Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/U1dGmf24oP178LszlDGJ8BU37bE.roa
File: U1dGmf24oP178LszlDGJ8BU37bE.roa (raw, json)
Hash identifier: sJdO3b3rHzS/4HKCDXaOVJgjr/OVEYtNQYG32iab6xg=
Subject key identifier: 53:57:46:99:FD:B8:A0:FD:7B:F0:BB:33:94:31:89:F0:15:37:ED:B1
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1260
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/U1dGmf24oP178LszlDGJ8BU37bE.roa
Signing time: Mon 08 Apr 2024 23:23:00 +0000
ROA not before: Mon 08 Apr 2024 23:23:00 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4704 (0x1260)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 8 23:23:00 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=53574699FDB8A0FD7BF0BB33943189F01537EDB1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:71:85:e4:a2:88:4b:bc:ce:1d:e3:8e:4d:9c:
18:3f:c5:b9:cf:c7:07:4f:50:38:7a:e9:e4:c3:fe:
d4:4c:89:bd:01:1e:10:9e:23:e2:bd:e6:6b:24:52:
cf:33:7a:72:c9:24:88:13:95:3b:03:4d:7a:89:f6:
ad:f5:e3:8e:56:3e:ab:7f:92:04:8a:7b:1d:76:39:
ca:05:81:18:59:0c:83:4e:95:6c:8d:ef:0e:0b:bc:
d8:7c:7a:2e:04:31:da:40:0d:bb:46:ee:70:4d:dd:
84:dc:64:10:5c:46:09:e9:45:da:4e:85:05:4d:a5:
a6:83:fb:2d:c8:ee:52:8a:9a:20:84:0c:ff:95:e5:
e3:8e:77:e0:21:55:6b:f8:7f:f2:ee:27:7a:1a:c6:
6f:83:5c:03:55:33:57:28:15:7f:66:f7:2c:29:b5:
17:ed:b8:4a:89:40:63:2a:2c:21:14:7d:93:4a:57:
8b:10:3d:bc:af:5e:6a:5f:97:eb:0c:75:c6:f7:d7:
e5:d6:b7:c3:7c:f8:7a:bd:b7:63:5c:ce:4f:4d:00:
35:23:19:ce:53:73:fd:b1:bb:98:47:f6:26:25:ab:
90:66:bc:59:05:e0:78:14:25:e1:0b:bf:e6:72:f6:
37:ea:69:2e:15:49:42:c6:e8:67:3b:69:9f:1e:73:
1d:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:57:46:99:FD:B8:A0:FD:7B:F0:BB:33:94:31:89:F0:15:37:ED:B1
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/U1dGmf24oP178LszlDGJ8BU37bE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3f:37:9c:0f:87:bc:70:d0:74:51:ed:f0:d9:5f:c4:2e:9d:ea:
f8:54:b1:ad:75:18:b8:a9:c6:18:de:1d:5d:8b:0c:61:0d:69:
e0:a4:bb:9d:ec:5c:4c:5a:c9:77:fe:a6:e4:0e:69:c4:69:89:
68:52:74:ff:53:b9:05:73:b5:e8:39:bc:45:c2:7c:aa:99:b3:
bf:76:de:84:e6:a4:60:b2:29:9c:16:7c:6d:dd:f1:31:7c:26:
86:fd:cf:b0:6b:84:56:29:89:59:55:cb:cd:a3:e7:66:63:81:
51:44:5f:55:04:3e:27:66:56:9c:71:b2:3f:2f:aa:67:33:88:
9f:f6:1a:30:26:6d:7c:ae:a0:57:6f:91:ee:0b:f6:54:a0:cd:
88:de:c4:cf:ec:bc:d0:8d:5e:8a:d1:57:a6:8a:f9:35:5a:65:
f0:c5:61:44:0e:69:1c:24:22:b2:47:0e:57:4c:dc:08:a9:17:
14:fa:83:52:1d:fb:61:31:5c:2b:e0:2f:d5:8f:a9:f1:18:31:
f5:0c:38:b7:67:5a:ef:8f:f4:4f:7a:3f:05:04:28:6b:77:cb:
81:ee:8e:ee:db:c6:dd:3c:0f:c8:84:41:1d:4b:64:c3:4f:6e:
17:e5:ed:8d:e4:06:cf:aa:01:d3:fd:e4:02:91:41:3a:48:99:
79:5a:68:9b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEmAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDgy
MzIzMDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUzNTc0Njk5RkRCOEEw
RkQ3QkYwQkIzMzk0MzE4OUYwMTUzN0VEQjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAcYXkoohLvM4d445NnBg/xbnPxwdPUDh66eTD/tRMib0BHhCe
I+K95mskUs8zenLJJIgTlTsDTXqJ9q31445WPqt/kgSKex12OcoFgRhZDINOlWyN
7w4LvNh8ei4EMdpADbtG7nBN3YTcZBBcRgnpRdpOhQVNpaaD+y3I7lKKmiCEDP+V
5eOOd+AhVWv4f/LuJ3oaxm+DXANVM1coFX9m9ywptRftuEqJQGMqLCEUfZNKV4sQ
PbyvXmpfl+sMdcb31+XWt8N8+Hq9t2Nczk9NADUjGc5Tc/2xu5hH9iYlq5BmvFkF
4HgUJeELv+Zy9jfqaS4VSULG6Gc7aZ8ecx3xAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUU1dGmf24oP178LszlDGJ8BU37bEwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1UxZEdtZjI0b1AxNzhM
c3psREdKOEJVMzdiRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAPzecD4e8cNB0Ue3w2V/ELp3q+FSxrXUY
uKnGGN4dXYsMYQ1p4KS7nexcTFrJd/6m5A5pxGmJaFJ0/1O5BXO16Dm8RcJ8qpmz
v3behOakYLIpnBZ8bd3xMXwmhv3PsGuEVimJWVXLzaPnZmOBUURfVQQ+J2ZWnHGy
Py+qZzOIn/YaMCZtfK6gV2+R7gv2VKDNiN7Ez+y80I1eitFXpor5NVpl8MVhRA5p
HCQiskcOV0zcCKkXFPqDUh37YTFcK+Av1Y+p8Rgx9Qw4t2da74/0T3o/BQQoa3fL
ge6O7tvG3TwPyIRBHUtkw09uF+XtjeQGz6oB0/3kApFBOkiZeVpomw==
-----END CERTIFICATE-----
Generated at Sun May 18 08:25:12 2025 by rpki-client