Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/xi-KkX0QagkQprPLNu4t3PQtxlc.roa
File: xi-KkX0QagkQprPLNu4t3PQtxlc.roa (raw, json)
Hash identifier: GCqZ5XzIvDKn0aSSSjX/1h+YB2+lC3xXSyPkQC0s/fA=
Subject key identifier: C6:2F:8A:91:7D:10:6A:09:10:A6:B3:CB:36:EE:2D:DC:F4:2D:C6:57
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 123A
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/xi-KkX0QagkQprPLNu4t3PQtxlc.roa
Signing time: Mon 08 Apr 2024 13:52:57 +0000
ROA not before: Mon 08 Apr 2024 13:52:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4666 (0x123a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 8 13:52:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=C62F8A917D106A0910A6B3CB36EE2DDCF42DC657
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:44:f4:fc:1c:af:e0:d8:63:eb:51:64:2e:6f:
6f:1d:99:79:d0:90:25:8a:b6:54:75:5e:33:ef:a4:
32:cb:a1:78:1b:9d:cf:be:f8:0d:c6:52:e7:16:2f:
bd:6f:72:ca:75:a0:30:47:e8:b6:6e:77:22:90:39:
d6:2c:75:33:8b:41:03:2d:f2:c7:92:7b:d4:33:2c:
60:9b:eb:3b:52:f9:a8:09:68:9c:60:f7:44:c1:f0:
a9:6d:db:57:ca:a3:7c:76:c8:75:20:85:9a:96:8f:
36:9b:f4:b6:33:d3:a0:ea:72:1e:ef:f7:f3:e2:5c:
d1:f3:72:ac:45:fe:cd:5c:a7:be:ef:17:62:76:09:
14:47:be:76:9e:ea:8a:c3:7e:0e:c4:fe:57:86:5b:
3d:94:b9:10:01:89:d6:40:b6:1f:d7:9d:81:98:ac:
df:53:69:32:ac:57:66:33:fd:c8:a5:be:bb:fb:a4:
e2:1d:54:4a:89:22:e0:b6:56:2e:93:0b:22:69:17:
88:d1:8c:8b:3c:0b:fb:5b:8d:a0:15:dd:21:c6:1a:
b4:fb:9c:d2:29:0e:eb:f4:26:ac:13:3e:d2:38:d3:
f7:80:7b:9b:e3:cd:72:58:ae:0d:29:73:62:6d:df:
b8:27:b0:82:ac:f7:bb:9e:52:2f:dd:b4:a3:6c:d1:
d3:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:2F:8A:91:7D:10:6A:09:10:A6:B3:CB:36:EE:2D:DC:F4:2D:C6:57
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/xi-KkX0QagkQprPLNu4t3PQtxlc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
54:54:39:ce:6f:73:1d:43:ad:e2:bd:37:40:1c:1a:af:5f:cf:
ca:2d:ca:85:9f:f6:32:a2:15:d3:07:33:75:23:18:1c:b3:41:
5f:40:cf:25:e5:48:b4:15:ca:6a:e3:03:4a:9b:d7:3e:b2:41:
c0:df:45:64:ed:f8:17:e1:28:6a:ef:ed:cb:bb:51:d2:38:1d:
a5:c7:e4:a5:22:d1:82:a8:33:e4:df:05:ab:07:fc:60:07:9a:
ea:fa:a1:49:f5:55:99:ff:6e:c1:0d:79:40:27:7b:60:42:c6:
d7:c9:b8:d7:07:91:43:43:4c:34:98:80:12:e2:0a:eb:84:e9:
76:cd:8f:bb:14:8c:a5:12:d9:81:71:41:c0:01:e6:cd:88:b5:
0b:09:62:7f:a2:88:3f:6b:e5:85:69:b2:7b:a6:8b:0e:17:11:
68:16:de:79:cc:82:43:a6:76:fd:ff:20:a9:5b:4c:dc:1f:14:
3f:4c:2c:cb:ff:dc:48:c0:ac:45:50:f1:93:18:2f:d2:b8:f0:
0d:3f:d9:cf:4a:32:55:c0:c1:6c:51:6b:ff:7d:0c:64:60:1b:
f8:e1:6e:7c:9e:bf:76:fa:e6:d0:c1:03:82:2c:07:04:49:2c:
31:1e:6b:6d:a9:61:dd:7a:77:d6:4f:63:e0:08:95:8c:ad:c0:
a1:f1:10:82
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEjowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDgx
MzUyNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM2MkY4QTkxN0QxMDZB
MDkxMEE2QjNDQjM2RUUyRERDRjQyREM2NTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRRPT8HK/g2GPrUWQub28dmXnQkCWKtlR1XjPvpDLLoXgbnc++
+A3GUucWL71vcsp1oDBH6LZudyKQOdYsdTOLQQMt8seSe9QzLGCb6ztS+agJaJxg
90TB8Klt21fKo3x2yHUghZqWjzab9LYz06Dqch7v9/PiXNHzcqxF/s1cp77vF2J2
CRRHvnae6orDfg7E/leGWz2UuRABidZAth/XnYGYrN9TaTKsV2Yz/cilvrv7pOId
VEqJIuC2Vi6TCyJpF4jRjIs8C/tbjaAV3SHGGrT7nNIpDuv0JqwTPtI40/eAe5vj
zXJYrg0pc2Jt37gnsIKs97ueUi/dtKNs0dMHAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUxi+KkX0QagkQprPLNu4t3PQtxlcwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL3hpLUtrWDBRYWdrUXBy
UExOdTR0M1BRdHhsYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAVFQ5zm9zHUOt4r03QBwar1/Pyi3KhZ/2
MqIV0wczdSMYHLNBX0DPJeVItBXKauMDSpvXPrJBwN9FZO34F+Eoau/ty7tR0jgd
pcfkpSLRgqgz5N8Fqwf8YAea6vqhSfVVmf9uwQ15QCd7YELG18m41weRQ0NMNJiA
EuIK64Tpds2PuxSMpRLZgXFBwAHmzYi1Cwlif6KIP2vlhWmye6aLDhcRaBbeecyC
Q6Z2/f8gqVtM3B8UP0wsy//cSMCsRVDxkxgv0rjwDT/Zz0oyVcDBbFFr/30MZGAb
+OFufJ6/dvrm0MEDgiwHBEksMR5rbalh3Xp31k9j4AiVjK3AofEQgg==
-----END CERTIFICATE-----
Generated at Sun May 18 18:45:57 2025 by rpki-client