Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/h3S5tbk6toKM05FG24tcIcHcyXs.roa
File: h3S5tbk6toKM05FG24tcIcHcyXs.roa (raw, json)
Hash identifier: XcIeWW+CFKQVsit/vDEDBW+Yf19GyJ5XWd6njongZsw=
Subject key identifier: 87:74:B9:B5:B9:3A:B6:82:8C:D3:91:46:DB:8B:5C:21:C1:DC:C9:7B
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1D56
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/h3S5tbk6toKM05FG24tcIcHcyXs.roa
Signing time: Wed 08 May 2024 04:54:32 +0000
ROA not before: Wed 08 May 2024 04:54:32 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7510 (0x1d56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 8 04:54:32 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=8774B9B5B93AB6828CD39146DB8B5C21C1DCC97B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e9:bc:fa:3d:1d:83:ac:d5:d1:26:bf:0d:c4:
3e:bf:eb:f5:29:e9:b1:a5:f6:27:34:83:68:1f:b0:
1b:66:6d:a2:0e:6c:3b:53:c7:16:28:26:e7:f0:ae:
03:ed:a6:7e:44:62:fc:66:cd:0a:22:f0:fa:db:14:
b3:4b:c4:ef:74:9a:70:33:b5:0d:b9:94:a8:c9:0c:
17:18:bc:61:79:1e:04:ae:cb:0e:4a:86:a2:37:55:
37:54:69:4b:e3:2c:42:fb:03:62:d8:dd:5a:c1:c7:
77:f3:72:63:41:e5:05:47:42:b2:c3:15:d7:48:53:
8c:5e:d9:d5:3a:4e:d0:76:af:8d:90:3a:e0:c9:50:
2e:0e:4d:55:8a:b2:92:95:8f:8e:77:4f:a1:d8:f5:
e8:04:b5:91:64:b8:d7:68:d0:64:99:66:83:da:11:
04:94:3e:10:f2:c8:45:58:7d:7d:e1:91:36:63:69:
ec:d2:da:2f:71:9f:16:35:1b:d4:eb:38:8b:96:8a:
b2:07:6e:5d:69:1a:2a:10:e4:18:81:f7:0e:69:fe:
c4:1b:28:07:7f:ef:72:b0:86:49:1c:c8:99:e0:dd:
31:bb:74:f8:73:a2:82:90:43:ef:92:64:86:fe:67:
1c:c8:95:55:5d:f7:63:da:74:99:35:d0:96:5f:d8:
de:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:74:B9:B5:B9:3A:B6:82:8C:D3:91:46:DB:8B:5C:21:C1:DC:C9:7B
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/h3S5tbk6toKM05FG24tcIcHcyXs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b3:06:16:e1:32:e6:b9:ff:2e:76:97:a2:95:00:03:1d:77:a0:
db:0a:16:16:4d:b8:74:cc:ec:12:fa:a5:58:da:6e:91:e1:c2:
23:41:9b:32:8e:25:ea:41:c2:42:25:0e:d8:67:c0:01:2d:5f:
48:cc:18:2a:4b:73:cb:4f:90:c8:d8:40:b2:02:50:6f:58:12:
e7:4e:05:ce:89:14:9c:5d:ed:a9:52:b5:15:7f:5c:9f:d6:1f:
95:ea:b0:6c:94:bf:6a:fe:04:21:58:e2:48:bf:ed:74:3c:6b:
87:15:5d:58:2a:2a:49:92:16:c5:74:77:08:f9:cf:3b:f8:8c:
6e:69:b0:82:56:ba:c6:a9:bf:5f:e5:c0:92:f5:bd:4d:12:ac:
1a:93:19:a1:5a:de:6a:a9:4d:f6:af:6b:80:02:29:21:24:fb:
cf:e6:50:40:57:6a:a8:d9:ab:b6:30:14:be:54:93:17:b6:fe:
54:7b:48:d3:b7:49:0e:db:b0:5e:de:07:7b:36:4d:5e:d3:93:
ce:0e:ed:50:46:f6:0e:19:f3:67:ca:5d:47:2c:cf:bd:08:a8:
68:ed:60:0b:75:b4:cd:d2:f8:0e:a5:5b:09:b5:43:4c:4b:90:
a6:f4:dd:7f:50:4b:e6:3f:f0:3b:ea:7f:7b:f0:0b:c9:d5:6d:
59:81:38:47
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICHVYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDgw
NDU0MzJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg3NzRCOUI1QjkzQUI2
ODI4Q0QzOTE0NkRCOEI1QzIxQzFEQ0M5N0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCx6bz6PR2DrNXRJr8NxD6/6/Up6bGl9ic0g2gfsBtmbaIObDtT
xxYoJufwrgPtpn5EYvxmzQoi8PrbFLNLxO90mnAztQ25lKjJDBcYvGF5HgSuyw5K
hqI3VTdUaUvjLEL7A2LY3VrBx3fzcmNB5QVHQrLDFddIU4xe2dU6TtB2r42QOuDJ
UC4OTVWKspKVj453T6HY9egEtZFkuNdo0GSZZoPaEQSUPhDyyEVYfX3hkTZjaezS
2i9xnxY1G9TrOIuWirIHbl1pGioQ5BiB9w5p/sQbKAd/73KwhkkcyJng3TG7dPhz
ooKQQ++SZIb+ZxzIlVVd92PadJk10JZf2N4hAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUh3S5tbk6toKM05FG24tcIcHcyXswHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2gzUzV0Yms2dG9LTTA1
RkcyNHRjSWNIY3lYcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAswYW4TLmuf8udpeilQADHXeg2woWFk24
dMzsEvqlWNpukeHCI0GbMo4l6kHCQiUO2GfAAS1fSMwYKktzy0+QyNhAsgJQb1gS
504FzokUnF3tqVK1FX9cn9YfleqwbJS/av4EIVjiSL/tdDxrhxVdWCoqSZIWxXR3
CPnPO/iMbmmwgla6xqm/X+XAkvW9TRKsGpMZoVreaqlN9q9rgAIpIST7z+ZQQFdq
qNmrtjAUvlSTF7b+VHtI07dJDtuwXt4HezZNXtOTzg7tUEb2DhnzZ8pdRyzPvQio
aO1gC3W0zdL4DqVbCbVDTEuQpvTdf1BL5j/wO+p/e/ALydVtWYE4Rw==
-----END CERTIFICATE-----
Generated at Sun May 18 10:47:15 2025 by rpki-client