Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/Sz8yl-SJ29-kflaO9MdtHCWuaCQ.roa
File: Sz8yl-SJ29-kflaO9MdtHCWuaCQ.roa (raw, json)
Hash identifier: G+PZNvY4toTV0Zx5Vxf5iLDnyNcKYmTETM/qZzBBUNQ=
Subject key identifier: 4B:3F:32:97:E4:89:DB:DF:A4:7E:56:8E:F4:C7:6D:1C:25:AE:68:24
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1948
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Sz8yl-SJ29-kflaO9MdtHCWuaCQ.roa
Signing time: Sat 27 Apr 2024 09:24:02 +0000
ROA not before: Sat 27 Apr 2024 09:24:02 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6472 (0x1948)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 27 09:24:02 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=4B3F3297E489DBDFA47E568EF4C76D1C25AE6824
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:41:e7:64:5f:f3:2c:3b:82:a4:a3:5a:ac:8a:
78:4f:39:81:d1:30:6f:3f:c1:f8:bc:17:eb:72:90:
50:6b:e1:ba:3a:1f:3c:f9:47:e0:ed:58:2e:43:18:
3c:d7:4d:a2:24:ae:99:30:63:74:c4:eb:fa:7a:8e:
4d:74:e1:4e:c1:3c:44:3d:41:4c:90:c7:45:bc:ce:
bb:3f:2a:95:bf:44:92:a0:84:a4:d3:4a:e7:93:8c:
b6:82:75:17:e1:f4:d2:b4:63:ad:a3:32:b9:f6:f8:
ed:ac:40:2c:58:d3:46:a4:48:7e:94:05:95:d0:b5:
e6:13:d0:e8:a0:45:0d:dd:10:b4:dc:77:e9:fd:f7:
a2:59:76:70:ae:71:b2:4d:fb:ae:d8:35:1c:b2:fb:
50:a3:9a:47:d1:d6:12:b0:4d:ec:cc:4f:f1:7e:6f:
b8:c5:57:90:2a:06:56:53:2b:72:5f:d2:47:fa:18:
51:86:5d:a4:0d:c9:0b:a3:86:76:0e:c8:b7:fe:14:
e1:9c:56:ec:18:4f:b3:01:47:23:d7:aa:64:79:dc:
7b:48:96:61:e9:05:fc:e7:4a:04:4a:bf:10:a9:ca:
03:85:9a:08:1f:d3:64:34:c6:61:b7:b5:be:f4:aa:
5a:28:5d:ff:75:49:11:89:d7:72:63:01:cf:84:3e:
ce:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:3F:32:97:E4:89:DB:DF:A4:7E:56:8E:F4:C7:6D:1C:25:AE:68:24
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Sz8yl-SJ29-kflaO9MdtHCWuaCQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c8:18:d5:d4:f7:b4:01:27:c3:80:2d:0b:a9:31:35:e8:8f:3f:
c7:a8:0b:11:ae:a7:d6:d8:01:53:74:2c:1b:1d:7d:a1:f8:c8:
34:40:15:74:ea:d8:d5:db:7b:00:1b:e2:90:18:37:d1:c9:04:
4c:c8:38:60:e8:7b:90:f5:39:53:65:3e:ce:a4:40:42:d3:03:
c8:45:b1:76:6f:9a:bd:9c:8e:7b:fc:25:9a:65:ce:8f:0d:dc:
32:88:8c:f2:ff:e2:66:54:f2:19:8b:88:7e:30:8f:bf:54:3e:
f5:b7:94:6b:a1:63:11:1d:29:df:f7:bb:a1:f7:74:83:ef:9d:
e2:dd:67:0d:18:b9:e8:aa:3b:25:30:f8:1a:b7:96:9e:4a:b7:
c6:43:2a:fe:f4:76:22:23:5b:94:c3:08:98:23:8d:e7:9d:f2:
bf:fc:5d:ad:8c:c0:cc:b1:77:e9:a1:59:ff:d4:de:7e:fb:9e:
8b:1e:5d:50:08:a2:7d:ba:ed:7d:9a:80:75:99:f1:3a:a1:49:
79:6b:96:a9:11:a1:5f:66:fd:73:7b:8a:2f:da:e4:5e:c5:bd:
b9:cc:a8:96:4e:a3:27:82:65:ef:15:66:c4:4f:6a:eb:f6:b8:
81:89:49:46:51:b8:82:ab:f7:f4:3e:25:d2:34:3f:52:61:1f:
ad:4b:8c:b0
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGUgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0Mjcw
OTI0MDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDRCM0YzMjk3RTQ4OURC
REZBNDdFNTY4RUY0Qzc2RDFDMjVBRTY4MjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClQedkX/MsO4Kko1qsinhPOYHRMG8/wfi8F+tykFBr4bo6Hzz5
R+DtWC5DGDzXTaIkrpkwY3TE6/p6jk104U7BPEQ9QUyQx0W8zrs/KpW/RJKghKTT
SueTjLaCdRfh9NK0Y62jMrn2+O2sQCxY00akSH6UBZXQteYT0OigRQ3dELTcd+n9
96JZdnCucbJN+67YNRyy+1CjmkfR1hKwTezMT/F+b7jFV5AqBlZTK3Jf0kf6GFGG
XaQNyQujhnYOyLf+FOGcVuwYT7MBRyPXqmR53HtIlmHpBfznSgRKvxCpygOFmggf
02Q0xmG3tb70qlooXf91SRGJ13JjAc+EPs6vAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUSz8yl+SJ29+kflaO9MdtHCWuaCQwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1N6OHlsLVNKMjkta2Zs
YU85TWR0SENXdWFDUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAyBjV1Pe0ASfDgC0LqTE16I8/x6gLEa6n
1tgBU3QsGx19ofjINEAVdOrY1dt7ABvikBg30ckETMg4YOh7kPU5U2U+zqRAQtMD
yEWxdm+avZyOe/wlmmXOjw3cMoiM8v/iZlTyGYuIfjCPv1Q+9beUa6FjER0p3/e7
ofd0g++d4t1nDRi56Ko7JTD4GreWnkq3xkMq/vR2IiNblMMImCON553yv/xdrYzA
zLF36aFZ/9Tefvueix5dUAiifbrtfZqAdZnxOqFJeWuWqRGhX2b9c3uKL9rkXsW9
ucyolk6jJ4Jl7xVmxE9q6/a4gYlJRlG4gqv39D4l0jQ/UmEfrUuMsA==
-----END CERTIFICATE-----
Generated at Sun May 18 19:44:49 2025 by rpki-client