Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/2rZ6BGuqad91KiEt5-XLXfshrZs.roa
File: 2rZ6BGuqad91KiEt5-XLXfshrZs.roa (raw, json)
Hash identifier: UNRzZ6wmt45EQLZeTDPLch+Kc0cTtHAPGFC0Vb/0qx0=
Subject key identifier: DA:B6:7A:04:6B:AA:69:DF:75:2A:21:2D:E7:E5:CB:5D:FB:21:AD:9B
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1514
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/2rZ6BGuqad91KiEt5-XLXfshrZs.roa
Signing time: Tue 16 Apr 2024 04:23:21 +0000
ROA not before: Tue 16 Apr 2024 04:23:21 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5396 (0x1514)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 16 04:23:21 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DAB67A046BAA69DF752A212DE7E5CB5DFB21AD9B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ab:b5:1a:7a:51:b4:7e:8b:89:bc:b1:38:eb:
4b:6f:31:19:d8:2e:f6:28:74:a5:49:f9:31:85:ee:
d8:11:92:8e:67:1a:b3:9b:3d:8c:be:f5:65:10:79:
77:10:cc:d3:53:f4:78:3f:56:9f:b4:ba:16:2a:fc:
c2:4e:d1:95:b2:a3:2b:df:18:6f:0d:45:9b:60:7b:
09:51:8d:f7:97:5b:a0:b7:76:d4:05:b4:26:6b:b0:
fc:22:9a:a9:b5:33:60:a0:b4:7f:20:67:58:08:fa:
10:20:e2:fc:56:3b:27:e5:e2:6e:3a:1a:ec:d3:1a:
e2:b3:2a:64:4f:c2:05:c5:48:f9:c1:f3:45:26:11:
d2:4d:d1:bf:39:d3:6c:93:a1:70:47:43:a9:1f:25:
43:14:30:a6:de:60:03:a9:0f:ea:01:62:72:46:39:
c4:1f:42:5c:71:73:19:4b:62:9f:39:b3:68:52:26:
9b:ae:2b:0e:f3:37:64:8a:57:bc:af:27:97:4d:96:
ba:9a:bc:6d:e0:33:e6:e0:5d:96:25:2c:25:c7:88:
02:eb:eb:af:4a:e2:fb:84:61:40:6d:04:73:e1:e3:
f6:f7:d5:24:fd:5d:cb:44:a9:ce:f3:a2:b8:65:c2:
b6:17:97:05:f5:b2:43:2c:f1:97:77:fe:8e:4b:c9:
7b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:B6:7A:04:6B:AA:69:DF:75:2A:21:2D:E7:E5:CB:5D:FB:21:AD:9B
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/2rZ6BGuqad91KiEt5-XLXfshrZs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
73:81:7a:40:5b:ee:c4:bc:c5:de:36:6f:68:a1:72:4c:b7:b8:
c5:7c:55:fb:10:9a:cd:e1:c4:77:9c:e5:fd:8e:2b:d8:f3:05:
0e:40:0b:cb:37:28:c6:83:c3:2f:7e:6f:9b:f3:b2:46:ac:f3:
33:68:67:f7:f3:df:ae:83:01:1e:c6:4d:3c:cd:dc:df:7f:f1:
79:35:e6:d7:e0:b7:49:2e:00:2f:0d:1b:41:c2:39:6e:72:b0:
08:a2:23:c6:b9:6f:6b:f2:ee:9b:d4:0a:2f:d1:a1:f6:db:fe:
bb:89:ac:de:40:34:7c:f5:37:81:66:f7:52:1f:d1:a3:f8:fd:
e8:b6:f9:25:c5:92:0f:69:10:7d:11:27:f7:9f:9c:e3:9f:1d:
49:38:c7:2d:6b:d9:ec:fc:6b:13:42:03:fe:25:d9:3c:1b:fe:
d3:19:e3:69:df:f8:7d:36:50:fb:c3:3c:ff:7b:1b:ec:39:3e:
4e:ae:ec:aa:76:91:86:f7:d7:45:62:c0:4b:69:fc:5d:91:c3:
80:a3:a5:c1:47:16:95:31:91:ea:f1:99:ff:43:da:eb:67:2c:
fc:f1:56:58:d4:e5:1c:de:44:90:79:d9:d7:4e:98:d0:1d:7a:
cd:f4:f6:75:eb:1a:fd:bc:c8:79:e8:7a:53:e4:30:33:14:58:
6c:e7:09:bb
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFRQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTYw
NDIzMjFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERBQjY3QTA0NkJBQTY5
REY3NTJBMjEyREU3RTVDQjVERkIyMUFEOUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqq7UaelG0fouJvLE460tvMRnYLvYodKVJ+TGF7tgRko5nGrOb
PYy+9WUQeXcQzNNT9Hg/Vp+0uhYq/MJO0ZWyoyvfGG8NRZtgewlRjfeXW6C3dtQF
tCZrsPwimqm1M2CgtH8gZ1gI+hAg4vxWOyfl4m46GuzTGuKzKmRPwgXFSPnB80Um
EdJN0b8502yToXBHQ6kfJUMUMKbeYAOpD+oBYnJGOcQfQlxxcxlLYp85s2hSJpuu
Kw7zN2SKV7yvJ5dNlrqavG3gM+bgXZYlLCXHiALr669K4vuEYUBtBHPh4/b31ST9
XctEqc7zorhlwrYXlwX1skMs8Zd3/o5LyXtXAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU2rZ6BGuqad91KiEt5+XLXfshrZswHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzJyWjZCR3VxYWQ5MUtp
RXQ1LVhMWGZzaHJacy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAc4F6QFvuxLzF3jZvaKFyTLe4xXxV+xCa
zeHEd5zl/Y4r2PMFDkALyzcoxoPDL35vm/OyRqzzM2hn9/PfroMBHsZNPM3c33/x
eTXm1+C3SS4ALw0bQcI5bnKwCKIjxrlva/Lum9QKL9Gh9tv+u4ms3kA0fPU3gWb3
Uh/Ro/j96Lb5JcWSD2kQfREn95+c458dSTjHLWvZ7PxrE0ID/iXZPBv+0xnjad/4
fTZQ+8M8/3sb7Dk+Tq7sqnaRhvfXRWLAS2n8XZHDgKOlwUcWlTGR6vGZ/0Pa62cs
/PFWWNTlHN5EkHnZ106Y0B16zfT2desa/bzIeeh6U+QwMxRYbOcJuw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:27:24 2025 by rpki-client