Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/PiXui5gePG_cs5dSCxSAz5479gk.roa
File: PiXui5gePG_cs5dSCxSAz5479gk.roa (raw, json)
Hash identifier: wKgJdITFwXtXuXW424AHqlibs7JVVYFzERSRKnWHApM=
Subject key identifier: 3E:25:EE:8B:98:1E:3C:6F:DC:B3:97:52:0B:14:80:CF:9E:3B:F6:09
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 3989
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/PiXui5gePG_cs5dSCxSAz5479gk.roa
Signing time: Fri 05 Apr 2024 07:22:23 +0000
ROA not before: Fri 05 Apr 2024 07:22:23 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14729 (0x3989)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: Apr 5 07:22:23 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3E25EE8B981E3C6FDCB397520B1480CF9E3BF609
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:e9:1c:eb:70:e4:4c:61:a5:9e:27:a9:19:ad:
48:5f:9c:28:a0:f2:79:a1:08:cd:b3:b9:89:a3:3f:
28:c0:1d:a9:d5:69:f4:74:1c:b3:0f:a8:77:86:4d:
99:26:a2:e0:44:8c:99:44:06:ac:37:34:b0:a7:65:
0a:87:c4:7c:6b:f3:b9:54:a0:c7:af:5a:d0:42:49:
74:56:ef:68:3c:56:ad:be:b2:58:8e:00:43:5b:e4:
b9:b0:fd:79:fc:83:fa:4e:1b:a0:c9:ec:09:ae:d7:
ca:60:be:a0:c9:49:35:b3:be:1c:24:4c:f3:97:5e:
91:96:12:28:73:59:56:25:4a:0b:45:e0:88:a6:96:
c4:fc:5b:75:f5:94:dc:04:cf:1b:33:fd:aa:b2:65:
7f:0d:89:77:20:d7:6d:79:d7:8d:49:0f:97:b6:b8:
37:82:fd:d3:46:28:3b:be:8d:f8:0c:0d:00:3e:46:
18:3d:fc:35:8f:16:07:25:fd:81:96:81:1a:b3:19:
ca:f5:37:01:1f:4d:7d:67:8c:c5:2d:f8:7c:4c:48:
cd:4d:13:8a:28:2e:29:f7:20:2a:04:07:f4:60:47:
d1:7b:ee:9f:4a:b9:c0:e7:7c:99:05:5b:78:b9:61:
b9:11:e3:79:0d:17:be:88:36:18:78:f1:72:6c:d6:
40:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:25:EE:8B:98:1E:3C:6F:DC:B3:97:52:0B:14:80:CF:9E:3B:F6:09
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/PiXui5gePG_cs5dSCxSAz5479gk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
7d:fe:59:34:51:62:fc:75:c6:62:c3:30:9a:4c:c3:72:b1:11:
87:7a:44:59:f7:ef:35:c7:8e:43:21:4d:7c:65:69:10:ca:b0:
3d:a3:c4:9a:23:1e:a2:75:4a:b5:bf:1d:c5:28:17:dc:ed:6c:
4a:e2:53:28:cc:33:7c:6e:b2:92:03:58:f3:76:11:8b:9b:82:
91:47:d0:71:2a:48:ce:bf:c0:b3:91:7c:46:a2:a9:7d:a2:b7:
50:d6:3e:74:d8:e1:42:84:1a:65:07:ad:c8:d6:61:69:0d:a6:
bf:a1:fc:ff:c3:c3:e1:bf:3a:a8:85:d5:f1:03:d5:97:5c:5b:
01:d3:59:6b:19:b5:5d:82:f3:59:f3:4f:3b:07:a9:9c:0d:fc:
46:7a:72:98:13:a4:4b:28:0d:3f:f1:e6:b6:55:82:e9:34:05:
da:3e:54:0f:40:43:09:db:e8:30:c7:44:d4:84:66:ce:ee:10:
b0:69:04:03:a4:e2:91:73:ad:ec:f4:84:d7:64:bf:b3:23:20:
ad:1c:81:e4:b5:58:85:94:d3:b1:2b:e5:a9:c4:3f:c9:72:ad:
2b:ca:4e:aa:65:f1:7c:7c:a5:0b:4e:c3:65:58:8a:83:54:ca:
6a:e3:64:38:7d:80:ec:a0:38:56:43:6c:1d:df:e5:60:25:69:
d3:e5:75:f0
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICOYkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA0MDUw
NzIyMjNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNFMjVFRThCOTgxRTND
NkZEQ0IzOTc1MjBCMTQ4MENGOUUzQkY2MDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDt6RzrcORMYaWeJ6kZrUhfnCig8nmhCM2zuYmjPyjAHanVafR0
HLMPqHeGTZkmouBEjJlEBqw3NLCnZQqHxHxr87lUoMevWtBCSXRW72g8Vq2+sliO
AENb5Lmw/Xn8g/pOG6DJ7Amu18pgvqDJSTWzvhwkTPOXXpGWEihzWVYlSgtF4Iim
lsT8W3X1lNwEzxsz/aqyZX8NiXcg1215141JD5e2uDeC/dNGKDu+jfgMDQA+Rhg9
/DWPFgcl/YGWgRqzGcr1NwEfTX1njMUt+HxMSM1NE4ooLin3ICoEB/RgR9F77p9K
ucDnfJkFW3i5YbkR43kNF76INhh48XJs1kBjAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUPiXui5gePG/cs5dSCxSAz5479gkwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L1BpWHVpNWdlUEdfY3M1
ZFNDeFNBejU0Nzlnay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBAH3+WTRRYvx1xmLD
MJpMw3KxEYd6RFn37zXHjkMhTXxlaRDKsD2jxJojHqJ1SrW/HcUoF9ztbEriUyjM
M3xuspIDWPN2EYubgpFH0HEqSM6/wLORfEaiqX2it1DWPnTY4UKEGmUHrcjWYWkN
pr+h/P/Dw+G/OqiF1fED1ZdcWwHTWWsZtV2C81nzTzsHqZwN/EZ6cpgTpEsoDT/x
5rZVguk0Bdo+VA9AQwnb6DDHRNSEZs7uELBpBAOk4pFzrez0hNdkv7MjIK0cgeS1
WIWU07Er5anEP8lyrSvKTqpl8Xx8pQtOw2VYioNUymrjZDh9gOygOFZDbB3f5WAl
adPldfA=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:40:09 2025 by rpki-client