Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/UyTUZwozJdATnlktw1i5SkUTevc.roa
File: UyTUZwozJdATnlktw1i5SkUTevc.roa (raw, json)
Hash identifier: cj9bUCspQ5DIsUE9i+xw1I47hh9N427WW+GsVK6Ov4Y=
Subject key identifier: 53:24:D4:67:0A:33:25:D0:13:9E:59:2D:C3:58:B9:4A:45:13:7A:F7
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1AEC
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/UyTUZwozJdATnlktw1i5SkUTevc.roa
Signing time: Wed 01 May 2024 18:24:04 +0000
ROA not before: Wed 01 May 2024 18:24:04 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6892 (0x1aec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 1 18:24:04 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5324D4670A3325D0139E592DC358B94A45137AF7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f8:ed:4b:09:c1:03:09:0a:a5:4e:63:e5:61:
e4:66:61:db:09:14:da:39:d8:fd:33:ae:66:99:16:
d8:2c:22:32:e8:09:5b:5d:e4:50:03:c8:51:d5:e7:
01:67:9a:fd:cc:53:b4:1d:99:aa:27:aa:c4:79:2f:
cf:ee:28:8d:c4:78:ea:c9:56:90:a5:98:a0:a1:4b:
75:46:5f:6d:6a:99:df:ad:10:60:94:d1:2c:77:aa:
f6:16:87:e9:09:e7:3a:fc:0b:a1:ce:b5:d4:06:d7:
54:c7:18:0f:6c:f6:2c:ad:86:ef:bb:cc:89:6c:5c:
04:83:29:e7:e9:e9:8f:d7:b3:ef:e1:98:e2:13:24:
83:78:d0:aa:ed:65:59:85:70:d5:d0:ca:17:5f:f9:
1b:4d:70:62:59:3b:40:16:82:b0:72:07:48:b4:ee:
d7:53:6e:f6:38:49:d0:b5:93:38:f1:35:c4:64:61:
e5:cd:9e:66:c3:6f:83:f9:ab:82:7d:91:a7:4a:5d:
b7:ea:a8:b4:7c:81:de:fc:a0:d7:48:78:cb:0b:63:
3b:da:aa:4d:94:fe:09:63:8a:91:69:a5:7e:41:88:
76:2a:5a:ea:82:27:0b:18:c2:50:2c:e7:e1:c3:a7:
0a:03:9d:4e:61:66:22:89:b9:17:43:87:09:02:fe:
b5:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:24:D4:67:0A:33:25:D0:13:9E:59:2D:C3:58:B9:4A:45:13:7A:F7
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/UyTUZwozJdATnlktw1i5SkUTevc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2d:d0:61:70:7a:d7:64:6e:32:7b:4c:c3:af:a0:d1:f9:4b:d6:
b4:64:5d:59:55:0b:ee:54:13:40:bc:76:1f:ea:9a:eb:a0:7e:
4e:94:f3:09:bc:04:bb:1c:57:d5:15:d2:09:99:57:6c:38:0b:
f0:20:a7:66:ab:f5:53:05:e3:33:11:88:53:6d:dd:2a:3d:ca:
07:c9:97:5c:2a:d2:a2:59:64:4a:48:13:bd:cb:9e:50:f4:f0:
0e:8c:81:3b:73:aa:0e:86:cb:b8:b8:f7:bc:0b:6c:85:2f:da:
45:50:56:13:57:dc:14:57:0a:e9:8e:4d:b2:55:51:d8:38:4a:
ad:df:33:20:ec:c0:ab:da:4f:34:c8:6a:47:29:f0:36:de:cd:
03:47:dd:81:eb:df:83:97:07:ac:de:1a:fb:60:1b:6e:72:a2:
26:b7:b1:47:94:14:c7:39:e6:b4:e4:94:e1:11:9d:1f:28:fc:
eb:c7:84:15:bb:5c:40:83:8c:ae:87:81:df:57:f1:b8:89:28:
d4:42:2b:54:72:65:66:f7:bd:16:ed:7a:3f:26:3e:5a:38:85:
02:a4:ed:77:21:d5:e9:48:41:8f:61:d3:a5:0a:6c:c3:c0:b5:
ba:bb:43:fe:46:6d:79:87:fc:63:4e:bf:b4:e8:1a:24:2b:79:
5c:14:26:ad
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGuwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDEx
ODI0MDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUzMjRENDY3MEEzMzI1
RDAxMzlFNTkyREMzNThCOTRBNDUxMzdBRjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCq+O1LCcEDCQqlTmPlYeRmYdsJFNo52P0zrmaZFtgsIjLoCVtd
5FADyFHV5wFnmv3MU7QdmaonqsR5L8/uKI3EeOrJVpClmKChS3VGX21qmd+tEGCU
0Sx3qvYWh+kJ5zr8C6HOtdQG11THGA9s9iythu+7zIlsXASDKefp6Y/Xs+/hmOIT
JIN40KrtZVmFcNXQyhdf+RtNcGJZO0AWgrByB0i07tdTbvY4SdC1kzjxNcRkYeXN
nmbDb4P5q4J9kadKXbfqqLR8gd78oNdIeMsLYzvaqk2U/gljipFppX5BiHYqWuqC
JwsYwlAs5+HDpwoDnU5hZiKJuRdDhwkC/rV/AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUUyTUZwozJdATnlktw1i5SkUTevcwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1V5VFVad296SmRBVG5s
a3R3MWk1U2tVVGV2Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEALdBhcHrXZG4ye0zDr6DR+UvWtGRdWVUL
7lQTQLx2H+qa66B+TpTzCbwEuxxX1RXSCZlXbDgL8CCnZqv1UwXjMxGIU23dKj3K
B8mXXCrSollkSkgTvcueUPTwDoyBO3OqDobLuLj3vAtshS/aRVBWE1fcFFcK6Y5N
slVR2DhKrd8zIOzAq9pPNMhqRynwNt7NA0fdgevfg5cHrN4a+2AbbnKiJrexR5QU
xznmtOSU4RGdHyj868eEFbtcQIOMroeB31fxuIko1EIrVHJlZve9Fu16PyY+WjiF
AqTtdyHV6UhBj2HTpQpsw8C1urtD/kZteYf8Y06/tOgaJCt5XBQmrQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:44:31 2025 by rpki-client