Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/IKZht1HF9o1C-I9G12VTDmoCZfU.roa
File: IKZht1HF9o1C-I9G12VTDmoCZfU.roa (raw, json)
Hash identifier: k8W8p6e4HKEvX3Cds5H5baF3wqy2SJmPpx7R72xl9D0=
Subject key identifier: 20:A6:61:B7:51:C5:F6:8D:42:F8:8F:46:D7:65:53:0E:6A:02:65:F5
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 14D0
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/IKZht1HF9o1C-I9G12VTDmoCZfU.roa
Signing time: Mon 15 Apr 2024 11:23:17 +0000
ROA not before: Mon 15 Apr 2024 11:23:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5328 (0x14d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 15 11:23:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=20A661B751C5F68D42F88F46D765530E6A0265F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:5a:45:ed:d3:0b:4d:c6:1e:06:8a:7a:61:06:
27:6b:1a:d1:6d:9b:f2:7a:b9:c1:a9:6a:ac:0f:13:
da:51:7a:2f:24:94:3a:11:c5:84:3f:1d:41:c1:48:
ae:2a:05:7b:8c:5b:f3:38:42:4c:80:cd:c0:15:43:
65:2b:72:3d:cd:a7:48:07:01:ab:83:1a:ad:e9:71:
d4:4a:b2:ed:02:92:ce:cb:1c:9b:3e:c0:35:a2:8e:
e3:32:4c:5c:98:c6:20:81:c5:dc:36:27:0e:3c:4b:
02:bc:1d:46:e5:db:36:e0:34:e7:d9:6a:08:a0:35:
a8:98:44:cf:a5:31:da:2d:9f:cd:5d:b5:b6:b5:d8:
6a:d5:ff:f9:fb:fe:17:56:5b:a2:79:45:24:59:65:
0f:6e:fb:8f:ea:b7:cc:2b:c7:c5:6a:0e:fb:bb:c6:
cf:ef:d5:9c:ca:fd:eb:ac:99:59:ac:e6:f7:b7:b2:
1e:98:e6:d2:1d:da:fb:8e:f1:7e:72:5a:b4:4a:ae:
7c:22:2d:83:25:bb:a4:28:a8:0e:91:ce:8e:b6:87:
5f:a1:47:92:fa:98:3a:cf:7c:73:84:06:86:87:fd:
62:2f:c8:97:f4:cd:f8:db:a0:6f:c2:b0:69:18:70:
0f:c4:c9:9c:9f:7f:7c:90:7a:ad:ff:4d:72:e7:00:
66:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:A6:61:B7:51:C5:F6:8D:42:F8:8F:46:D7:65:53:0E:6A:02:65:F5
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/IKZht1HF9o1C-I9G12VTDmoCZfU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
40:3d:c4:12:74:db:0a:da:3f:f5:7e:b8:2a:72:27:ca:60:d2:
a2:d4:6f:10:7f:2a:0f:92:bc:db:66:e1:90:dc:90:ae:fd:ee:
92:bf:69:21:ce:7c:52:02:eb:47:33:66:64:5e:a2:7d:0f:7c:
90:a3:99:ed:fa:f4:69:1d:7f:19:0b:20:cb:8f:f7:33:b3:ba:
d7:4f:f2:37:0d:a3:aa:17:fb:66:3c:60:29:61:67:68:9f:3d:
55:e5:3d:ee:3e:b6:30:e2:4d:60:86:b5:6f:49:aa:b3:a7:86:
6d:6e:72:3f:81:2c:75:e2:72:5c:23:ae:5c:f0:3e:d9:ab:a1:
c8:e2:83:8f:25:4e:0b:3a:c6:b0:69:f1:36:a4:6a:14:ef:e8:
c8:28:54:d1:99:1a:24:40:83:8b:af:f1:5a:3a:ad:15:66:0e:
43:02:dc:be:fe:9a:98:f6:b1:b5:3b:26:e8:d2:83:93:99:c1:
d1:3c:20:03:da:4f:77:84:24:d3:4a:49:40:6f:17:d1:3c:1b:
60:75:00:1e:7c:57:76:cb:d7:b4:8a:73:5c:45:73:cb:b8:5d:
82:64:f6:23:2b:b4:0d:dd:88:5a:7a:25:fa:4c:ca:cb:b0:be:
98:c6:6a:6f:f1:ec:83:36:dc:cd:e8:5d:61:e5:d9:07:80:8e:
60:ff:55:21
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFNAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTUx
MTIzMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIwQTY2MUI3NTFDNUY2
OEQ0MkY4OEY0NkQ3NjU1MzBFNkEwMjY1RjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfWkXt0wtNxh4GinphBidrGtFtm/J6ucGpaqwPE9pRei8klDoR
xYQ/HUHBSK4qBXuMW/M4QkyAzcAVQ2Urcj3Np0gHAauDGq3pcdRKsu0Cks7LHJs+
wDWijuMyTFyYxiCBxdw2Jw48SwK8HUbl2zbgNOfZagigNaiYRM+lMdotn81dtba1
2GrV//n7/hdWW6J5RSRZZQ9u+4/qt8wrx8VqDvu7xs/v1ZzK/eusmVms5ve3sh6Y
5tId2vuO8X5yWrRKrnwiLYMlu6QoqA6Rzo62h1+hR5L6mDrPfHOEBoaH/WIvyJf0
zfjboG/CsGkYcA/EyZyff3yQeq3/TXLnAGYZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUIKZht1HF9o1C+I9G12VTDmoCZfUwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0lLWmh0MUhGOW8xQy1J
OUcxMlZURG1vQ1pmVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAQD3EEnTbCto/9X64KnInymDSotRvEH8q
D5K822bhkNyQrv3ukr9pIc58UgLrRzNmZF6ifQ98kKOZ7fr0aR1/GQsgy4/3M7O6
10/yNw2jqhf7ZjxgKWFnaJ89VeU97j62MOJNYIa1b0mqs6eGbW5yP4EsdeJyXCOu
XPA+2auhyOKDjyVOCzrGsGnxNqRqFO/oyChU0ZkaJECDi6/xWjqtFWYOQwLcvv6a
mPaxtTsm6NKDk5nB0TwgA9pPd4Qk00pJQG8X0TwbYHUAHnxXdsvXtIpzXEVzy7hd
gmT2Iyu0Dd2IWnol+kzKy7C+mMZqb/HsgzbczehdYeXZB4COYP9VIQ==
-----END CERTIFICATE-----
Generated at Mon Apr 15 15:28:26 2024 by rpki-client on console-fra.rpki-client.org