Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/ufpW3IaW6Wc4uhUvdD79SAr4nQA.roa
File: ufpW3IaW6Wc4uhUvdD79SAr4nQA.roa (raw, json)
Hash identifier: ZaeQpZfJeO9+Gv9P87XZADIXaedy6BPFs58ThKdEhco=
Subject key identifier: B9:FA:56:DC:86:96:E9:67:38:BA:15:2F:74:3E:FD:48:0A:F8:9D:00
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0F20
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/ufpW3IaW6Wc4uhUvdD79SAr4nQA.roa
Signing time: Sun 31 Mar 2024 07:23:24 +0000
ROA not before: Sun 31 Mar 2024 07:23:24 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3872 (0xf20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 31 07:23:24 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=B9FA56DC8696E96738BA152F743EFD480AF89D00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b8:dc:87:f8:61:3d:1d:70:a2:ad:b4:a4:56:
d5:ad:f6:6e:13:d2:9d:24:bd:a1:38:82:7d:2b:74:
8f:09:7a:f4:10:70:e5:ab:ba:3b:d0:b9:d7:e4:e3:
1d:8a:70:03:34:03:1c:47:47:7f:74:a2:8d:80:9d:
f2:17:ae:3d:1c:48:99:35:64:ff:69:ed:46:9b:d3:
2f:35:27:68:94:c2:6b:b9:49:09:21:aa:64:ba:85:
a2:41:15:e8:d7:44:7f:f9:d9:ca:18:07:ad:33:f2:
83:ab:b5:20:e3:bc:b5:18:27:6e:1b:1e:97:ad:5c:
c1:01:6b:66:2c:dc:94:4d:3a:f3:13:cb:f6:c1:af:
93:e0:40:43:fc:2a:58:cc:b1:82:47:a7:50:56:59:
cb:1e:cb:06:9e:26:38:ef:2e:f9:fe:c5:a9:44:e8:
da:8a:51:f5:c5:87:b2:ee:59:60:58:7a:1d:d5:17:
21:c6:3d:ce:b3:b7:78:48:9a:3a:d7:9e:d9:93:3d:
56:cc:72:b7:63:84:28:3e:80:da:15:15:6f:dc:c5:
d4:b9:81:4e:20:ba:d3:e6:39:61:81:b7:bb:b3:fc:
3c:dc:75:31:aa:9d:cb:1e:c1:9a:d5:23:01:fd:eb:
68:85:65:87:7a:32:a3:76:7b:7f:21:85:e3:10:6a:
ae:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:FA:56:DC:86:96:E9:67:38:BA:15:2F:74:3E:FD:48:0A:F8:9D:00
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/ufpW3IaW6Wc4uhUvdD79SAr4nQA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
33:c1:4c:f9:47:54:49:47:97:71:89:43:51:88:38:36:66:7a:
f5:c9:cc:c8:64:6f:77:01:72:7b:e7:14:5e:1e:35:98:ed:75:
a2:47:35:6c:8c:7e:6d:74:9f:d8:99:8d:e9:06:80:97:eb:1a:
9e:66:fc:81:32:60:21:0a:22:ca:67:45:27:09:4a:f5:de:d9:
ab:d8:34:fe:cf:70:2b:a5:24:00:91:3d:92:a0:65:a3:d7:bb:
f3:dd:a7:d3:cf:33:62:33:6c:de:62:fb:02:d0:a4:7d:d1:f3:
05:1b:df:93:26:cf:22:71:ea:3d:c6:16:f2:fb:38:fb:c3:69:
bd:75:57:95:3b:1c:76:3b:e8:d6:29:d0:8b:1d:fb:aa:b4:89:
6a:09:3c:63:14:a4:70:16:d0:37:a5:01:ff:30:4a:23:18:94:
d4:89:da:f5:d7:4d:6d:2f:e9:b7:68:04:1f:92:84:41:a4:4e:
42:f2:a3:91:e4:91:e8:80:8b:8c:a3:58:96:06:af:39:39:7b:
81:ef:14:95:70:22:3a:f8:4a:62:ef:b4:ac:85:31:a9:7d:f4:
22:7c:f9:aa:d0:9f:72:6d:26:18:fc:6e:76:b8:bd:e4:f7:17:
8f:c7:7c:30:bf:a4:31:be:72:e3:13:d2:02:84:9b:f2:4b:43:
9e:1a:c7:e3
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDyAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMzEw
NzIzMjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI5RkE1NkRDODY5NkU5
NjczOEJBMTUyRjc0M0VGRDQ4MEFGODlEMDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCauNyH+GE9HXCirbSkVtWt9m4T0p0kvaE4gn0rdI8JevQQcOWr
ujvQudfk4x2KcAM0AxxHR390oo2AnfIXrj0cSJk1ZP9p7Uab0y81J2iUwmu5SQkh
qmS6haJBFejXRH/52coYB60z8oOrtSDjvLUYJ24bHpetXMEBa2Ys3JRNOvMTy/bB
r5PgQEP8KljMsYJHp1BWWcseywaeJjjvLvn+xalE6NqKUfXFh7LuWWBYeh3VFyHG
Pc6zt3hImjrXntmTPVbMcrdjhCg+gNoVFW/cxdS5gU4gutPmOWGBt7uz/DzcdTGq
ncsewZrVIwH962iFZYd6MqN2e38hheMQaq4pAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUufpW3IaW6Wc4uhUvdD79SAr4nQAwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3VmcFczSWFXNldjNHVo
VXZkRDc5U0FyNG5RQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAM8FM+UdUSUeXcYlDUYg4NmZ69cnMyGRv
dwFye+cUXh41mO11okc1bIx+bXSf2JmN6QaAl+sanmb8gTJgIQoiymdFJwlK9d7Z
q9g0/s9wK6UkAJE9kqBlo9e7892n088zYjNs3mL7AtCkfdHzBRvfkybPInHqPcYW
8vs4+8NpvXVXlTscdjvo1inQix37qrSJagk8YxSkcBbQN6UB/zBKIxiU1Ina9ddN
bS/pt2gEH5KEQaROQvKjkeSR6ICLjKNYlgavOTl7ge8UlXAiOvhKYu+0rIUxqX30
Inz5qtCfcm0mGPxudri95PcXj8d8ML+kMb5y4xPSAoSb8ktDnhrH4w==
-----END CERTIFICATE-----
Generated at Sun May 18 04:57:32 2025 by rpki-client