Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/Qxr3VUZOBl6E7-VcZB3ZaDSBcxc.roa
File: Qxr3VUZOBl6E7-VcZB3ZaDSBcxc.roa (raw, json)
Hash identifier: QU42e0eHsbsNc7KeDcdlXo6sftLgU+6MD8w4RC8EZn0=
Subject key identifier: 43:1A:F7:55:46:4E:06:5E:84:EF:E5:5C:64:1D:D9:68:34:81:73:17
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0648
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Qxr3VUZOBl6E7-VcZB3ZaDSBcxc.roa
Signing time: Thu 13 Apr 2023 04:45:34 +0000
ROA not before: Thu 13 Apr 2023 04:45:34 +0000
ROA not after: Wed 27 Mar 2024 01:13:10 +0000
asID: 7018
IP address blocks: 112.75.0.0/17 maxlen: 24
112.75.96.0/19 maxlen: 24
112.75.96.0/22 maxlen: 24
112.75.100.0/22 maxlen: 24
112.75.104.0/22 maxlen: 24
112.75.108.0/22 maxlen: 24
112.75.112.0/22 maxlen: 24
112.75.116.0/22 maxlen: 24
112.75.120.0/22 maxlen: 24
112.75.124.0/22 maxlen: 24
112.75.132.0/22 maxlen: 24
112.75.140.0/22 maxlen: 24
112.75.148.0/22 maxlen: 24
112.75.156.0/22 maxlen: 24
112.75.164.0/22 maxlen: 24
112.75.172.0/22 maxlen: 24
112.75.180.0/22 maxlen: 24
112.75.188.0/22 maxlen: 24
112.75.196.0/22 maxlen: 24
112.75.204.0/22 maxlen: 24
112.75.212.0/22 maxlen: 24
112.75.220.0/22 maxlen: 24
112.75.228.0/22 maxlen: 24
112.75.236.0/22 maxlen: 24
112.75.244.0/22 maxlen: 24
112.75.252.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1608 (0x648)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 13 04:45:34 2023 GMT
Not After : Mar 27 01:13:10 2024 GMT
Subject: CN=431AF755464E065E84EFE55C641DD96834817317
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:93:31:b8:d3:10:11:12:15:2e:f9:3b:b6:11:
4a:94:bb:0e:c2:58:ba:d1:22:d5:1f:77:e9:02:17:
c5:19:ca:33:f7:74:3b:d4:79:d4:22:86:06:6a:31:
8a:eb:fb:ca:ed:8a:c4:78:99:31:e5:b0:89:e3:0c:
9d:7d:9a:1e:61:72:61:b5:9b:36:5e:b3:af:d6:b9:
3d:58:f6:90:56:39:5e:05:a1:3c:5e:5d:36:80:2e:
14:0a:04:de:17:74:03:25:17:57:c4:5e:4a:19:8a:
8e:9f:53:8f:9f:3e:5d:18:84:2e:e8:90:4c:17:54:
b4:3a:05:59:10:87:42:ee:f7:d4:3b:f7:52:cf:b3:
fd:5d:7e:69:15:3f:06:ea:7a:35:3c:d4:c1:1a:d3:
00:de:55:db:71:83:40:00:76:3c:fe:86:ff:98:31:
7f:ec:76:5a:6d:80:f7:39:69:8a:c1:50:09:cf:a5:
c2:59:3f:6a:22:49:f9:1d:01:3c:ab:4b:29:11:c5:
25:3d:04:af:26:62:e1:c0:71:bc:c4:f8:86:09:c6:
7e:a5:e2:4a:0e:9f:89:1a:c9:6d:b7:5a:a5:29:37:
fe:c0:97:77:f9:70:d5:8c:5e:da:a5:e9:81:03:b0:
b3:26:db:80:cb:61:48:7c:97:b8:52:c8:14:84:f4:
09:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:1A:F7:55:46:4E:06:5E:84:EF:E5:5C:64:1D:D9:68:34:81:73:17
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Qxr3VUZOBl6E7-VcZB3ZaDSBcxc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/17
112.75.132.0/22
112.75.140.0/22
112.75.148.0/22
112.75.156.0/22
112.75.164.0/22
112.75.172.0/22
112.75.180.0/22
112.75.188.0/22
112.75.196.0/22
112.75.204.0/22
112.75.212.0/22
112.75.220.0/22
112.75.228.0/22
112.75.236.0/22
112.75.244.0/22
112.75.252.0/22
Signature Algorithm: sha256WithRSAEncryption
98:6d:e5:0d:19:82:45:c7:7f:4e:6a:8c:cc:f8:00:ff:80:a6:
43:b4:71:39:19:d0:90:bc:7e:48:8f:06:b3:3d:e3:1f:b6:e2:
01:b3:32:10:8c:5e:31:fb:e6:d2:29:c5:44:1f:c2:61:2d:3b:
ae:25:e2:72:34:c3:2c:a1:b6:2e:78:78:55:ad:62:fd:95:f9:
77:25:34:9a:d2:bd:3c:da:f7:73:87:a4:28:2b:13:c1:df:f3:
51:38:50:47:af:29:81:f7:10:6f:c7:16:4d:23:ef:45:ce:fc:
0b:c1:d9:63:41:02:d6:37:9b:8b:4b:3f:b8:a3:d5:0e:44:1f:
08:2b:06:84:b1:49:3f:dd:a1:e2:4f:f1:bb:8c:80:7e:99:ef:
27:d8:0a:34:f9:db:8f:ea:5e:d5:cc:e2:d7:5c:f5:3e:4b:f8:
dd:0a:8b:2c:bb:6b:9b:4a:78:a4:f2:ce:1c:63:05:54:75:8f:
23:a8:a7:9d:4f:5a:18:9c:6c:42:81:fc:ed:01:00:ed:bd:c2:
ec:9c:ca:99:f7:8c:13:62:34:26:76:09:16:e3:1c:07:3d:80:
ae:a2:ea:79:02:d8:87:f0:8e:8c:5f:9a:72:aa:c8:1e:d3:53:
cc:c5:36:97:be:b2:27:7e:a6:5d:ec:40:95:c2:98:92:0d:cb:
a6:41:64:34
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgICBkgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yMzA0MTMw
NDQ1MzRaFw0yNDAzMjcwMTEzMTBaMDMxMTAvBgNVBAMTKDQzMUFGNzU1NDY0RTA2
NUU4NEVGRTU1QzY0MUREOTY4MzQ4MTczMTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4kzG40xAREhUu+Tu2EUqUuw7CWLrRItUfd+kCF8UZyjP3dDvU
edQihgZqMYrr+8rtisR4mTHlsInjDJ19mh5hcmG1mzZes6/WuT1Y9pBWOV4FoTxe
XTaALhQKBN4XdAMlF1fEXkoZio6fU4+fPl0YhC7okEwXVLQ6BVkQh0Lu99Q791LP
s/1dfmkVPwbqejU81MEa0wDeVdtxg0AAdjz+hv+YMX/sdlptgPc5aYrBUAnPpcJZ
P2oiSfkdATyrSykRxSU9BK8mYuHAcbzE+IYJxn6l4koOn4kayW23WqUpN/7Al3f5
cNWMXtql6YEDsLMm24DLYUh8l7hSyBSE9AkBAgMBAAGjggJRMIICTTAdBgNVHQ4E
FgQUQxr3VUZOBl6E7+VcZB3ZaDSBcxcwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1F4cjNWVVpPQmw2RTct
VmNaQjNaYURTQmN4Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwfwYIKwYBBQUHAQcBAf8EcDBuMGwEAgABMGYD
BAdwSwADBAJwS4QDBAJwS4wDBAJwS5QDBAJwS5wDBAJwS6QDBAJwS6wDBAJwS7QD
BAJwS7wDBAJwS8QDBAJwS8wDBAJwS9QDBAJwS9wDBAJwS+QDBAJwS+wDBAJwS/QD
BAJwS/wwDQYJKoZIhvcNAQELBQADggEBAJht5Q0ZgkXHf05qjMz4AP+ApkO0cTkZ
0JC8fkiPBrM94x+24gGzMhCMXjH75tIpxUQfwmEtO64l4nI0wyyhti54eFWtYv2V
+XclNJrSvTza93OHpCgrE8Hf81E4UEevKYH3EG/HFk0j70XO/AvB2WNBAtY3m4tL
P7ij1Q5EHwgrBoSxST/doeJP8buMgH6Z7yfYCjT524/qXtXM4tdc9T5L+N0Kiyy7
a5tKeKTyzhxjBVR1jyOop51PWhicbEKB/O0BAO29wuycypn3jBNiNCZ2CRbjHAc9
gK6i6nkC2IfwjoxfmnKqyB7TU8zFNpe+sid+pl3sQJXCmJINy6ZBZDQ=
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:29:26 2025 by rpki-client