Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/qprLP7sRflq9ywEDJmyUXcxEF38.roa
File: qprLP7sRflq9ywEDJmyUXcxEF38.roa (raw, json)
Hash identifier: aUKfa5T2Qc/TtRW4O2uKQb0rra+6H4r/mEm3ZFV966Q=
Subject key identifier: AA:9A:CB:3F:BB:11:7E:5A:BD:CB:01:03:26:6C:94:5D:CC:44:17:7F
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 16AE
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/qprLP7sRflq9ywEDJmyUXcxEF38.roa
Signing time: Sat 20 Apr 2024 10:53:32 +0000
ROA not before: Sat 20 Apr 2024 10:53:32 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5806 (0x16ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 20 10:53:32 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AA9ACB3FBB117E5ABDCB0103266C945DCC44177F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:2c:6b:6b:60:e5:25:6c:20:94:84:3e:db:8a:
3a:c3:ac:7d:f5:07:91:3c:b0:aa:34:ad:4a:a7:e1:
ea:d0:87:b5:d1:43:a0:95:76:8c:b5:77:75:22:00:
d8:58:b2:0a:ac:42:69:4f:d9:ea:24:5c:69:08:f0:
df:34:54:d0:54:f0:9d:ca:42:63:f7:48:d5:e7:e4:
07:d9:80:a8:89:71:5b:2e:c7:1c:ab:7d:c9:ee:7d:
94:14:12:ff:6e:26:45:74:a0:11:ac:3a:00:68:d5:
9d:c3:ca:1d:f9:7d:e7:6b:54:fc:f9:14:b0:96:29:
65:e3:5c:b6:19:db:d2:11:3b:29:a9:39:cf:54:b6:
36:a8:c4:ba:b8:d8:09:ab:ae:03:c2:7e:0b:58:42:
1e:b5:3b:42:a2:1c:4b:e5:46:3c:52:f5:aa:66:c5:
03:60:0b:3a:aa:c3:ce:01:d8:08:0e:93:41:cd:07:
20:64:6d:0b:53:95:a4:5b:8c:ab:0f:31:cb:c4:87:
ae:54:4d:ec:41:bd:82:f1:87:f5:01:29:3b:23:7b:
ab:aa:df:34:57:8f:dc:7f:77:ab:cd:be:d1:08:3f:
72:bb:a8:a3:a5:1e:41:61:e1:81:f2:cd:18:21:84:
89:00:83:35:c6:94:c1:3b:d8:da:98:26:74:e0:27:
a8:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:9A:CB:3F:BB:11:7E:5A:BD:CB:01:03:26:6C:94:5D:CC:44:17:7F
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/qprLP7sRflq9ywEDJmyUXcxEF38.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b8:dd:84:58:4a:57:56:b8:47:d3:e4:07:12:33:3a:48:12:5d:
4a:a1:65:63:fc:c7:7d:b1:30:7c:e7:41:87:6f:5c:c3:f4:72:
57:6f:4c:b8:0c:95:1a:4a:80:dd:cd:da:b0:5b:e6:a5:32:14:
5c:06:6d:08:6f:22:ef:02:13:d0:d4:28:2b:d0:ef:1e:76:19:
99:78:41:f3:07:5f:8c:4a:bd:83:cf:40:ed:f0:a1:08:ee:2a:
f2:57:c3:af:d6:f6:d1:1e:93:57:43:09:44:c3:8c:c4:d9:be:
f7:1d:94:d5:33:4d:38:bc:0b:d9:8d:0e:6f:57:0c:58:9a:56:
ba:56:7f:38:df:51:30:28:3c:a4:1a:73:84:c1:60:cc:63:65:
f9:f1:66:0c:52:af:8e:ab:84:92:e5:61:e9:7d:2b:52:5a:5b:
d5:8e:03:e7:a3:aa:ee:6d:b5:75:be:3c:53:71:e4:02:44:cd:
a6:ed:4e:2c:eb:f7:c6:eb:c8:bc:76:4c:0f:9c:ed:93:08:a8:
b5:45:d6:35:43:f4:12:45:01:ed:c4:45:6a:9c:1e:cb:e9:b2:
3c:15:d3:ad:05:22:f8:56:ff:16:8a:2e:74:c7:ae:7c:a2:b1:
94:2b:dc:7d:44:ed:2a:e0:4e:e7:3d:78:84:6d:89:3c:bf:27:
7d:02:de:c4
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFq4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjAx
MDUzMzJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFBOUFDQjNGQkIxMTdF
NUFCRENCMDEwMzI2NkM5NDVEQ0M0NDE3N0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/LGtrYOUlbCCUhD7bijrDrH31B5E8sKo0rUqn4erQh7XRQ6CV
doy1d3UiANhYsgqsQmlP2eokXGkI8N80VNBU8J3KQmP3SNXn5AfZgKiJcVsuxxyr
fcnufZQUEv9uJkV0oBGsOgBo1Z3Dyh35fedrVPz5FLCWKWXjXLYZ29IROympOc9U
tjaoxLq42AmrrgPCfgtYQh61O0KiHEvlRjxS9apmxQNgCzqqw84B2AgOk0HNByBk
bQtTlaRbjKsPMcvEh65UTexBvYLxh/UBKTsje6uq3zRXj9x/d6vNvtEIP3K7qKOl
HkFh4YHyzRghhIkAgzXGlME72NqYJnTgJ6jrAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUqprLP7sRflq9ywEDJmyUXcxEF38wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3FwckxQN3NSZmxxOXl3
RURKbXlVWGN4RUYzOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAuN2EWEpXVrhH0+QHEjM6SBJdSqFlY/zH
fbEwfOdBh29cw/RyV29MuAyVGkqA3c3asFvmpTIUXAZtCG8i7wIT0NQoK9DvHnYZ
mXhB8wdfjEq9g89A7fChCO4q8lfDr9b20R6TV0MJRMOMxNm+9x2U1TNNOLwL2Y0O
b1cMWJpWulZ/ON9RMCg8pBpzhMFgzGNl+fFmDFKvjquEkuVh6X0rUlpb1Y4D56Oq
7m21db48U3HkAkTNpu1OLOv3xuvIvHZMD5ztkwiotUXWNUP0EkUB7cRFapwey+my
PBXTrQUi+Fb/FooudMeufKKxlCvcfUTtKuBO5z14hG2JPL8nfQLexA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:34:08 2025 by rpki-client