Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/QpgtseXR1myG1PxJZdHj1VMxOWA.roa
File: QpgtseXR1myG1PxJZdHj1VMxOWA.roa (raw, json)
Hash identifier: 3CmAX3oUOhGOls4yLwkWqMj5ZJJ9Siqi5J1WCp67DKU=
Subject key identifier: 42:98:2D:B1:E5:D1:D6:6C:86:D4:FC:49:65:D1:E3:D5:53:31:39:60
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0E96
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/QpgtseXR1myG1PxJZdHj1VMxOWA.roa
Signing time: Fri 29 Mar 2024 20:52:32 +0000
ROA not before: Fri 29 Mar 2024 20:52:32 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3734 (0xe96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 29 20:52:32 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=42982DB1E5D1D66C86D4FC4965D1E3D553313960
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:fc:37:7a:f9:9a:d2:eb:bd:50:a2:4c:5c:41:
28:85:62:34:64:6c:e4:9c:a5:c5:41:b5:e0:91:a5:
30:bd:d9:5b:1c:09:5f:be:fd:29:4d:d3:a0:f9:58:
1b:1f:c9:71:44:da:ad:da:37:4a:66:66:a6:49:98:
f0:92:78:f2:23:de:ce:5b:52:01:fb:c6:86:76:06:
44:f6:f4:e5:0e:81:c8:83:6f:3c:49:89:27:dd:e1:
b9:80:3b:11:3f:54:61:c8:98:78:05:0e:7f:5e:f8:
50:e1:21:14:3b:aa:f1:51:90:f6:ca:52:37:ec:cd:
bf:4b:2a:b6:45:aa:2e:aa:6a:0c:60:52:2b:73:d0:
8b:82:60:73:ec:49:2e:28:90:ff:ef:ac:6a:bd:d0:
be:5d:b1:d5:4f:31:b6:af:60:32:a6:77:d1:80:71:
a5:c2:5e:ee:bb:4e:f7:3b:9d:b9:54:e2:71:9d:46:
5a:0f:3d:53:70:47:3b:8f:b3:5a:f8:1a:ed:18:e0:
84:e6:50:e3:5a:59:3a:46:cd:03:ff:81:d9:e1:25:
9a:08:3d:d1:4b:5f:71:69:4c:ae:95:78:26:e0:85:
8e:3b:7b:ff:55:6d:e9:78:d9:af:c8:75:c1:ca:cb:
78:7e:28:6c:13:a5:aa:ab:a0:a0:e1:53:21:25:1e:
ba:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:98:2D:B1:E5:D1:D6:6C:86:D4:FC:49:65:D1:E3:D5:53:31:39:60
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/QpgtseXR1myG1PxJZdHj1VMxOWA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8e:89:54:f4:0a:73:61:65:26:d0:ee:8d:59:aa:fa:0d:58:f5:
81:dd:bd:cb:e2:89:42:c0:8b:fb:94:67:ff:91:92:dc:53:64:
11:8c:17:63:82:b3:02:da:69:9a:d1:d7:76:3a:fc:09:4b:fc:
bb:51:5d:f2:79:ba:fc:3f:24:cc:15:29:2f:18:d5:8f:cf:32:
0a:2b:e0:6c:2a:f9:ea:ac:32:14:72:6d:6e:57:cd:d6:1f:a8:
3a:e5:d3:05:92:bb:cd:a7:4c:41:08:b0:9c:f8:94:9b:de:a4:
7a:b3:ed:f8:99:1f:e0:9b:78:c2:88:98:ce:9e:d9:79:9b:4f:
24:3c:2d:3b:f9:9e:88:1f:6a:b4:15:b7:1c:2c:75:59:64:9a:
48:15:7e:9a:88:1f:d3:2f:2a:1b:1e:79:5f:b8:d6:0a:0b:93:
5c:eb:b7:f2:1e:7a:e0:22:39:e3:83:a1:55:43:57:b1:14:1d:
6d:7b:e3:8e:b7:cd:5a:7d:93:78:e0:e0:43:6d:56:99:64:6f:
11:6e:1a:27:53:c6:66:d1:17:96:66:17:6e:f6:1e:c6:89:94:
d1:25:24:1f:5c:dd:f9:a4:9b:20:c9:61:bc:50:5a:d8:e2:16:
1b:dc:cb:db:52:bf:64:25:74:5a:d2:64:0b:08:9b:a6:b9:63:
c8:6d:86:9a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDpYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMjky
MDUyMzJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQyOTgyREIxRTVEMUQ2
NkM4NkQ0RkM0OTY1RDFFM0Q1NTMzMTM5NjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDj/Dd6+ZrS671QokxcQSiFYjRkbOScpcVBteCRpTC92VscCV++
/SlN06D5WBsfyXFE2q3aN0pmZqZJmPCSePIj3s5bUgH7xoZ2BkT29OUOgciDbzxJ
iSfd4bmAOxE/VGHImHgFDn9e+FDhIRQ7qvFRkPbKUjfszb9LKrZFqi6qagxgUitz
0IuCYHPsSS4okP/vrGq90L5dsdVPMbavYDKmd9GAcaXCXu67Tvc7nblU4nGdRloP
PVNwRzuPs1r4Gu0Y4ITmUONaWTpGzQP/gdnhJZoIPdFLX3FpTK6VeCbghY47e/9V
bel42a/IdcHKy3h+KGwTpaqroKDhUyElHrq5AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUQpgtseXR1myG1PxJZdHj1VMxOWAwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1FwZ3RzZVhSMW15RzFQ
eEpaZEhqMVZNeE9XQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAjolU9ApzYWUm0O6NWar6DVj1gd29y+KJ
QsCL+5Rn/5GS3FNkEYwXY4KzAtppmtHXdjr8CUv8u1Fd8nm6/D8kzBUpLxjVj88y
CivgbCr56qwyFHJtblfN1h+oOuXTBZK7zadMQQiwnPiUm96kerPt+Jkf4Jt4woiY
zp7ZeZtPJDwtO/meiB9qtBW3HCx1WWSaSBV+mogf0y8qGx55X7jWCguTXOu38h56
4CI544OhVUNXsRQdbXvjjrfNWn2TeODgQ21WmWRvEW4aJ1PGZtEXlmYXbvYexomU
0SUkH1zd+aSbIMlhvFBa2OIWG9zL21K/ZCV0WtJkCwibprljyG2Gmg==
-----END CERTIFICATE-----
Generated at Sun May 18 08:03:39 2025 by rpki-client