Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/Foeo5NgthVDqKBJdGKUPEH2oFp0.roa
File: Foeo5NgthVDqKBJdGKUPEH2oFp0.roa (raw, json)
Hash identifier: gMzsy3+S3qRosfh2K4vB0U33vGQk9nBQ6+l/84fpg5I=
Subject key identifier: 16:87:A8:E4:D8:2D:85:50:EA:28:12:5D:18:A5:0F:10:7D:A8:16:9D
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0E4E
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Foeo5NgthVDqKBJdGKUPEH2oFp0.roa
Signing time: Fri 29 Mar 2024 02:52:29 +0000
ROA not before: Fri 29 Mar 2024 02:52:29 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3662 (0xe4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 29 02:52:29 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1687A8E4D82D8550EA28125D18A50F107DA8169D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f9:0b:26:12:f6:17:8f:dc:b4:f1:40:6b:63:
a9:4c:8e:ec:01:c9:3c:b0:17:83:88:42:ba:59:4b:
f0:02:10:67:30:1b:47:51:4d:1e:25:37:2c:53:28:
65:c2:f2:46:92:66:55:a2:99:94:e3:cb:bd:29:3b:
3d:af:ef:51:31:29:83:84:69:84:67:14:30:87:c6:
f4:b4:7a:f3:77:74:cd:a2:d4:91:50:68:64:04:57:
f4:e5:8a:90:70:66:b2:23:f3:0b:c0:6d:02:2f:1e:
ec:6a:ad:a4:aa:b8:4c:d8:0e:1f:8a:a1:4b:62:65:
09:e8:65:ec:f2:48:4b:29:f2:3d:b9:db:eb:a7:de:
73:d7:28:f5:64:9a:af:39:61:ec:71:09:39:04:fc:
79:27:b9:49:43:a8:bf:a8:6e:b0:d6:a4:30:7a:d1:
cf:17:92:b6:5c:86:9c:1f:d4:b0:9e:b8:b5:c8:cc:
d2:7b:da:a7:71:51:48:4a:4c:e9:69:77:74:b1:57:
93:b0:78:d0:5d:6a:97:1b:41:37:24:4e:4e:cc:35:
de:82:0b:ac:6e:6d:f9:14:39:b3:07:82:68:c3:49:
3b:2e:77:91:31:d8:bd:01:1a:5b:f5:e8:5d:59:14:
ed:a4:5c:39:0a:ca:f9:84:c4:ba:cb:77:0c:46:c7:
7f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:87:A8:E4:D8:2D:85:50:EA:28:12:5D:18:A5:0F:10:7D:A8:16:9D
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Foeo5NgthVDqKBJdGKUPEH2oFp0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1e:8b:ed:2c:b0:27:de:78:9f:51:59:0d:c4:d7:cb:f3:bc:1a:
48:37:bb:50:63:3d:68:06:f2:40:3e:5d:fb:0f:7c:93:0a:88:
3b:b6:9b:65:df:73:fa:8b:29:96:e9:7d:90:d9:ea:cb:1c:f3:
be:88:16:31:9a:77:c6:64:19:02:7f:0a:82:ce:9e:cf:0e:b4:
22:3b:fb:41:79:cf:d7:ad:a7:98:6e:7e:dc:8c:50:32:a8:42:
82:bc:be:56:95:3e:3e:ae:2a:6a:81:f9:c7:b6:7a:46:9e:fd:
ff:67:d0:43:c0:60:cb:4b:8d:3e:14:79:98:5b:57:03:ba:96:
3c:bd:b1:b0:30:1c:33:69:88:b5:11:e5:07:71:9b:65:5d:6c:
34:69:7d:01:bc:5a:2d:a8:94:9d:4c:30:b3:da:cf:40:b1:9a:
22:01:0b:85:c7:2d:83:c3:fa:11:56:63:00:3b:a6:28:df:52:
b2:81:01:8e:10:a4:dc:6d:6d:14:94:39:87:60:e5:90:99:3e:
b8:db:dd:a0:7a:66:6d:67:6f:2d:86:07:af:58:9c:86:3b:c0:
60:15:dd:ab:d8:ab:be:ad:05:13:11:de:31:33:03:9e:8a:fc:
54:42:28:3e:62:8b:d9:85:22:b6:f2:f5:bf:b2:07:d5:36:f8:
90:95:a7:f4
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDk4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMjkw
MjUyMjlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE2ODdBOEU0RDgyRDg1
NTBFQTI4MTI1RDE4QTUwRjEwN0RBODE2OUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDK+QsmEvYXj9y08UBrY6lMjuwByTywF4OIQrpZS/ACEGcwG0dR
TR4lNyxTKGXC8kaSZlWimZTjy70pOz2v71ExKYOEaYRnFDCHxvS0evN3dM2i1JFQ
aGQEV/TlipBwZrIj8wvAbQIvHuxqraSquEzYDh+KoUtiZQnoZezySEsp8j252+un
3nPXKPVkmq85YexxCTkE/HknuUlDqL+obrDWpDB60c8XkrZchpwf1LCeuLXIzNJ7
2qdxUUhKTOlpd3SxV5OweNBdapcbQTckTk7MNd6CC6xubfkUObMHgmjDSTsud5Ex
2L0BGlv16F1ZFO2kXDkKyvmExLrLdwxGx38pAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUFoeo5NgthVDqKBJdGKUPEH2oFp0wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0ZvZW81Tmd0aFZEcUtC
SmRHS1VQRUgyb0ZwMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAHovtLLAn3nifUVkNxNfL87waSDe7UGM9
aAbyQD5d+w98kwqIO7abZd9z+osplul9kNnqyxzzvogWMZp3xmQZAn8Kgs6ezw60
Ijv7QXnP162nmG5+3IxQMqhCgry+VpU+Pq4qaoH5x7Z6Rp79/2fQQ8Bgy0uNPhR5
mFtXA7qWPL2xsDAcM2mItRHlB3GbZV1sNGl9AbxaLaiUnUwws9rPQLGaIgELhcct
g8P6EVZjADumKN9SsoEBjhCk3G1tFJQ5h2DlkJk+uNvdoHpmbWdvLYYHr1ichjvA
YBXdq9irvq0FExHeMTMDnor8VEIoPmKL2YUitvL1v7IH1Tb4kJWn9A==
-----END CERTIFICATE-----
Generated at Sun May 18 04:48:54 2025 by rpki-client