Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/AFPAPYmt6j0w-EYxsdmelsJtUYU.roa
File: AFPAPYmt6j0w-EYxsdmelsJtUYU.roa (raw, json)
Hash identifier: F8K+5darNHUu1CrzGSwVc1yCsIY2rN4gSZcrQEjiuOs=
Subject key identifier: 00:53:C0:3D:89:AD:EA:3D:30:F8:46:31:B1:D9:9E:96:C2:6D:51:85
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1B66
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/AFPAPYmt6j0w-EYxsdmelsJtUYU.roa
Signing time: Fri 03 May 2024 00:54:06 +0000
ROA not before: Fri 03 May 2024 00:54:06 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7014 (0x1b66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 3 00:54:06 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0053C03D89ADEA3D30F84631B1D99E96C26D5185
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f7:03:40:59:47:b6:e1:53:2e:1f:13:64:c3:
c8:d0:16:7b:d4:8e:c8:ed:8f:db:ea:90:d2:f5:c2:
7f:ed:f5:49:8f:75:dd:fe:e6:11:3c:77:06:e3:4d:
da:d5:bd:aa:c2:96:d1:f3:e9:d5:14:ac:bf:f6:a0:
7f:df:b7:11:1b:e0:6a:61:9c:3c:95:7c:42:a6:61:
bd:56:9b:45:63:f8:91:c2:26:20:fb:ab:e3:f6:87:
27:9f:b4:c2:12:b9:3f:99:bc:f1:1c:2c:4b:24:c2:
c1:27:38:c0:7b:27:cd:b2:f6:55:d7:7d:e4:9b:1d:
78:94:76:a8:72:b0:3c:de:a4:20:c4:9e:93:c7:f7:
b7:a9:23:b2:7f:c4:80:9d:9a:48:59:ff:f0:b0:46:
e3:d6:ae:7f:6b:be:0f:82:51:59:b7:92:35:e3:af:
78:d0:26:35:e7:f2:c5:ec:e9:36:50:f2:56:e0:bf:
ca:02:a6:e6:39:74:8f:a9:fa:0f:38:0e:95:c6:b5:
94:53:22:78:0a:d7:41:4d:12:98:dd:60:20:bf:04:
5d:b7:2e:8d:7c:41:73:e4:01:53:e5:51:8b:68:8a:
9e:a1:75:0a:17:52:05:de:4f:f0:3f:dc:3b:97:e1:
3e:52:96:1a:2b:ce:ea:75:98:b5:7e:03:7c:52:be:
17:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:53:C0:3D:89:AD:EA:3D:30:F8:46:31:B1:D9:9E:96:C2:6D:51:85
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/AFPAPYmt6j0w-EYxsdmelsJtUYU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d4:4c:ff:fe:83:bc:b8:0d:9c:42:6d:fe:0f:89:32:2b:01:08:
67:5d:52:9c:09:d9:97:8c:8f:dd:ab:cd:8f:2f:dd:d1:86:2d:
95:54:0b:84:c6:73:6c:27:92:37:49:c3:9d:69:d7:70:92:52:
37:95:b5:42:92:3d:a1:4c:ac:2e:79:62:d7:25:57:99:68:42:
27:3d:51:67:4b:68:3c:e0:46:74:ab:77:74:8a:5d:49:33:b1:
c8:01:77:fb:85:fa:9e:1e:92:86:4d:1a:79:b9:94:70:fe:d8:
b5:21:77:2b:9f:37:70:5e:60:46:5e:8d:5d:e7:ff:1b:d7:79:
ad:f5:cb:1b:de:f2:91:ee:87:0e:f9:f0:81:4f:89:f7:51:a6:
19:fd:ff:95:fd:24:78:f8:d7:58:cf:fa:cf:a6:b6:c6:2c:98:
c6:6c:4b:d5:cb:bc:fd:a8:52:5c:bc:57:31:91:9b:fd:12:f0:
77:25:12:26:2b:06:4a:8c:77:79:ff:14:f3:aa:de:16:6f:5f:
30:5c:31:61:fd:0d:f7:31:ba:7b:b3:61:c7:4a:b2:e3:4d:c3:
7b:67:5d:1d:48:df:0c:bd:44:ed:32:8c:07:98:58:58:d6:42:
97:a0:a1:d0:93:ec:f6:a7:18:77:79:4d:c7:11:f4:7c:42:b1:
64:7c:dc:46
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICG2YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDMw
MDU0MDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDAwNTNDMDNEODlBREVB
M0QzMEY4NDYzMUIxRDk5RTk2QzI2RDUxODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDD9wNAWUe24VMuHxNkw8jQFnvUjsjtj9vqkNL1wn/t9UmPdd3+
5hE8dwbjTdrVvarCltHz6dUUrL/2oH/ftxEb4GphnDyVfEKmYb1Wm0Vj+JHCJiD7
q+P2hyeftMISuT+ZvPEcLEskwsEnOMB7J82y9lXXfeSbHXiUdqhysDzepCDEnpPH
97epI7J/xICdmkhZ//CwRuPWrn9rvg+CUVm3kjXjr3jQJjXn8sXs6TZQ8lbgv8oC
puY5dI+p+g84DpXGtZRTIngK10FNEpjdYCC/BF23Lo18QXPkAVPlUYtoip6hdQoX
UgXeT/A/3DuX4T5Slhorzup1mLV+A3xSvhcVAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUAFPAPYmt6j0w+EYxsdmelsJtUYUwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0FGUEFQWW10Nmowdy1F
WXhzZG1lbHNKdFVZVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEA1Ez//oO8uA2cQm3+D4kyKwEIZ11SnAnZ
l4yP3avNjy/d0YYtlVQLhMZzbCeSN0nDnWnXcJJSN5W1QpI9oUysLnli1yVXmWhC
Jz1RZ0toPOBGdKt3dIpdSTOxyAF3+4X6nh6Shk0aebmUcP7YtSF3K583cF5gRl6N
Xef/G9d5rfXLG97yke6HDvnwgU+J91GmGf3/lf0kePjXWM/6z6a2xiyYxmxL1cu8
/ahSXLxXMZGb/RLwdyUSJisGSox3ef8U86reFm9fMFwxYf0N9zG6e7Nhx0qy403D
e2ddHUjfDL1E7TKMB5hYWNZCl6Ch0JPs9qcYd3lNxxH0fEKxZHzcRg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:31:14 2025 by rpki-client