Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/NGeV-8dzCPrVcQ3hLZ1A0TaG1ns.roa
File: NGeV-8dzCPrVcQ3hLZ1A0TaG1ns.roa (raw, json)
Hash identifier: gxatqR1w/g7ceU7DBAZGKKsGb2Kg7Zn1b73wkgK0baA=
Subject key identifier: 34:67:95:FB:C7:73:08:FA:D5:71:0D:E1:2D:9D:40:D1:36:86:D6:7B
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 16F0
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/NGeV-8dzCPrVcQ3hLZ1A0TaG1ns.roa
Signing time: Sun 21 Apr 2024 03:23:29 +0000
ROA not before: Sun 21 Apr 2024 03:23:29 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5872 (0x16f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 21 03:23:29 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=346795FBC77308FAD5710DE12D9D40D13686D67B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:37:33:03:11:47:9d:87:59:c9:e0:af:79:e4:
8c:14:ad:33:ab:7a:07:20:65:1a:7b:c8:d9:35:d0:
be:7e:db:cc:69:c2:c2:45:be:ac:fc:f4:d4:55:74:
78:7e:23:db:08:6c:26:24:d7:a4:92:5a:0d:a7:77:
e1:1e:af:11:a6:28:4f:2e:62:c2:dc:5f:48:90:59:
c3:d9:5d:9b:2c:09:f7:1c:ab:14:b3:40:ed:19:2b:
29:aa:56:05:cd:03:67:92:0d:1c:8a:0d:0e:07:c1:
d0:47:57:ad:aa:ce:aa:ef:a1:1a:fc:6e:a5:7f:6c:
a7:38:b9:a3:c5:de:49:67:ee:4f:8a:6e:ef:1a:d7:
b0:42:1a:ec:d1:f8:7d:3e:bf:8d:f3:f1:26:68:ca:
59:2d:28:9e:a2:be:f0:f6:e9:fc:e1:5e:23:64:cb:
1e:91:eb:39:f7:88:ed:e9:8f:d2:2d:c7:2b:63:02:
95:80:ab:17:1b:a6:9c:ab:e3:5d:49:37:c2:e6:12:
a1:f8:5a:9d:59:97:7e:bb:45:28:eb:51:47:46:3d:
60:06:7f:ed:75:89:d1:45:9a:6e:44:e8:a1:76:b4:
a9:27:d6:a3:8c:8d:88:b4:9c:15:78:83:d9:b8:b2:
05:af:1f:bc:d5:15:8d:4a:79:4c:3a:ba:63:66:b8:
92:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:67:95:FB:C7:73:08:FA:D5:71:0D:E1:2D:9D:40:D1:36:86:D6:7B
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/NGeV-8dzCPrVcQ3hLZ1A0TaG1ns.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9f:82:25:24:da:43:11:3c:1b:49:3d:ce:94:42:b7:20:01:de:
8a:9b:fd:57:fc:7e:34:78:71:b3:28:3d:68:de:c2:57:63:a7:
e8:66:38:23:e7:04:da:e5:57:6e:a5:dd:57:25:a3:1b:50:06:
f7:6e:85:df:90:78:26:a1:80:b1:b3:c6:a5:16:f1:43:2d:02:
27:27:d6:31:56:da:ef:59:9d:ac:57:04:b3:1a:08:e0:33:b4:
c3:49:a5:82:0b:3d:be:b1:0c:41:8d:b2:f5:3c:43:69:0d:f4:
eb:3b:52:b8:d9:b7:e4:95:3a:4a:68:e1:2f:62:b4:0f:c1:1c:
1b:c6:0b:7d:ab:a3:ee:92:05:4e:f3:b1:c0:d2:82:2e:5f:be:
60:0c:1f:7b:41:b8:ad:db:8f:d1:3d:9c:c6:3b:a1:22:68:e0:
bc:1e:36:63:11:99:59:5c:6b:63:47:c9:23:9d:5e:da:24:6a:
0c:13:1a:8e:44:cb:0b:ad:a7:5b:86:e6:d8:24:d3:fd:a0:da:
74:a5:67:1e:96:50:1c:96:83:cb:60:79:62:cc:3b:57:ce:5f:
99:1e:f7:4e:ab:e0:14:17:50:a3:11:f9:44:4c:c3:48:64:1b:
45:4b:10:1e:f3:00:e3:fe:f4:2f:5a:47:e1:22:e1:ef:ec:19:
c4:f5:93:31
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFvAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjEw
MzIzMjlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM0Njc5NUZCQzc3MzA4
RkFENTcxMERFMTJEOUQ0MEQxMzY4NkQ2N0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDNzMDEUedh1nJ4K955IwUrTOregcgZRp7yNk10L5+28xpwsJF
vqz89NRVdHh+I9sIbCYk16SSWg2nd+EerxGmKE8uYsLcX0iQWcPZXZssCfccqxSz
QO0ZKymqVgXNA2eSDRyKDQ4HwdBHV62qzqrvoRr8bqV/bKc4uaPF3kln7k+Kbu8a
17BCGuzR+H0+v43z8SZoylktKJ6ivvD26fzhXiNkyx6R6zn3iO3pj9ItxytjApWA
qxcbppyr411JN8LmEqH4Wp1Zl367RSjrUUdGPWAGf+11idFFmm5E6KF2tKkn1qOM
jYi0nBV4g9m4sgWvH7zVFY1KeUw6umNmuJIZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUNGeV+8dzCPrVcQ3hLZ1A0TaG1nswHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL05HZVYtOGR6Q1ByVmNR
M2hMWjFBMFRhRzFucy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAn4IlJNpDETwbST3OlEK3IAHeipv9V/x+
NHhxsyg9aN7CV2On6GY4I+cE2uVXbqXdVyWjG1AG926F35B4JqGAsbPGpRbxQy0C
JyfWMVba71mdrFcEsxoI4DO0w0mlggs9vrEMQY2y9TxDaQ306ztSuNm35JU6Smjh
L2K0D8EcG8YLfauj7pIFTvOxwNKCLl++YAwfe0G4rduP0T2cxjuhImjgvB42YxGZ
WVxrY0fJI51e2iRqDBMajkTLC62nW4bm2CTT/aDadKVnHpZQHJaDy2B5Ysw7V85f
mR73TqvgFBdQoxH5REzDSGQbRUsQHvMA4/70L1pH4SLh7+wZxPWTMQ==
-----END CERTIFICATE-----
Generated at Sun May 18 10:50:48 2025 by rpki-client