Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/I8eiHz02YsKHwfo1KUJ3tuvcVtE.roa
File: I8eiHz02YsKHwfo1KUJ3tuvcVtE.roa (raw, json)
Hash identifier: H497jJ8x3TPUz79tdyUZbAHkZJPa2uK+l9WVa8Z3Mis=
Subject key identifier: 23:C7:A2:1F:3D:36:62:C2:87:C1:FA:35:29:42:77:B6:EB:DC:56:D1
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1CB2
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/I8eiHz02YsKHwfo1KUJ3tuvcVtE.roa
Signing time: Mon 06 May 2024 11:54:16 +0000
ROA not before: Mon 06 May 2024 11:54:16 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7346 (0x1cb2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 6 11:54:16 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=23C7A21F3D3662C287C1FA35294277B6EBDC56D1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:cd:2d:6b:e2:6f:7a:a2:ee:b4:35:09:c7:17:
2b:e7:83:b2:0b:65:aa:a5:e6:ed:78:58:46:89:cd:
60:49:2a:47:19:61:ae:0c:5d:84:27:23:07:c9:4c:
b8:87:0c:18:ef:b5:bf:f6:a7:17:e9:ea:db:4a:81:
e3:d8:ae:0f:94:76:c0:e3:cb:f1:aa:7d:ce:57:02:
0f:40:17:fe:a5:fb:77:47:05:6b:2e:a3:c1:87:25:
53:60:b1:7b:f9:c7:31:43:a6:11:29:06:fb:9d:38:
5d:f9:07:c9:1c:fa:ba:cb:42:81:e2:05:cb:85:78:
08:0d:bd:60:1d:02:c9:55:94:24:dd:e3:cd:81:d4:
09:b1:68:83:20:4d:ca:90:90:31:17:e4:7f:9e:1a:
1b:a3:0c:05:d4:74:b9:fc:12:ac:68:bb:a3:d5:df:
07:2b:ab:8d:61:85:69:6c:1c:e5:02:de:8a:3d:3d:
0e:74:fe:81:4a:c6:ab:5c:47:71:08:fb:47:fc:25:
17:29:30:6f:0a:bd:13:5e:c5:b5:31:91:95:8e:c3:
27:61:99:85:9d:89:49:26:99:d1:4d:05:9c:26:ca:
3d:4a:10:25:b2:c8:4e:2d:9c:6b:40:e5:c4:dc:98:
d0:ec:ee:9c:84:08:d3:ed:c6:da:77:ce:ec:27:ba:
2d:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:C7:A2:1F:3D:36:62:C2:87:C1:FA:35:29:42:77:B6:EB:DC:56:D1
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/I8eiHz02YsKHwfo1KUJ3tuvcVtE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bf:9b:31:cd:04:30:45:51:09:d8:72:5b:25:8a:86:4f:0b:26:
4f:a7:74:d7:8b:7d:bf:82:85:ee:61:8a:49:24:94:6c:9b:eb:
44:77:db:cb:ce:47:ef:1c:8e:d7:21:ef:a8:9d:92:ac:c1:3c:
f8:bc:de:29:0f:82:28:5a:8f:f1:bc:62:8f:ae:dc:52:72:f7:
37:fe:45:bd:3d:ad:2d:2c:f4:94:cd:b6:83:b0:fd:33:59:61:
6c:f4:03:7f:0e:1a:ce:bf:11:ac:64:cb:3d:75:b9:7e:cb:04:
a7:2b:e5:76:da:28:5f:b6:17:f3:bc:27:3d:f8:85:42:37:7c:
23:7d:f8:9d:23:7d:78:72:b6:b4:20:9f:12:e6:8c:dd:5a:b2:
02:9d:a6:c4:55:29:a2:c9:f0:28:43:cf:2c:36:14:54:bc:f8:
2c:ed:b0:3e:c1:a7:76:f6:7d:15:c8:cd:4b:2d:d0:bd:a7:65:
e7:d0:64:6c:8a:4a:9b:71:2e:a4:ff:ca:09:c3:92:55:3b:e6:
3c:04:1c:a3:a0:c3:69:3f:9e:19:24:a1:3a:f5:dd:8c:8d:d2:
fe:a8:39:a0:f5:be:d5:03:3d:e2:c9:a4:32:26:73:d5:bb:e8:
6d:c3:8d:0a:4b:9c:d6:8d:bd:1a:11:7d:94:5a:cf:83:2e:a5:
2d:e5:12:0e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICHLIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDYx
MTU0MTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIzQzdBMjFGM0QzNjYy
QzI4N0MxRkEzNTI5NDI3N0I2RUJEQzU2RDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5zS1r4m96ou60NQnHFyvng7ILZaql5u14WEaJzWBJKkcZYa4M
XYQnIwfJTLiHDBjvtb/2pxfp6ttKgePYrg+UdsDjy/Gqfc5XAg9AF/6l+3dHBWsu
o8GHJVNgsXv5xzFDphEpBvudOF35B8kc+rrLQoHiBcuFeAgNvWAdAslVlCTd482B
1AmxaIMgTcqQkDEX5H+eGhujDAXUdLn8Eqxou6PV3wcrq41hhWlsHOUC3oo9PQ50
/oFKxqtcR3EI+0f8JRcpMG8KvRNexbUxkZWOwydhmYWdiUkmmdFNBZwmyj1KECWy
yE4tnGtA5cTcmNDs7pyECNPtxtp3zuwnui2jAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUI8eiHz02YsKHwfo1KUJ3tuvcVtEwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0k4ZWlIejAyWXNLSHdm
bzFLVUozdHV2Y1Z0RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAv5sxzQQwRVEJ2HJbJYqGTwsmT6d014t9
v4KF7mGKSSSUbJvrRHfby85H7xyO1yHvqJ2SrME8+LzeKQ+CKFqP8bxij67cUnL3
N/5FvT2tLSz0lM22g7D9M1lhbPQDfw4azr8RrGTLPXW5fssEpyvldtooX7YX87wn
PfiFQjd8I334nSN9eHK2tCCfEuaM3VqyAp2mxFUposnwKEPPLDYUVLz4LO2wPsGn
dvZ9FcjNSy3Qvadl59BkbIpKm3EupP/KCcOSVTvmPAQco6DDaT+eGSShOvXdjI3S
/qg5oPW+1QM94smkMiZz1bvobcONCkuc1o29GhF9lFrPgy6lLeUSDg==
-----END CERTIFICATE-----
Generated at Sun May 18 10:59:45 2025 by rpki-client