb:f1
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICNSUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDAzMzAx
MDUyMDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNDQTQ0NTU5RDQyRkVD
OEI3NzNGNUQwMUU1QjY3MTlEMEUwODI2MDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDT5omrYGKU0MOGYCnbUAbrK6+7SHyTm2YkEMa90Q/E9OdPUtsH
7Kt2tNpHZ9wyLmna9T7X6WzFkI1q7tOEe2972eFq7ndcjPYJNmG2krZuYzpfDUGj
DKGHt2YdOmNRSV/8G4BluEpU5ATPLXoGutpJ42mumxcXq2TQZajDPWEYbUh8Yvw7
r5da8j9jmtNIQTup2NwXKQWh//ORepCL5+4ZXKk2ktQRyenPNOZWc+o3p+2uDolM
gdzLP7sQcraxiBYo6YKEqO+VmvHZNWbj8J+9rPuo3O3Z+0IhFn6UIqmvhuVFhAn2
Td8TeBQc/9nvCoNDUwPyDXurpu5dymJ7wnCpAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUPKRFWdQv7It3P10B5bZxnQ4IJgAwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1BLUkZXZFF2N0l0M1Ax
MEI1Ylp4blE0SUpnQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAH7dyLZQCSWocQ5c
pH7o1pRlaqCdcUx/mT+/YIf/rKuS6vli0bXVIa2fmrG6OmZ4sGymjfkxEjMp067O
2P5d+7PcR9q4SqoE550F1kqrlyKJe0U/It14S4vNMESCuJIU7hTXBRSemA6/u0EA
gjl5W8kLC4lIcsLQoYFdbVa1XkNdpocykugiG8hA5XfPMhKIDQ1zruZBeU7cZLUH
HxncFH9JQHURxMrlENeKJlymqlSveh5rQnlrkwR0Rq0hJBwbygtokGjbEjSBxb/+
X+7B8PB8rbunsdawBR+IDNU6GQRFi/IKPOK5W+lpvmLimIjrIgsVhpC7HGIEHVz3
vjuYy/E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:23 2024 by rpki-client on console-fra.rpki-client.org