Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/U3Q1rpw_pN7X5JT93hIXqYCX2TA.roa
File: U3Q1rpw_pN7X5JT93hIXqYCX2TA.roa (raw, json)
Hash identifier: RhMuZV8QpbQyvH6gyk9gEkyEb4Ko1wE7RDOOa7W7rts=
Subject key identifier: 53:74:35:AE:9C:3F:A4:DE:D7:E4:94:FD:DE:12:17:A9:80:97:D9:30
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0E72
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/U3Q1rpw_pN7X5JT93hIXqYCX2TA.roa
Signing time: Fri 29 Mar 2024 11:52:29 +0000
ROA not before: Fri 29 Mar 2024 11:52:29 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3698 (0xe72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 29 11:52:29 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=537435AE9C3FA4DED7E494FDDE1217A98097D930
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:4c:97:7b:cd:d7:64:c2:23:c6:3b:c7:ee:08:
b3:f6:3a:69:d1:73:b0:14:ff:da:50:e0:99:f5:2d:
e8:e0:8a:32:d6:2a:03:e1:24:ac:1b:b5:81:be:36:
85:5f:4f:05:b2:af:aa:4d:08:33:23:6d:3b:89:bb:
47:bd:97:a3:04:48:c2:a3:7e:9b:f4:62:56:ea:7c:
08:82:94:bc:11:c1:36:d2:a7:17:04:a8:3d:f1:86:
c3:b0:15:ee:74:d7:49:47:8c:37:97:a2:98:bf:dc:
74:a3:4b:6a:86:5a:60:be:fa:6f:ff:3b:b0:41:6b:
0d:3c:54:bf:6b:73:53:66:68:18:41:4c:de:cf:b2:
79:bf:6c:ab:30:86:95:33:06:9f:1f:37:9d:61:b1:
8a:64:e6:60:95:af:76:95:b9:c5:e7:61:93:5a:27:
08:76:e1:42:4c:46:3c:a2:bd:22:d3:62:7b:de:22:
5b:14:4a:e9:66:c4:39:88:08:91:37:bc:ff:c6:2f:
6d:04:e0:0e:53:5c:44:32:b3:9e:97:e8:3a:11:05:
c3:d1:96:d9:f4:aa:bb:5e:0f:fd:ec:d0:c7:d1:88:
36:32:32:8c:23:3f:25:c0:95:96:fe:e4:1c:6d:03:
ee:ab:dc:8c:97:f2:ea:3a:ab:be:62:4c:fc:b8:d1:
48:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:74:35:AE:9C:3F:A4:DE:D7:E4:94:FD:DE:12:17:A9:80:97:D9:30
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/U3Q1rpw_pN7X5JT93hIXqYCX2TA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6a:8c:ec:70:7f:b7:17:d5:8d:dd:ba:87:09:ed:f7:41:05:d0:
8a:19:7f:6d:56:68:0c:fa:3e:ce:92:70:67:b5:e5:33:04:2a:
97:b0:cd:95:1f:dd:9f:f4:24:45:53:de:d3:58:79:b4:08:88:
72:fc:d4:62:82:4b:46:0d:0b:4a:4d:53:75:ef:e8:3c:91:54:
67:ab:5d:f6:fb:1d:0f:b2:ab:2e:12:4f:ba:e7:8d:6c:4d:87:
45:cd:a7:e1:2d:3f:10:cc:74:9a:36:4a:af:81:f4:02:66:4a:
21:d5:c1:05:cf:14:f1:68:24:92:53:5a:09:48:c8:f3:e5:57:
4c:f2:21:53:58:f7:2e:cf:c6:06:4e:95:3f:b1:31:67:ca:47:
6e:de:1c:29:a1:9e:65:78:34:a2:57:c1:6e:d5:21:40:d4:6d:
3c:f4:59:8a:28:5f:97:74:a3:c4:0c:a7:b7:dd:5f:28:51:3b:
84:7b:19:4d:67:f7:22:61:6a:5e:18:38:37:3f:16:d5:73:cd:
2a:20:b9:21:67:e4:de:63:b0:ab:31:2d:67:75:99:23:13:c7:
5c:92:2c:6c:5f:f3:da:b7:2c:91:6f:eb:2e:f4:7b:ad:a7:0b:
10:35:ad:a4:74:d1:6b:51:05:88:09:7a:7a:84:eb:c2:19:a4:
8b:46:08:fc
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDnIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMjkx
MTUyMjlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUzNzQzNUFFOUMzRkE0
REVEN0U0OTRGRERFMTIxN0E5ODA5N0Q5MzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZTJd7zddkwiPGO8fuCLP2OmnRc7AU/9pQ4Jn1LejgijLWKgPh
JKwbtYG+NoVfTwWyr6pNCDMjbTuJu0e9l6MESMKjfpv0YlbqfAiClLwRwTbSpxcE
qD3xhsOwFe5010lHjDeXopi/3HSjS2qGWmC++m//O7BBaw08VL9rc1NmaBhBTN7P
snm/bKswhpUzBp8fN51hsYpk5mCVr3aVucXnYZNaJwh24UJMRjyivSLTYnveIlsU
SulmxDmICJE3vP/GL20E4A5TXEQys56X6DoRBcPRltn0qrteD/3s0MfRiDYyMowj
PyXAlZb+5BxtA+6r3IyX8uo6q75iTPy40UjdAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUU3Q1rpw/pN7X5JT93hIXqYCX2TAwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1UzUTFycHdfcE43WDVK
VDkzaElYcVlDWDJUQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAaozscH+3F9WN3bqHCe33QQXQihl/bVZo
DPo+zpJwZ7XlMwQql7DNlR/dn/QkRVPe01h5tAiIcvzUYoJLRg0LSk1Tde/oPJFU
Z6td9vsdD7KrLhJPuueNbE2HRc2n4S0/EMx0mjZKr4H0AmZKIdXBBc8U8WgkklNa
CUjI8+VXTPIhU1j3Ls/GBk6VP7ExZ8pHbt4cKaGeZXg0olfBbtUhQNRtPPRZiihf
l3SjxAynt91fKFE7hHsZTWf3ImFqXhg4Nz8W1XPNKiC5IWfk3mOwqzEtZ3WZIxPH
XJIsbF/z2rcskW/rLvR7racLEDWtpHTRa1EFiAl6eoTrwhmki0YI/A==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:29:30 2025 by rpki-client