Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/PMqm5pk5wmK5J45dRVR217bE690.roa
File: PMqm5pk5wmK5J45dRVR217bE690.roa (raw, json)
Hash identifier: 5sXiuFE8fZ8czJ1QsBrvRZwLZ75nCmsyAR4iineNGnQ=
Subject key identifier: 3C:CA:A6:E6:99:39:C2:62:B9:27:8E:5D:45:54:76:D7:B6:C4:EB:DD
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1612
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/PMqm5pk5wmK5J45dRVR217bE690.roa
Signing time: Thu 18 Apr 2024 19:53:28 +0000
ROA not before: Thu 18 Apr 2024 19:53:28 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5650 (0x1612)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 18 19:53:28 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=3CCAA6E69939C262B9278E5D455476D7B6C4EBDD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:15:6a:1b:65:07:70:8f:32:1a:28:49:8a:fb:
50:5e:23:09:8e:a7:cc:50:f4:ef:36:e8:69:f2:86:
31:d4:78:0c:9f:e2:f2:21:cb:66:59:a9:e0:8e:c0:
5b:ff:60:c3:54:0a:95:db:b9:94:8c:f3:c0:e6:a3:
4f:8b:28:34:67:06:94:d4:a4:e9:85:72:92:8e:91:
86:ee:00:55:45:1d:14:df:28:1c:d8:1f:d3:15:2c:
3f:a9:89:2b:61:0f:86:89:b3:a9:06:9a:22:ce:1b:
8d:d9:17:cc:e1:2c:c0:11:fe:5e:62:8a:39:e5:da:
26:a3:56:29:47:1b:95:59:4c:a3:e5:da:fe:f7:1a:
3f:41:e4:76:e5:62:5d:dc:7d:71:df:24:33:d4:f6:
04:d4:1c:c5:48:12:f0:08:0d:7c:f7:b6:88:e1:6e:
d7:91:fb:6b:b5:df:85:f3:4b:31:c3:0b:70:c9:e6:
f4:82:c5:22:b6:52:2e:6c:f8:42:cf:02:31:5e:59:
a1:ab:fc:f8:c8:fe:27:6e:3d:0e:be:86:40:4c:fe:
3e:bc:ce:ef:8d:af:a0:c0:aa:d6:fb:d8:d8:d5:6d:
66:a7:32:d0:09:43:23:a7:18:33:18:52:d1:2c:a4:
3c:c8:f5:32:71:7b:e7:9c:4d:9f:75:ae:c2:46:d4:
b1:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:CA:A6:E6:99:39:C2:62:B9:27:8E:5D:45:54:76:D7:B6:C4:EB:DD
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/PMqm5pk5wmK5J45dRVR217bE690.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9f:f4:47:dd:0e:fa:4e:f4:69:a4:ea:97:2a:86:2c:44:12:23:
8a:be:f9:cd:7b:be:e8:95:55:7e:45:f7:27:d3:c6:a6:c0:0c:
3e:01:84:c8:e5:36:15:0c:1d:d6:f9:0c:bb:01:11:64:a5:31:
16:fe:00:1a:e2:f1:3e:0c:05:64:ff:37:b6:f0:09:fb:0d:54:
47:a5:d7:93:b9:09:2c:d5:b1:ac:e0:01:4c:8f:37:67:41:1f:
fc:b4:c1:b1:03:ad:df:06:a5:76:c6:57:15:9e:3f:06:fb:bc:
bf:d9:68:3f:0b:57:4a:72:63:3c:5b:bd:ff:2d:06:ba:08:94:
9d:7f:a7:bb:a0:7e:9e:4c:f1:9b:1c:c6:7b:d4:2d:2e:a9:44:
e4:60:6b:a4:eb:ff:d8:8b:62:be:a4:12:10:ec:11:63:0a:db:
6b:f9:8a:6b:1d:5d:d9:8d:c9:8c:a2:14:a4:4a:ec:86:cb:7d:
b6:d9:5d:bf:5c:fa:d0:f9:b4:e7:83:27:c0:4a:a3:aa:92:52:
a8:31:49:d9:39:9d:ab:3d:c0:b0:c8:58:db:d5:90:1e:13:65:
dc:08:2b:09:46:8d:f8:76:32:83:c3:b5:f4:37:99:80:e7:ef:
92:04:91:b4:c1:87:3b:42:f4:f5:d5:5f:9f:66:9b:0e:23:b6:
a7:86:c0:e6
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFhIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTgx
OTUzMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNDQ0FBNkU2OTkzOUMy
NjJCOTI3OEU1RDQ1NTQ3NkQ3QjZDNEVCREQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmFWobZQdwjzIaKEmK+1BeIwmOp8xQ9O826GnyhjHUeAyf4vIh
y2ZZqeCOwFv/YMNUCpXbuZSM88Dmo0+LKDRnBpTUpOmFcpKOkYbuAFVFHRTfKBzY
H9MVLD+piSthD4aJs6kGmiLOG43ZF8zhLMAR/l5iijnl2iajVilHG5VZTKPl2v73
Gj9B5HblYl3cfXHfJDPU9gTUHMVIEvAIDXz3tojhbteR+2u134XzSzHDC3DJ5vSC
xSK2Ui5s+ELPAjFeWaGr/PjI/iduPQ6+hkBM/j68zu+Nr6DAqtb72NjVbWanMtAJ
QyOnGDMYUtEspDzI9TJxe+ecTZ91rsJG1LFvAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUPMqm5pk5wmK5J45dRVR217bE690wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1BNcW01cGs1d21LNUo0
NWRSVlIyMTdiRTY5MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAn/RH3Q76TvRppOqXKoYsRBIjir75zXu+
6JVVfkX3J9PGpsAMPgGEyOU2FQwd1vkMuwERZKUxFv4AGuLxPgwFZP83tvAJ+w1U
R6XXk7kJLNWxrOABTI83Z0Ef/LTBsQOt3waldsZXFZ4/Bvu8v9loPwtXSnJjPFu9
/y0GugiUnX+nu6B+nkzxmxzGe9QtLqlE5GBrpOv/2ItivqQSEOwRYwrba/mKax1d
2Y3JjKIUpErshst9ttldv1z60Pm054MnwEqjqpJSqDFJ2Tmdqz3AsMhY29WQHhNl
3AgrCUaN+HYyg8O19DeZgOfvkgSRtMGHO0L09dVfn2abDiO2p4bA5g==
-----END CERTIFICATE-----
Generated at Sun May 18 10:48:11 2025 by rpki-client