Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/Xf2FtEGdOM1yTAP6sMAql5A8c0E.roa
File: Xf2FtEGdOM1yTAP6sMAql5A8c0E.roa (raw, json)
Hash identifier: AOjtEbzcrNVjWW0W6NB+wsR+Fbhg2hMMlCZ++Ip3o2o=
Subject key identifier: 5D:FD:85:B4:41:9D:38:CD:72:4C:03:FA:B0:C0:2A:97:90:3C:73:41
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 18AA
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Xf2FtEGdOM1yTAP6sMAql5A8c0E.roa
Signing time: Thu 25 Apr 2024 17:53:41 +0000
ROA not before: Thu 25 Apr 2024 17:53:41 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6314 (0x18aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 25 17:53:41 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=5DFD85B4419D38CD724C03FAB0C02A97903C7341
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:3c:5f:16:9f:ff:4b:69:62:62:3a:94:d7:88:
4f:b3:f4:b2:5f:be:0b:bf:54:18:3d:d4:99:59:68:
19:d5:c9:c1:fc:ce:98:7f:2e:26:bd:f4:73:df:29:
98:84:e2:d0:1a:8c:8f:9d:96:03:59:2b:2c:18:1d:
cc:77:2b:54:09:dd:03:f5:1f:1c:a9:01:cc:5e:2a:
3e:66:74:f3:94:30:6e:bb:34:b7:d2:07:0a:fa:a8:
f3:bd:e3:26:40:9a:5c:05:48:3d:81:0e:12:3f:62:
60:aa:df:a0:d4:e2:e7:8a:a1:e2:06:e1:56:51:98:
76:69:ac:93:a4:48:61:71:24:02:53:aa:d1:96:f5:
a6:60:97:23:13:31:a5:93:5e:eb:a6:36:b9:0b:ca:
a0:8a:48:b1:f6:46:63:8b:62:c7:e0:a9:34:64:23:
9e:e3:b5:61:e1:36:75:4c:31:5a:e4:10:d0:c5:0e:
05:b8:e8:bc:69:91:e2:34:d0:52:e0:67:81:57:48:
ef:d8:81:31:ee:23:71:d7:0a:75:99:07:b8:01:f3:
9c:37:29:04:5b:7a:fe:d2:99:34:9a:36:98:91:1f:
22:61:43:b4:24:8f:fc:94:4c:b6:1e:4a:6a:a3:98:
bb:d5:42:9b:03:54:34:ee:3f:ad:c6:84:9a:39:76:
e0:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:FD:85:B4:41:9D:38:CD:72:4C:03:FA:B0:C0:2A:97:90:3C:73:41
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Xf2FtEGdOM1yTAP6sMAql5A8c0E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4b:b7:02:2c:4d:59:da:22:f8:28:4e:d3:69:bd:d0:cd:f8:29:
3e:24:3d:73:cb:d9:30:d9:33:21:82:a0:6d:72:98:90:ca:0e:
78:d3:e4:ec:c2:34:b8:23:80:f9:79:a8:be:58:43:5d:0c:4e:
74:61:c5:bc:d7:c5:9b:3e:62:cc:f7:d9:92:1f:41:53:23:c7:
f1:46:6d:81:da:96:5f:b2:31:b3:fe:db:b8:b7:7a:c8:24:45:
4e:eb:e0:0b:76:a9:b4:87:06:20:c7:d6:50:c6:15:d7:0e:76:
28:f6:35:cb:c4:19:26:fc:86:9d:fe:13:34:c1:e9:78:a8:4f:
96:b5:42:5a:f5:44:20:f8:27:7a:c8:40:42:0e:57:4e:53:8d:
7f:9f:23:d7:ac:38:4c:5e:0f:73:2b:40:d8:0a:45:ae:59:5c:
f9:7e:c2:4b:85:15:ff:96:a7:5f:0d:2c:9f:75:02:12:03:86:
ac:e2:f6:ac:2f:81:62:c8:90:9c:62:a7:6e:ec:07:ba:ba:76:
70:d6:f7:dd:a7:d4:6d:d7:31:38:43:ce:60:e2:7c:71:f7:d6:
6f:57:56:b6:56:b9:93:32:46:b0:19:ac:6b:ad:30:b3:db:f7:
14:dd:e0:bd:cf:2a:da:8d:7b:0a:4d:22:b7:a7:72:b9:e3:95:
40:6f:39:d9
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGKowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjUx
NzUzNDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVERkQ4NUI0NDE5RDM4
Q0Q3MjRDMDNGQUIwQzAyQTk3OTAzQzczNDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDxPF8Wn/9LaWJiOpTXiE+z9LJfvgu/VBg91JlZaBnVycH8zph/
Lia99HPfKZiE4tAajI+dlgNZKywYHcx3K1QJ3QP1HxypAcxeKj5mdPOUMG67NLfS
Bwr6qPO94yZAmlwFSD2BDhI/YmCq36DU4ueKoeIG4VZRmHZprJOkSGFxJAJTqtGW
9aZglyMTMaWTXuumNrkLyqCKSLH2RmOLYsfgqTRkI57jtWHhNnVMMVrkENDFDgW4
6LxpkeI00FLgZ4FXSO/YgTHuI3HXCnWZB7gB85w3KQRbev7SmTSaNpiRHyJhQ7Qk
j/yUTLYeSmqjmLvVQpsDVDTuP63GhJo5duCzAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUXf2FtEGdOM1yTAP6sMAql5A8c0EwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1hmMkZ0RUdkT00xeVRB
UDZzTUFxbDVBOGMwRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAS7cCLE1Z2iL4KE7Tab3QzfgpPiQ9c8vZ
MNkzIYKgbXKYkMoOeNPk7MI0uCOA+XmovlhDXQxOdGHFvNfFmz5izPfZkh9BUyPH
8UZtgdqWX7Ixs/7buLd6yCRFTuvgC3aptIcGIMfWUMYV1w52KPY1y8QZJvyGnf4T
NMHpeKhPlrVCWvVEIPgneshAQg5XTlONf58j16w4TF4PcytA2ApFrllc+X7CS4UV
/5anXw0sn3UCEgOGrOL2rC+BYsiQnGKnbuwHurp2cNb33afUbdcxOEPOYOJ8cffW
b1dWtla5kzJGsBmsa60ws9v3FN3gvc8q2o17Ck0it6dyueOVQG852Q==
-----END CERTIFICATE-----
Generated at Thu Apr 10 14:07:18 2025 by rpki-client