Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/PG1DWNKPYuWolSxV9vH_1yX8WMY.roa
File: PG1DWNKPYuWolSxV9vH_1yX8WMY.roa (raw, json)
Hash identifier: 9k5NVfg0SVP1cjPVPH1uLlxt6gKw4r3MWiIu1p0IdyM=
Subject key identifier: 3C:6D:43:58:D2:8F:62:E5:A8:95:2C:55:F6:F1:FF:D7:25:FC:58:C6
Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Certificate serial: 14C5
Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/PG1DWNKPYuWolSxV9vH_1yX8WMY.roa
Signing time: Wed 11 Sep 2024 02:23:48 +0000
ROA not before: Wed 11 Sep 2024 02:23:48 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 59083
IP address blocks: 43.254.154.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5317 (0x14c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Validity
Not Before: Sep 11 02:23:48 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3C6D4358D28F62E5A8952C55F6F1FFD725FC58C6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:2b:12:b3:b7:73:02:fc:84:f8:af:b9:e1:a3:
6e:30:c0:7a:b8:23:d0:8c:92:49:7a:4c:31:db:dc:
71:64:86:cf:fb:1b:17:8c:41:91:42:17:4b:05:91:
5b:c8:fd:35:62:12:b7:51:1e:65:f2:2e:50:40:d2:
47:e2:da:b4:8a:3e:5e:9b:16:f7:bf:4a:e7:ff:31:
fc:37:98:57:0a:1f:d9:87:3f:f3:2d:65:a6:bc:9c:
b7:95:23:9b:e7:86:50:7b:5d:1a:c8:f6:ad:6e:3f:
b3:b3:4c:75:fb:51:c6:a9:ae:82:2f:a1:eb:0d:40:
a2:e7:22:03:16:ab:b3:ef:dd:6a:c9:d2:38:4b:3d:
4f:48:59:03:b2:04:8f:a4:a7:7c:c2:7f:40:ac:b5:
38:4a:4b:cb:8c:78:1b:1a:48:90:bd:46:b9:10:6f:
99:dc:ab:ee:74:c4:1d:4f:99:a5:3e:6a:c3:68:87:
d6:55:e1:28:b1:cf:19:98:70:6f:f3:20:cc:43:99:
12:ef:93:72:11:1a:f5:f3:90:a1:4e:78:1e:27:b6:
16:8d:c9:9b:a1:01:9b:cb:f7:d3:ab:f8:1d:9c:c2:
77:15:e4:bd:90:6d:5e:33:b2:1a:26:f7:f2:ee:98:
44:6b:09:0e:9d:4d:65:9f:24:8b:a7:a4:91:35:f3:
bf:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:6D:43:58:D2:8F:62:E5:A8:95:2C:55:F6:F1:FF:D7:25:FC:58:C6
X509v3 Authority Key Identifier:
keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/PG1DWNKPYuWolSxV9vH_1yX8WMY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.254.154.0/23
Signature Algorithm: sha256WithRSAEncryption
60:33:ad:33:c5:a7:0d:4a:4f:ff:50:c4:1d:5d:aa:6f:72:21:
d9:26:e1:50:36:27:32:72:1c:e5:94:d3:43:4b:b0:2f:c9:02:
d9:b6:e1:0b:cc:8c:9e:a4:37:ee:09:3c:f0:4e:c5:78:11:e4:
93:c2:56:13:06:f7:7d:3c:6a:a6:3d:f4:2d:ab:f4:c1:aa:dc:
44:dd:00:46:b5:b8:f9:68:f9:0b:8a:70:5f:08:0a:f6:fb:db:
2e:4f:b5:45:ef:a2:6b:08:f2:ae:9d:b7:a5:78:6b:bd:b5:d8:
df:6e:40:a5:1f:96:ab:2e:d8:3f:70:4a:3c:f0:3a:49:5c:98:
e2:10:82:85:df:3f:b2:d7:96:fc:0e:95:e3:7f:58:62:92:a8:
6f:24:10:19:2c:85:4f:9c:86:05:5b:dc:1f:96:62:2f:75:7c:
75:51:d7:98:5e:d4:24:5b:f9:c2:a3:93:d9:93:1c:f5:cb:c0:
cd:8e:6a:2f:87:62:2c:0a:65:bb:9d:1e:e1:73:25:e6:87:a0:
e9:60:21:2c:f0:41:ba:00:ad:90:e9:71:6e:a4:fb:8f:8d:0a:
58:65:ad:ca:db:e8:9c:6d:bf:a1:5a:ae:df:ad:86:05:ca:c2:
06:8c:4b:76:dc:ec:c4:34:be:44:0d:51:c1:ad:6e:66:77:4a:
c2:fc:66:dd
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICFMUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw
MjIzNDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNDNkQ0MzU4RDI4RjYy
RTVBODk1MkM1NUY2RjFGRkQ3MjVGQzU4QzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOKxKzt3MC/IT4r7nho24wwHq4I9CMkkl6TDHb3HFkhs/7GxeM
QZFCF0sFkVvI/TViErdRHmXyLlBA0kfi2rSKPl6bFve/Suf/Mfw3mFcKH9mHP/Mt
Zaa8nLeVI5vnhlB7XRrI9q1uP7OzTHX7UcaproIvoesNQKLnIgMWq7Pv3WrJ0jhL
PU9IWQOyBI+kp3zCf0CstThKS8uMeBsaSJC9RrkQb5ncq+50xB1PmaU+asNoh9ZV
4SixzxmYcG/zIMxDmRLvk3IRGvXzkKFOeB4nthaNyZuhAZvL99Or+B2cwncV5L2Q
bV4zshom9/LumERrCQ6dTWWfJIunpJE187+ZAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUPG1DWNKPYuWolSxV9vH/1yX8WMYwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c
9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3
L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1BHMURXTktQWXVXb2xT
eFY5dkhfMXlYOFdNWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAEr/powDQYJKoZIhvcNAQELBQADggEBAGAzrTPFpw1KT/9QxB1dqm9yIdkm4VA2
JzJyHOWU00NLsC/JAtm24QvMjJ6kN+4JPPBOxXgR5JPCVhMG9308aqY99C2r9MGq
3ETdAEa1uPlo+QuKcF8ICvb72y5PtUXvomsI8q6dt6V4a7212N9uQKUflqsu2D9w
SjzwOklcmOIQgoXfP7LXlvwOleN/WGKSqG8kEBkshU+chgVb3B+WYi91fHVR15he
1CRb+cKjk9mTHPXLwM2Oai+HYiwKZbudHuFzJeaHoOlgISzwQboArZDpcW6k+4+N
Clhlrcrb6Jxtv6Fart+thgXKwgaMS3bc7MQ0vkQNUcGtbmZ3SsL8Zt0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:39:46 2025 by rpki-client