Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/3F6TCBCxaU1LfXRAjzpe3H_6_hY.roa
File: 3F6TCBCxaU1LfXRAjzpe3H_6_hY.roa (raw, json)
Hash identifier: khP5wayNWA5wOlIFCKhjkJD6EKcpHfaavCyErYOf978=
Subject key identifier: DC:5E:93:08:10:B1:69:4D:4B:7D:74:40:8F:3A:5E:DC:7F:FA:FE:16
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 15DC
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/3F6TCBCxaU1LfXRAjzpe3H_6_hY.roa
Signing time: Thu 18 Apr 2024 06:23:29 +0000
ROA not before: Thu 18 Apr 2024 06:23:29 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5596 (0x15dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 18 06:23:29 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DC5E930810B1694D4B7D74408F3A5EDC7FFAFE16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:63:01:81:df:34:d0:7e:a7:b6:6b:dd:8b:d7:
9a:32:c8:c4:24:a9:e4:ca:42:a7:f0:84:8f:f2:50:
b1:cf:1d:da:3b:24:70:14:ce:8c:b2:4e:7b:83:ff:
bc:6a:0d:2b:e9:3a:84:1f:65:ff:a9:bb:2e:81:66:
08:a0:f6:68:4c:38:26:d6:80:93:30:d5:d3:8b:b8:
c4:8f:46:e8:d1:aa:e1:3e:5b:d8:75:55:8d:9b:46:
57:34:d6:ec:75:f2:86:70:0e:2a:13:dd:d0:cb:ea:
18:99:e0:71:49:9c:b4:b5:ac:eb:2e:90:78:e8:17:
88:45:21:fe:2e:df:d3:81:8c:90:4d:68:8d:1a:15:
a1:b5:ab:1f:8c:b6:42:26:91:2b:fa:09:db:1c:2d:
e1:59:59:ee:33:fb:63:29:2a:ad:0e:82:20:04:62:
44:a4:43:4f:50:d0:11:6b:e9:67:35:cc:22:74:6c:
fd:ea:5f:0f:52:07:ae:51:2c:1b:9e:0a:ce:c3:64:
cb:12:3e:48:18:5d:bd:34:1a:93:16:b1:3e:71:09:
88:cb:f0:84:98:12:f6:7d:2a:3e:da:5f:f9:df:c9:
81:ea:db:5e:09:ec:1d:d3:7d:a9:47:bb:6d:03:b3:
a6:13:e1:09:6b:ff:9c:0e:0e:f4:c1:b4:d0:2d:5c:
ab:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:5E:93:08:10:B1:69:4D:4B:7D:74:40:8F:3A:5E:DC:7F:FA:FE:16
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/3F6TCBCxaU1LfXRAjzpe3H_6_hY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bb:05:4b:f6:d0:73:4d:c7:e5:b3:fc:6b:fd:66:86:9b:3b:66:
28:6f:90:f1:00:68:63:d9:85:ae:9c:dc:1a:c5:57:c7:f6:e5:
6e:f0:74:3d:66:66:fd:83:06:25:81:58:4c:17:8f:10:2d:1d:
8f:a9:c5:f9:4f:fb:fe:2f:f0:d7:90:c2:a1:ff:ed:cf:45:aa:
95:c7:48:9a:22:74:ad:61:c8:40:6f:c8:04:35:87:9f:54:7e:
1a:51:64:d0:07:ea:cd:16:e5:08:92:7e:bd:d0:a7:b9:90:48:
23:37:7c:87:09:38:7b:10:bc:7f:81:12:47:36:b1:7d:06:33:
ce:c3:13:2e:5c:bb:5d:bf:b8:27:d9:41:47:a8:9d:cb:d8:a8:
32:aa:f8:2a:83:71:50:ea:e8:e8:db:1a:f1:fe:1c:4b:c2:d2:
cf:07:89:5b:ec:ad:b5:b3:55:6f:d6:3e:38:c8:7b:fb:ef:1c:
3f:79:f7:93:e6:bb:de:48:58:96:28:6a:9e:f0:9c:bb:6f:65:
aa:b7:53:69:21:27:7a:b6:48:02:d9:7b:2e:3e:04:ac:c3:9d:
f2:c9:16:10:50:44:a2:ac:2d:f8:43:e3:a5:ca:b0:bf:ac:39:
08:7a:ec:4d:27:12:5e:63:22:ed:20:23:69:d4:5c:2e:aa:bb:
7a:d5:3d:e0
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFdwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTgw
NjIzMjlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERDNUU5MzA4MTBCMTY5
NEQ0QjdENzQ0MDhGM0E1RURDN0ZGQUZFMTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFYwGB3zTQfqe2a92L15oyyMQkqeTKQqfwhI/yULHPHdo7JHAU
zoyyTnuD/7xqDSvpOoQfZf+puy6BZgig9mhMOCbWgJMw1dOLuMSPRujRquE+W9h1
VY2bRlc01ux18oZwDioT3dDL6hiZ4HFJnLS1rOsukHjoF4hFIf4u39OBjJBNaI0a
FaG1qx+MtkImkSv6CdscLeFZWe4z+2MpKq0OgiAEYkSkQ09Q0BFr6Wc1zCJ0bP3q
Xw9SB65RLBueCs7DZMsSPkgYXb00GpMWsT5xCYjL8ISYEvZ9Kj7aX/nfyYHq214J
7B3TfalHu20Ds6YT4Qlr/5wODvTBtNAtXKsnAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU3F6TCBCxaU1LfXRAjzpe3H/6/hYwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzNGNlRDQkN4YVUxTGZY
UkFqenBlM0hfNl9oWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAuwVL9tBzTcfls/xr/WaGmztmKG+Q8QBo
Y9mFrpzcGsVXx/blbvB0PWZm/YMGJYFYTBePEC0dj6nF+U/7/i/w15DCof/tz0Wq
lcdImiJ0rWHIQG/IBDWHn1R+GlFk0AfqzRblCJJ+vdCnuZBIIzd8hwk4exC8f4ES
RzaxfQYzzsMTLly7Xb+4J9lBR6idy9ioMqr4KoNxUOro6Nsa8f4cS8LSzweJW+yt
tbNVb9Y+OMh7++8cP3n3k+a73khYlihqnvCcu29lqrdTaSEnerZIAtl7Lj4ErMOd
8skWEFBEoqwt+EPjpcqwv6w5CHrsTScSXmMi7SAjadRcLqq7etU94A==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:37:14 2025 by rpki-client