Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/cRGOitM53_nqUrkBcQvybxCfih8.roa
File: cRGOitM53_nqUrkBcQvybxCfih8.roa (raw, json)
Hash identifier: QSJRgANwUbONsmN+omips2dgv8OseMLha1fmQpSol6o=
Subject key identifier: 71:11:8E:8A:D3:39:DF:F9:EA:52:B9:01:71:0B:F2:6F:10:9F:8A:1F
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1ABA
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/cRGOitM53_nqUrkBcQvybxCfih8.roa
Signing time: Wed 01 May 2024 05:53:59 +0000
ROA not before: Wed 01 May 2024 05:53:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6842 (0x1aba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 1 05:53:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=71118E8AD339DFF9EA52B901710BF26F109F8A1F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:a3:0b:a2:1a:28:d0:fe:1a:ad:f4:32:6e:3e:
bb:4f:6d:4d:ea:ec:47:61:42:3f:bf:3a:1e:87:a8:
e8:f0:4b:b2:69:a2:bb:b8:46:c0:1f:25:92:75:f5:
42:a0:11:fa:8b:bf:90:ab:08:5b:7b:0d:e1:01:3c:
ed:f8:8a:bb:6d:70:dc:51:57:51:aa:e7:bf:ec:bd:
a9:7f:97:6b:1c:8f:55:b7:89:28:24:fd:0b:1d:d6:
21:20:bb:93:12:e5:11:2c:05:e9:20:1d:f6:c4:6e:
8b:38:f9:51:d1:55:93:fc:cd:ce:7c:ff:a1:dd:67:
04:8b:9b:a1:15:d6:1a:11:f0:4a:29:77:ed:6a:e5:
ee:56:bc:d8:e3:15:c0:d2:0d:96:ea:59:8a:a3:2e:
bf:17:a2:99:54:a7:a0:bf:00:58:76:e4:a4:dc:79:
73:f8:c0:31:17:9e:4b:2a:42:0b:ad:56:ed:56:76:
ee:a8:5d:12:2e:1a:56:75:d7:1f:73:25:c1:09:eb:
f8:6a:cf:a6:43:af:d3:5a:4b:80:ab:30:43:3c:95:
6a:ab:6d:72:a3:a7:a7:d6:3a:04:b2:a6:29:a7:10:
aa:7a:59:32:57:c8:a6:08:9f:79:02:98:23:68:3b:
f8:d9:c5:4c:b1:d3:4c:6d:2d:aa:b8:65:9b:9f:37:
a0:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:11:8E:8A:D3:39:DF:F9:EA:52:B9:01:71:0B:F2:6F:10:9F:8A:1F
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/cRGOitM53_nqUrkBcQvybxCfih8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
58:ac:0d:b4:00:75:5a:71:e7:7e:71:67:e3:ee:02:b1:dd:a0:
4c:35:43:fe:18:4d:b8:2b:b6:ed:35:59:1b:9c:55:d6:71:c9:
ec:bb:7a:60:aa:77:cf:a3:ff:eb:0b:f5:53:bd:46:4f:85:a6:
cd:e1:e5:c0:33:ad:bc:a8:dd:bf:f6:4c:e1:de:4f:90:de:14:
1f:c3:10:fb:68:1b:00:10:72:73:d2:8e:e7:29:17:59:1d:38:
71:20:36:2a:08:99:ec:20:1e:ab:61:ff:71:51:a9:67:44:a1:
e8:65:28:05:7b:a3:0d:c4:05:08:95:55:f8:9c:99:c5:28:33:
32:f3:bf:20:50:aa:b0:1e:55:0d:cb:f2:21:06:0d:76:2b:a4:
c9:eb:65:d6:d6:b1:89:e2:c2:49:4b:d1:5a:60:27:c1:d4:bb:
aa:4f:03:c5:66:89:7f:d2:46:59:a0:cf:fe:42:9e:30:1b:67:
7a:1c:3d:28:93:6c:ff:87:4e:2e:d2:8b:04:ba:aa:6d:71:dd:
b6:27:7d:1c:3e:33:71:d2:98:93:59:6a:88:d0:52:20:6d:6e:
25:3c:bf:34:7d:db:8e:32:80:1c:67:8e:1e:53:00:b6:dd:92:
88:a2:b3:c8:c0:5b:f9:b6:5c:1d:dd:53:11:ed:3f:7d:fe:84:
35:76:29:1d
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGrowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDEw
NTUzNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDcxMTE4RThBRDMzOURG
RjlFQTUyQjkwMTcxMEJGMjZGMTA5RjhBMUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSowuiGijQ/hqt9DJuPrtPbU3q7EdhQj+/Oh6HqOjwS7Jporu4
RsAfJZJ19UKgEfqLv5CrCFt7DeEBPO34irttcNxRV1Gq57/sval/l2scj1W3iSgk
/Qsd1iEgu5MS5REsBekgHfbEbos4+VHRVZP8zc58/6HdZwSLm6EV1hoR8Eopd+1q
5e5WvNjjFcDSDZbqWYqjLr8XoplUp6C/AFh25KTceXP4wDEXnksqQgutVu1Wdu6o
XRIuGlZ11x9zJcEJ6/hqz6ZDr9NaS4CrMEM8lWqrbXKjp6fWOgSypimnEKp6WTJX
yKYIn3kCmCNoO/jZxUyx00xtLaq4ZZufN6AlAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUcRGOitM53/nqUrkBcQvybxCfih8wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2NSR09pdE01M19ucVVy
a0JjUXZ5YnhDZmloOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAWKwNtAB1WnHnfnFn4+4Csd2gTDVD/hhN
uCu27TVZG5xV1nHJ7Lt6YKp3z6P/6wv1U71GT4WmzeHlwDOtvKjdv/ZM4d5PkN4U
H8MQ+2gbABByc9KO5ykXWR04cSA2KgiZ7CAeq2H/cVGpZ0Sh6GUoBXujDcQFCJVV
+JyZxSgzMvO/IFCqsB5VDcvyIQYNdiukyetl1taxieLCSUvRWmAnwdS7qk8DxWaJ
f9JGWaDP/kKeMBtnehw9KJNs/4dOLtKLBLqqbXHdtid9HD4zcdKYk1lqiNBSIG1u
JTy/NH3bjjKAHGeOHlMAtt2SiKKzyMBb+bZcHd1TEe0/ff6ENXYpHQ==
-----END CERTIFICATE-----
Generated at Sun May 18 04:58:37 2025 by rpki-client