Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/HHFN67_db8MwAWUauxWrg-JxDH4.roa
File: HHFN67_db8MwAWUauxWrg-JxDH4.roa (raw, json)
Hash identifier: 436kX5i0KBFKjBf4lYAsr71WEuKhsagm5sm7PbJ+5tc=
Subject key identifier: 1C:71:4D:EB:BF:DD:6F:C3:30:01:65:1A:BB:15:AB:83:E2:71:0C:7E
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1B9C
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/HHFN67_db8MwAWUauxWrg-JxDH4.roa
Signing time: Fri 03 May 2024 14:24:11 +0000
ROA not before: Fri 03 May 2024 14:24:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7068 (0x1b9c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 3 14:24:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1C714DEBBFDD6FC33001651ABB15AB83E2710C7E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:17:67:15:3d:97:99:06:39:50:1e:5b:85:56:
24:76:98:40:dd:67:98:ed:bf:d2:31:57:15:e9:e9:
47:f1:e0:ae:67:2b:0b:ec:8d:03:a5:20:0d:2d:30:
71:ee:49:c8:a1:14:7e:55:be:9a:e6:81:4f:04:8d:
8f:ee:cc:a2:fe:36:f7:33:ba:11:af:99:4c:f9:30:
2d:35:ce:df:83:ec:f6:7a:d1:5d:19:6e:28:c3:1c:
64:bb:09:6a:d6:94:96:16:41:58:69:71:a1:7d:09:
e7:6c:0f:4f:39:49:3b:11:01:7e:1b:8a:45:fd:9c:
f6:b4:d2:b9:10:d5:4c:19:4b:e9:a7:31:f8:b6:4e:
8e:f7:8d:8b:63:a3:d9:00:b9:9b:62:85:0a:3a:3f:
f2:47:c6:9b:85:f1:32:93:97:c4:56:1d:a2:32:47:
62:cd:be:65:1e:ad:0e:6c:85:a4:db:b8:1a:51:f8:
b6:c7:de:23:59:5f:8e:52:33:55:5b:78:c1:9d:81:
e5:c5:ae:0b:02:cd:43:0d:9b:1f:23:d0:12:ff:19:
5e:f0:64:6a:12:91:9f:7f:7e:88:d3:b3:37:10:ed:
c8:43:86:de:d1:09:0f:a8:a0:c2:4c:4f:d9:f1:f5:
30:9e:20:eb:78:c5:95:f7:ec:c3:50:2b:5e:32:0a:
7d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:71:4D:EB:BF:DD:6F:C3:30:01:65:1A:BB:15:AB:83:E2:71:0C:7E
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/HHFN67_db8MwAWUauxWrg-JxDH4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
da:97:63:90:37:74:86:76:f3:76:1e:dd:3e:d2:48:28:58:01:
cc:73:a3:62:29:d1:5d:f0:c3:1f:a3:d3:ce:8c:7b:50:8f:89:
4a:46:f5:a7:25:01:0a:9c:94:25:c3:4d:0e:2e:84:5b:57:e6:
b2:73:a7:d4:20:5f:52:d0:1a:99:bb:21:25:1a:42:d4:16:30:
b1:4c:0c:97:17:e0:2f:9a:80:12:e8:25:c7:33:86:22:8e:d5:
78:cb:59:12:73:05:5d:f9:f4:a7:16:34:31:9c:04:30:2c:14:
a6:07:83:b7:e8:97:50:f1:b1:0a:78:e2:f5:38:39:ae:ae:df:
9f:b8:07:39:9c:8c:16:0b:52:6d:70:0e:aa:49:d3:e1:4b:94:
7c:f6:af:29:47:38:0f:2c:62:06:03:bc:3e:e1:c3:97:5b:57:
7e:fe:50:87:24:ee:dd:8a:b0:ca:ba:7f:17:49:6a:05:13:05:
8c:b6:1f:5d:61:60:90:6d:37:d4:0d:f3:cc:f8:93:e0:0f:a3:
1e:58:c1:4c:f5:de:ef:d8:37:64:10:b4:ae:ce:96:ef:60:45:
ca:1a:f1:46:95:1a:c0:74:7d:04:a8:27:a1:70:86:96:05:74:
99:06:e1:92:27:76:52:f2:28:e9:17:4d:06:a6:aa:27:67:9d:
a2:4f:56:dd
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICG5wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDMx
NDI0MTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFDNzE0REVCQkZERDZG
QzMzMDAxNjUxQUJCMTVBQjgzRTI3MTBDN0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDxF2cVPZeZBjlQHluFViR2mEDdZ5jtv9IxVxXp6Ufx4K5nKwvs
jQOlIA0tMHHuScihFH5VvprmgU8EjY/uzKL+NvczuhGvmUz5MC01zt+D7PZ60V0Z
bijDHGS7CWrWlJYWQVhpcaF9CedsD085STsRAX4bikX9nPa00rkQ1UwZS+mnMfi2
To73jYtjo9kAuZtihQo6P/JHxpuF8TKTl8RWHaIyR2LNvmUerQ5shaTbuBpR+LbH
3iNZX45SM1VbeMGdgeXFrgsCzUMNmx8j0BL/GV7wZGoSkZ9/fojTszcQ7chDht7R
CQ+ooMJMT9nx9TCeIOt4xZX37MNQK14yCn2lAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUHHFN67/db8MwAWUauxWrg+JxDH4wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0hIRk42N19kYjhNd0FX
VWF1eFdyZy1KeERINC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEA2pdjkDd0hnbzdh7dPtJIKFgBzHOjYinR
XfDDH6PTzox7UI+JSkb1pyUBCpyUJcNNDi6EW1fmsnOn1CBfUtAambshJRpC1BYw
sUwMlxfgL5qAEuglxzOGIo7VeMtZEnMFXfn0pxY0MZwEMCwUpgeDt+iXUPGxCnji
9Tg5rq7fn7gHOZyMFgtSbXAOqknT4UuUfPavKUc4DyxiBgO8PuHDl1tXfv5QhyTu
3Yqwyrp/F0lqBRMFjLYfXWFgkG031A3zzPiT4A+jHljBTPXe79g3ZBC0rs6W72BF
yhrxRpUawHR9BKgnoXCGlgV0mQbhkid2UvIo6RdNBqaqJ2edok9W3Q==
-----END CERTIFICATE-----
Generated at Fri May 3 19:54:03 2024 by rpki-client on console-fra.rpki-client.org