Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/ZtYcOpgZCPOpOzqfe5uVEKnNvKA.roa
File: ZtYcOpgZCPOpOzqfe5uVEKnNvKA.roa (raw, json)
Hash identifier: yiTBf5j0h5HRizE4VKNEouu3ulxUTKjtlT9uJbGNIPQ=
Subject key identifier: 66:D6:1C:3A:98:19:08:F3:A9:3B:3A:9F:7B:9B:95:10:A9:CD:BC:A0
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1A28
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/ZtYcOpgZCPOpOzqfe5uVEKnNvKA.roa
Signing time: Mon 29 Apr 2024 17:23:56 +0000
ROA not before: Mon 29 Apr 2024 17:23:56 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6696 (0x1a28)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 29 17:23:56 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=66D61C3A981908F3A93B3A9F7B9B9510A9CDBCA0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3e:53:f1:72:18:9e:e4:58:ea:3e:e5:47:ef:
b0:68:71:7b:b5:d6:59:10:1d:a0:5b:8e:f0:85:cc:
da:8e:d9:b7:94:c3:0d:a1:48:36:f4:35:83:7b:80:
5a:47:c9:41:f5:45:df:ef:6f:36:13:b4:05:01:85:
2f:87:58:5a:f3:a3:86:15:73:7c:32:56:0d:d2:ac:
0f:a5:2a:bf:31:3c:46:8c:0a:63:b6:d2:e4:6e:d1:
d8:91:f3:41:e3:ac:7d:dd:5f:f9:14:57:b8:a1:1c:
c8:2b:d9:7e:d8:85:c4:5d:06:4a:32:18:9a:8e:e0:
8d:b5:d3:f0:d9:e9:01:bb:aa:71:01:00:61:99:21:
ea:df:2c:a7:af:70:10:5e:5f:13:70:0c:67:d5:c1:
56:d9:c9:c0:e8:ee:62:4a:85:ce:2e:ec:f5:f8:9f:
a6:c1:8a:3a:54:15:9a:50:9d:16:b3:ac:a4:58:31:
e6:f7:76:6d:65:ac:0c:cd:0d:54:11:63:b7:2c:6d:
52:b6:3a:8c:99:9f:61:fc:21:f9:20:1d:ae:13:c9:
bf:3a:df:7f:c2:9e:cf:da:68:af:fe:63:a7:b4:10:
eb:43:37:8f:ee:84:8f:80:3a:a5:10:da:70:a2:57:
2b:c1:ed:51:98:08:bd:0b:f2:b7:9e:55:39:97:d1:
7f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:D6:1C:3A:98:19:08:F3:A9:3B:3A:9F:7B:9B:95:10:A9:CD:BC:A0
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/ZtYcOpgZCPOpOzqfe5uVEKnNvKA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
55:5a:b1:a8:e6:bd:b6:df:06:e1:57:58:80:e4:86:7d:c2:d4:
0b:7d:cc:89:5b:b2:05:50:92:00:17:62:94:6b:b1:28:30:da:
b6:63:03:40:a7:db:90:7e:00:22:92:4f:c5:9f:0e:6b:bb:a8:
60:9d:7a:26:1f:37:32:ae:7b:7a:ef:f7:27:dd:11:58:54:71:
61:d0:30:03:d6:68:68:40:01:22:f5:c4:e4:b6:4f:b0:be:85:
54:f3:79:42:07:ed:bc:f1:8a:71:9c:15:dd:c6:0e:26:c6:95:
c8:ae:8e:43:8d:f6:9d:83:88:d2:42:7f:62:f4:d8:e8:79:1a:
7c:05:28:ee:e4:35:09:5c:ce:2f:d3:af:4d:a7:6a:8c:ea:5c:
80:5a:7b:c0:c4:ae:05:4d:f5:8f:be:29:30:dd:15:9a:5e:3d:
33:da:e8:1d:03:f2:f2:7e:f4:74:4d:03:b0:b7:db:61:4e:12:
f2:e6:ab:ad:1d:12:b4:ba:dc:f7:4f:f8:97:93:67:b3:2c:91:
95:99:ec:87:b4:f9:b2:62:d7:c9:82:09:50:0e:5e:04:05:ec:
b2:56:20:1a:ff:90:da:2b:c3:25:f1:b1:d7:1f:0c:56:25:14:
da:e0:ab:03:dc:e4:ed:d8:f3:3e:56:8d:9c:b3:b1:ae:c5:e8:
8a:8c:46:34
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGigwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0Mjkx
NzIzNTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY2RDYxQzNBOTgxOTA4
RjNBOTNCM0E5RjdCOUI5NTEwQTlDREJDQTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6PlPxchie5FjqPuVH77BocXu11lkQHaBbjvCFzNqO2beUww2h
SDb0NYN7gFpHyUH1Rd/vbzYTtAUBhS+HWFrzo4YVc3wyVg3SrA+lKr8xPEaMCmO2
0uRu0diR80HjrH3dX/kUV7ihHMgr2X7YhcRdBkoyGJqO4I210/DZ6QG7qnEBAGGZ
IerfLKevcBBeXxNwDGfVwVbZycDo7mJKhc4u7PX4n6bBijpUFZpQnRazrKRYMeb3
dm1lrAzNDVQRY7csbVK2OoyZn2H8IfkgHa4Tyb8633/Cns/aaK/+Y6e0EOtDN4/u
hI+AOqUQ2nCiVyvB7VGYCL0L8reeVTmX0X9TAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUZtYcOpgZCPOpOzqfe5uVEKnNvKAwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL1p0WWNPcGdaQ1BPcE96
cWZlNXVWRUtuTnZLQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAVVqxqOa9tt8G4VdYgOSGfcLUC33MiVuy
BVCSABdilGuxKDDatmMDQKfbkH4AIpJPxZ8Oa7uoYJ16Jh83Mq57eu/3J90RWFRx
YdAwA9ZoaEABIvXE5LZPsL6FVPN5QgftvPGKcZwV3cYOJsaVyK6OQ432nYOI0kJ/
YvTY6HkafAUo7uQ1CVzOL9OvTadqjOpcgFp7wMSuBU31j74pMN0Vml49M9roHQPy
8n70dE0DsLfbYU4S8uarrR0StLrc90/4l5NnsyyRlZnsh7T5smLXyYIJUA5eBAXs
slYgGv+Q2ivDJfGx1x8MViUU2uCrA9zk7djzPlaNnLOxrsXoioxGNA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:33:20 2025 by rpki-client