Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/MhTrAg1CBsE6SQacsc_52yda8lo.roa
File: MhTrAg1CBsE6SQacsc_52yda8lo.roa (raw, json)
Hash identifier: JzKyw7eDZvTRtVbi6T62+7Rgd+1ISvA+EyuiZ1oJap4=
Subject key identifier: 32:14:EB:02:0D:42:06:C1:3A:49:06:9C:B1:CF:F9:DB:27:5A:F2:5A
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1ABE
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/MhTrAg1CBsE6SQacsc_52yda8lo.roa
Signing time: Wed 01 May 2024 06:54:01 +0000
ROA not before: Wed 01 May 2024 06:54:01 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6846 (0x1abe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 1 06:54:01 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3214EB020D4206C13A49069CB1CFF9DB275AF25A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:5e:58:dd:91:9a:00:a9:93:20:73:e1:3d:33:
45:94:0f:d8:b4:0d:f7:fb:3f:bc:1b:0a:c2:d9:5c:
98:c2:80:38:06:8e:39:e9:18:00:cb:69:fa:ca:5c:
82:32:db:7a:6b:de:44:18:50:58:a1:bf:d4:f9:01:
02:78:0d:79:88:5e:c3:96:c9:4e:37:fc:96:4a:68:
73:df:87:ba:fe:e2:dd:76:75:a0:db:15:cb:03:f5:
47:67:5b:1c:0a:02:4b:43:2d:fc:14:f3:77:96:1b:
bd:a2:96:92:5b:d8:14:98:8e:00:aa:ce:5a:f5:ec:
e7:a2:f6:26:d5:2b:5b:d6:1d:00:24:7b:8e:b8:58:
5b:14:81:6c:a8:45:cf:c0:67:52:33:38:c5:fb:b0:
4f:c1:44:e2:c1:42:10:47:ec:0a:7e:bf:01:d9:5e:
85:4a:17:8e:10:13:b0:47:56:a3:04:1f:23:70:c8:
50:39:60:5c:17:18:f8:b8:92:cb:25:f9:27:ec:0b:
fb:a7:cf:6a:86:17:10:2e:5d:59:ed:7c:17:34:28:
4d:a1:c3:7b:4e:e1:c0:13:a7:86:c8:63:5c:07:55:
28:e2:12:64:12:6e:ba:91:18:c1:6a:ab:0f:e3:9b:
e1:a4:40:79:8e:fb:1c:49:5a:20:11:d2:23:f8:96:
0f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:14:EB:02:0D:42:06:C1:3A:49:06:9C:B1:CF:F9:DB:27:5A:F2:5A
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/MhTrAg1CBsE6SQacsc_52yda8lo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
47:92:75:37:42:bd:52:3f:0f:10:7a:45:8b:42:0e:c0:59:be:
15:4d:e6:4e:69:1b:b3:19:5b:af:7a:a6:2e:99:2a:5b:8f:e9:
b7:9b:bf:ce:23:4f:9e:35:ac:57:85:fa:74:47:70:72:55:a8:
e2:56:e8:54:9a:82:7a:57:ed:d2:39:24:68:cd:45:55:a9:b4:
c3:2c:d3:36:2a:70:5a:d3:cc:8a:00:6b:13:7e:c7:ce:92:17:
6a:8d:8c:29:07:ae:b2:0c:fe:da:57:e6:dd:8a:4c:e7:69:ef:
4a:91:1d:29:16:92:af:f5:9f:2b:6d:30:7d:60:5b:6c:00:94:
d9:5e:d9:d3:b9:03:09:80:aa:65:67:30:f7:e3:50:67:0e:92:
0c:78:a4:57:86:ef:8d:6f:4f:23:b0:cb:70:94:ba:f2:37:62:
73:8f:9d:0b:03:88:a3:25:26:0d:bc:99:0d:ef:64:d2:ef:25:
cc:cd:b0:6c:11:85:79:15:bc:9e:c0:89:66:b5:66:0f:bf:fc:
07:4d:a8:e4:e9:1f:eb:a1:41:4a:88:65:a1:60:b5:a0:b6:5c:
fc:c9:b9:fc:c4:8b:72:1c:8c:da:85:fb:57:4e:56:9b:6b:d2:
c3:6a:9e:e9:34:37:b6:9d:be:38:f4:c1:25:9f:e5:16:5e:93:
a7:a8:fd:ec
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGr4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDEw
NjU0MDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDMyMTRFQjAyMEQ0MjA2
QzEzQTQ5MDY5Q0IxQ0ZGOURCMjc1QUYyNUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDaXljdkZoAqZMgc+E9M0WUD9i0Dff7P7wbCsLZXJjCgDgGjjnp
GADLafrKXIIy23pr3kQYUFihv9T5AQJ4DXmIXsOWyU43/JZKaHPfh7r+4t12daDb
FcsD9UdnWxwKAktDLfwU83eWG72ilpJb2BSYjgCqzlr17Oei9ibVK1vWHQAke464
WFsUgWyoRc/AZ1IzOMX7sE/BROLBQhBH7Ap+vwHZXoVKF44QE7BHVqMEHyNwyFA5
YFwXGPi4kssl+SfsC/unz2qGFxAuXVntfBc0KE2hw3tO4cATp4bIY1wHVSjiEmQS
brqRGMFqqw/jm+GkQHmO+xxJWiAR0iP4lg9HAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUMhTrAg1CBsE6SQacsc/52yda8lowHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL01oVHJBZzFDQnNFNlNR
YWNzY181MnlkYThsby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAR5J1N0K9Uj8PEHpFi0IOwFm+FU3mTmkb
sxlbr3qmLpkqW4/pt5u/ziNPnjWsV4X6dEdwclWo4lboVJqCelft0jkkaM1FVam0
wyzTNipwWtPMigBrE37HzpIXao2MKQeusgz+2lfm3YpM52nvSpEdKRaSr/WfK20w
fWBbbACU2V7Z07kDCYCqZWcw9+NQZw6SDHikV4bvjW9PI7DLcJS68jdic4+dCwOI
oyUmDbyZDe9k0u8lzM2wbBGFeRW8nsCJZrVmD7/8B02o5Okf66FBSohloWC1oLZc
/Mm5/MSLchyM2oX7V05Wm2vSw2qe6TQ3tp2+OPTBJZ/lFl6Tp6j97A==
-----END CERTIFICATE-----
Generated at Sun May 18 05:56:48 2025 by rpki-client