Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/PgA6CURHq6ItFw9277V_sS9BPnk.roa
File: PgA6CURHq6ItFw9277V_sS9BPnk.roa (raw, json)
Hash identifier: ks/RIwC+A1VWXlnqQvQCWFUKELGSs23HdEQp69gNT7M=
Subject key identifier: 3E:00:3A:09:44:47:AB:A2:2D:17:0F:76:EF:B5:7F:B1:2F:41:3E:79
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 502D
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/PgA6CURHq6ItFw9277V_sS9BPnk.roa
Signing time: Sun 05 May 2024 11:53:48 +0000
ROA not before: Sun 05 May 2024 11:53:48 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20525 (0x502d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 5 11:53:48 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3E003A094447ABA22D170F76EFB57FB12F413E79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e7:25:11:96:ae:12:c1:e3:b8:d9:72:d3:50:
a9:1a:20:88:77:c7:e7:c3:86:e3:da:72:cd:aa:8f:
77:42:a7:a4:35:dc:6f:98:e3:a6:37:0b:7b:f7:3a:
10:aa:ff:74:44:38:09:b2:9b:4f:3c:b5:9e:64:a2:
50:e9:da:9c:54:6c:af:f5:cb:9e:58:98:24:aa:9f:
c8:e2:3d:f4:3b:61:04:10:3b:46:34:9f:22:f1:26:
a8:fb:5b:8f:28:e7:3b:d6:b9:3f:22:e2:51:7b:73:
9f:f1:b5:cb:1a:af:bf:d6:4e:d4:08:a0:26:ab:a2:
05:1e:01:c7:23:98:b8:c0:50:a6:92:b0:58:83:a3:
14:9f:c5:32:62:61:80:b2:ec:16:7e:f9:37:06:1b:
7c:1b:75:5b:76:04:99:31:91:94:73:1c:a5:1c:a4:
02:02:dc:70:b7:fc:79:36:fe:2b:fc:0d:16:5a:f7:
fa:b5:37:af:1a:bc:5f:e7:3a:9e:f5:bd:95:ea:3d:
e1:41:c4:4e:c2:0d:ed:6e:7d:ac:23:7f:80:23:09:
f2:a8:2b:09:ef:fb:96:56:41:28:f8:d0:71:af:08:
6e:d8:7a:6a:d0:5f:23:1b:be:e3:8a:05:11:02:92:
71:e5:75:a8:b5:66:01:af:86:68:6a:21:1c:80:be:
1f:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:00:3A:09:44:47:AB:A2:2D:17:0F:76:EF:B5:7F:B1:2F:41:3E:79
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/PgA6CURHq6ItFw9277V_sS9BPnk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
6a:49:4c:d9:b8:e0:ce:c2:73:c5:7c:4b:cf:32:22:9d:4f:eb:
c2:d1:d6:ac:52:cc:49:d4:4e:a4:d7:a2:11:76:12:f7:2e:b6:
06:e9:88:46:e4:55:8e:21:43:e9:ba:fa:3e:2e:7b:58:b7:70:
a9:cb:0e:3f:f1:0e:e0:e2:ba:6b:fb:02:bb:95:4c:2f:d9:8c:
e7:ab:ab:eb:d8:92:e5:55:e2:27:8c:88:09:83:82:68:de:bf:
e5:13:2a:ec:3a:96:cf:08:8e:f6:43:d4:58:e0:5d:e8:a5:41:
bc:7d:4e:34:88:d7:bb:a8:ec:57:13:bb:fb:45:b2:a0:6d:32:
e6:82:c4:5d:26:a9:2c:99:80:f9:3c:ad:75:ad:65:85:89:c1:
02:8b:16:8e:f9:e1:41:b8:d8:35:b5:4a:4a:da:3b:2b:6f:fc:
9a:2a:06:f9:98:88:52:fc:94:b3:6d:67:b4:df:42:c8:ff:9b:
39:98:55:60:d4:d7:1e:e1:c5:51:b1:f3:9e:39:e6:a9:01:5f:
b5:a5:6f:88:83:03:a3:5b:fb:e9:c1:2f:d5:5a:f8:1a:fa:37:
fc:50:fb:2a:4c:88:45:a8:0b:93:1c:ff:d7:f5:17:0e:13:e5:
28:13:5b:15:0c:4a:55:f4:84:68:ed:0e:8c:8f:ba:1c:96:d5:
b6:18:ca:42
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICUC0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDUx
MTUzNDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNFMDAzQTA5NDQ0N0FC
QTIyRDE3MEY3NkVGQjU3RkIxMkY0MTNFNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCk5yURlq4SweO42XLTUKkaIIh3x+fDhuPacs2qj3dCp6Q13G+Y
46Y3C3v3OhCq/3REOAmym088tZ5kolDp2pxUbK/1y55YmCSqn8jiPfQ7YQQQO0Y0
nyLxJqj7W48o5zvWuT8i4lF7c5/xtcsar7/WTtQIoCarogUeAccjmLjAUKaSsFiD
oxSfxTJiYYCy7BZ++TcGG3wbdVt2BJkxkZRzHKUcpAIC3HC3/Hk2/iv8DRZa9/q1
N68avF/nOp71vZXqPeFBxE7CDe1ufawjf4AjCfKoKwnv+5ZWQSj40HGvCG7YemrQ
XyMbvuOKBRECknHldai1ZgGvhmhqIRyAvh+nAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUPgA6CURHq6ItFw9277V/sS9BPnkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1BnQTZDVVJIcTZJdEZ3
OTI3N1Zfc1M5QlBuay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAGpJTNm44M7Cc8V8
S88yIp1P68LR1qxSzEnUTqTXohF2EvcutgbpiEbkVY4hQ+m6+j4ue1i3cKnLDj/x
DuDiumv7AruVTC/ZjOerq+vYkuVV4ieMiAmDgmjev+UTKuw6ls8IjvZD1FjgXeil
Qbx9TjSI17uo7FcTu/tFsqBtMuaCxF0mqSyZgPk8rXWtZYWJwQKLFo754UG42DW1
SkraOytv/JoqBvmYiFL8lLNtZ7TfQsj/mzmYVWDU1x7hxVGx85455qkBX7Wlb4iD
A6Nb++nBL9Va+Br6N/xQ+ypMiEWoC5Mc/9f1Fw4T5SgTWxUMSlX0hGjtDoyPuhyW
1bYYykI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:15:24 2024 by rpki-client on console-fra.rpki-client.org