Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/RZlhIjmtqeFS4fxpaS654f5ikjE.roa
File: RZlhIjmtqeFS4fxpaS654f5ikjE.roa (raw, json)
Hash identifier: nwI6yQ8zvqkjFYW3hEZn8aRwfbvDzNtzbciS7tAGNKQ=
Subject key identifier: 45:99:61:22:39:AD:A9:E1:52:E1:FC:69:69:2E:B9:E1:FE:62:92:31
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 155A
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/RZlhIjmtqeFS4fxpaS654f5ikjE.roa
Signing time: Tue 16 Apr 2024 21:54:12 +0000
ROA not before: Tue 16 Apr 2024 21:54:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5466 (0x155a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 16 21:54:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4599612239ADA9E152E1FC69692EB9E1FE629231
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:90:9b:d2:63:ac:18:7d:bf:fc:5d:19:6c:81:
19:1a:b7:3d:1a:bb:c3:ae:cc:76:07:a3:1e:29:43:
6e:8c:f4:f3:ec:4a:5a:68:8c:b9:45:94:e2:bc:9e:
4e:6b:ca:70:69:5a:42:b4:9f:9f:28:6d:d3:40:60:
a1:43:c6:cb:de:dc:cf:0e:a7:16:2c:f5:ad:c0:8f:
70:36:95:a4:2d:e2:d0:83:2c:30:59:41:66:3b:18:
10:07:18:b6:36:7a:0f:e5:5d:46:ad:44:ff:e9:73:
4b:e4:e6:4b:b2:9c:c1:db:37:17:c0:a6:9f:76:09:
b2:d2:ee:c9:da:bc:a1:7b:5f:58:5e:82:43:5d:cf:
19:1b:a8:a3:cf:b5:22:78:f0:26:14:97:7b:5a:84:
db:f0:49:07:04:35:b6:1e:d8:ab:1f:51:c9:f7:ae:
a3:94:a4:56:cc:a3:fc:1e:e8:bc:e2:96:d3:57:67:
17:f7:33:6e:eb:70:9c:4d:b0:dd:9e:68:45:7c:c5:
3e:42:72:7b:b8:a1:43:47:7c:32:af:06:2c:44:22:
00:2f:dc:b1:4c:9c:2b:fe:3f:94:33:ae:9f:6f:34:
3b:7b:63:87:e2:e1:eb:9c:95:7d:59:d0:c7:f1:a9:
04:f9:45:fe:9c:74:4f:8b:f0:7a:f4:0d:77:28:96:
de:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:99:61:22:39:AD:A9:E1:52:E1:FC:69:69:2E:B9:E1:FE:62:92:31
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/RZlhIjmtqeFS4fxpaS654f5ikjE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
88:8b:8a:82:c1:d8:61:f0:93:ad:9c:16:3f:05:22:b4:18:e6:
39:47:b9:6c:a5:bf:d9:ee:6f:79:50:6d:46:1b:0c:e4:7d:f7:
da:fb:e7:5e:21:58:ee:4c:fc:41:07:d3:73:f5:64:37:7d:c8:
cf:16:e7:03:df:d4:15:cb:2f:df:e7:45:65:8d:c9:43:9b:78:
bc:5a:88:0e:cd:43:02:59:6c:bb:dd:d3:30:7a:3d:57:df:62:
58:e1:7d:ee:32:f0:fa:1f:c1:5f:94:6a:d2:e2:ab:40:e1:ac:
38:f8:b2:fe:1e:70:4b:dc:e8:cb:f6:11:51:73:b1:e2:f8:6d:
86:e1:3e:72:39:27:4e:cd:a7:a3:48:81:b3:61:47:c4:15:63:
7c:b2:30:84:ad:6a:83:20:87:2a:04:62:51:6d:fe:b5:5d:9a:
12:80:6c:69:5a:67:89:6b:bb:6d:e1:45:ed:e1:f7:26:9a:46:
87:8c:a8:92:64:d0:cc:95:e5:d0:18:94:06:ed:1a:50:1e:65:
f7:f8:6e:b8:14:63:36:f6:f9:56:ea:a9:09:7d:41:16:83:90:
95:de:a4:bd:ec:8d:79:55:ea:39:d9:0f:93:8e:34:93:12:57:
49:30:e4:93:02:f7:1a:e1:af:78:9e:08:71:eb:90:27:9c:f2:
16:99:ac:96
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFVowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTYy
MTU0MTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ1OTk2MTIyMzlBREE5
RTE1MkUxRkM2OTY5MkVCOUUxRkU2MjkyMzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRkJvSY6wYfb/8XRlsgRkatz0au8OuzHYHox4pQ26M9PPsSlpo
jLlFlOK8nk5rynBpWkK0n58obdNAYKFDxsve3M8OpxYs9a3Aj3A2laQt4tCDLDBZ
QWY7GBAHGLY2eg/lXUatRP/pc0vk5kuynMHbNxfApp92CbLS7snavKF7X1hegkNd
zxkbqKPPtSJ48CYUl3tahNvwSQcENbYe2KsfUcn3rqOUpFbMo/we6LziltNXZxf3
M27rcJxNsN2eaEV8xT5Ccnu4oUNHfDKvBixEIgAv3LFMnCv+P5Qzrp9vNDt7Y4fi
4euclX1Z0MfxqQT5Rf6cdE+L8Hr0DXcolt4ZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQURZlhIjmtqeFS4fxpaS654f5ikjEwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1JabGhJam10cWVGUzRm
eHBhUzY1NGY1aWtqRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAiIuKgsHYYfCTrZwWPwUitBjmOUe5bKW/
2e5veVBtRhsM5H332vvnXiFY7kz8QQfTc/VkN33IzxbnA9/UFcsv3+dFZY3JQ5t4
vFqIDs1DAllsu93TMHo9V99iWOF97jLw+h/BX5Rq0uKrQOGsOPiy/h5wS9zoy/YR
UXOx4vhthuE+cjknTs2no0iBs2FHxBVjfLIwhK1qgyCHKgRiUW3+tV2aEoBsaVpn
iWu7beFF7eH3JppGh4yokmTQzJXl0BiUBu0aUB5l9/huuBRjNvb5VuqpCX1BFoOQ
ld6kveyNeVXqOdkPk440kxJXSTDkkwL3GuGveJ4IceuQJ5zyFpmslg==
-----END CERTIFICATE-----
Generated at Sun Jun 22 02:25:31 2025 by rpki-client