Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/Q1pbYIki23Xgi02ipT7gHLP00iA.roa
File: Q1pbYIki23Xgi02ipT7gHLP00iA.roa (raw, json)
Hash identifier: 6+oX6gJu97HusCZfORqjkHx7BEkC1YIKhh26rsg8gfo=
Subject key identifier: 43:5A:5B:60:89:22:DB:75:E0:8B:4D:A2:A5:3E:E0:1C:B3:F4:D2:20
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0F44
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Q1pbYIki23Xgi02ipT7gHLP00iA.roa
Signing time: Sun 31 Mar 2024 16:22:39 +0000
ROA not before: Sun 31 Mar 2024 16:22:39 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3908 (0xf44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 31 16:22:39 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=435A5B608922DB75E08B4DA2A53EE01CB3F4D220
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:7b:96:cf:33:32:37:e5:5d:a5:1d:b1:51:78:
f3:c9:44:b3:9d:91:fa:97:2d:04:a6:97:a3:ca:ee:
7c:e8:a1:3e:a5:bd:59:8c:cb:15:44:cd:f5:2d:24:
6f:f4:84:dc:6c:0a:a5:a8:90:02:62:0a:2c:36:f3:
72:49:40:1c:f2:92:cf:8b:21:5f:99:24:d1:28:4e:
f9:87:d3:be:b0:d2:26:09:46:b3:f3:57:e6:e2:5e:
0f:9b:8f:43:0b:12:4b:88:1f:a5:78:e4:23:45:e9:
fa:50:9c:a9:79:b6:13:f5:51:21:ae:35:33:77:fd:
5f:7c:27:b3:10:7b:87:d8:d5:96:af:99:ce:20:0f:
38:ba:c0:e6:80:0e:72:97:a2:e9:dc:29:0f:15:c0:
31:99:60:99:a6:62:ae:e6:3b:09:b0:e9:e9:0c:10:
51:13:cb:bd:dd:de:d9:7a:b5:1c:0c:b6:38:5f:b8:
d6:d5:c1:24:8f:0e:a6:2d:d7:c3:7b:b3:e9:67:fb:
40:be:7a:23:b4:16:6e:17:25:0b:95:e5:49:2d:d5:
0c:32:80:41:40:45:c1:81:43:c1:67:65:7e:1c:1a:
d4:2c:e7:03:76:18:5a:0c:85:75:32:ca:29:ef:c0:
2b:6a:79:f5:97:78:a2:0d:86:d5:e4:ce:72:74:d6:
54:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:5A:5B:60:89:22:DB:75:E0:8B:4D:A2:A5:3E:E0:1C:B3:F4:D2:20
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Q1pbYIki23Xgi02ipT7gHLP00iA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
80:92:f2:34:ae:24:69:c5:4f:10:a7:06:51:ed:9f:c1:bb:61:
c5:9d:9a:f8:ba:fa:5c:cf:33:19:52:db:85:8d:e9:04:20:d6:
82:74:93:b5:2b:4f:1b:d4:b0:f5:0d:7e:94:a3:f6:9b:4d:e3:
5b:e7:d0:18:bd:97:d9:37:a7:a2:a0:1f:9e:b5:35:49:2d:e1:
d4:3b:8a:92:eb:73:58:a4:d9:2a:9d:a6:b0:51:fa:c3:18:62:
27:fc:48:5e:0b:c9:33:91:3d:e8:76:7d:18:ec:b6:30:c5:fa:
2b:e7:11:4d:5c:cc:27:d6:29:10:f7:43:da:ec:d5:9d:d3:91:
63:8a:e1:02:9d:31:35:2f:a4:70:ce:4d:40:98:a2:10:b2:c1:
65:42:ee:a7:e9:5e:55:74:ed:73:81:b3:aa:81:1e:e9:d9:a3:
4c:e4:0e:3b:69:70:8f:e0:d6:39:a7:33:45:d9:df:5e:96:d5:
02:df:42:01:c7:38:1e:8a:5a:78:35:3c:cf:ba:ea:b6:e6:92:
36:ea:86:09:6c:f3:79:34:28:df:d3:95:60:a1:ea:f7:6c:a4:
91:4c:c5:c0:5c:d0:24:4a:e7:ad:ca:df:43:81:e8:82:48:03:
cd:80:60:3e:3f:cb:55:05:e4:34:6c:60:55:f6:84:17:3e:a6:
65:a7:2b:f8
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICD0QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMzEx
NjIyMzlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQzNUE1QjYwODkyMkRC
NzVFMDhCNERBMkE1M0VFMDFDQjNGNEQyMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCze5bPMzI35V2lHbFRePPJRLOdkfqXLQSml6PK7nzooT6lvVmM
yxVEzfUtJG/0hNxsCqWokAJiCiw283JJQBzyks+LIV+ZJNEoTvmH076w0iYJRrPz
V+biXg+bj0MLEkuIH6V45CNF6fpQnKl5thP1USGuNTN3/V98J7MQe4fY1Zavmc4g
Dzi6wOaADnKXouncKQ8VwDGZYJmmYq7mOwmw6ekMEFETy73d3tl6tRwMtjhfuNbV
wSSPDqYt18N7s+ln+0C+eiO0Fm4XJQuV5Ukt1QwygEFARcGBQ8FnZX4cGtQs5wN2
GFoMhXUyyinvwCtqefWXeKINhtXkznJ01lRPAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUQ1pbYIki23Xgi02ipT7gHLP00iAwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1ExcGJZSWtpMjNYZ2kw
MmlwVDdnSExQMDBpQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAgJLyNK4kacVPEKcGUe2fwbthxZ2a+Lr6
XM8zGVLbhY3pBCDWgnSTtStPG9Sw9Q1+lKP2m03jW+fQGL2X2TenoqAfnrU1SS3h
1DuKkutzWKTZKp2msFH6wxhiJ/xIXgvJM5E96HZ9GOy2MMX6K+cRTVzMJ9YpEPdD
2uzVndORY4rhAp0xNS+kcM5NQJiiELLBZULup+leVXTtc4GzqoEe6dmjTOQOO2lw
j+DWOaczRdnfXpbVAt9CAcc4HopaeDU8z7rqtuaSNuqGCWzzeTQo39OVYKHq92yk
kUzFwFzQJErnrcrfQ4HogkgDzYBgPj/LVQXkNGxgVfaEFz6mZacr+A==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:36:55 2025 by rpki-client