Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/hGaURrHycL6wD7IMZkp_QK3vHQc.roa
File: hGaURrHycL6wD7IMZkp_QK3vHQc.roa (raw, json)
Hash identifier: 1qd9p9HfE0O4vTdjLB7VkDADylhAPH96CHKfRg7TZq4=
Subject key identifier: 84:66:94:46:B1:F2:70:BE:B0:0F:B2:0C:66:4A:7F:40:AD:EF:1D:07
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0FD4
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/hGaURrHycL6wD7IMZkp_QK3vHQc.roa
Signing time: Tue 02 Apr 2024 04:22:39 +0000
ROA not before: Tue 02 Apr 2024 04:22:39 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4052 (0xfd4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 2 04:22:39 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=84669446B1F270BEB00FB20C664A7F40ADEF1D07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:71:fe:2b:d2:3d:2a:ae:87:fd:24:76:82:4d:
1f:be:74:d4:ca:67:9e:bc:5b:ad:43:c2:ce:1d:e5:
3a:54:4d:5e:fd:42:ee:b3:b3:3b:93:5b:00:c4:a0:
3b:13:a1:41:88:13:25:7c:0f:0a:ec:83:bd:70:cf:
59:60:14:91:0c:f4:14:ed:7b:30:c9:9d:00:54:18:
c4:b1:ea:3d:29:35:fc:8d:b7:ac:c4:b1:b9:dc:5e:
9b:1d:49:a4:8d:40:7e:77:18:7a:bc:34:a6:58:41:
07:f1:fa:1b:b4:07:53:d6:ce:63:a8:05:35:45:5c:
7c:da:72:0d:84:59:c1:12:f4:ec:96:c1:97:12:dc:
01:c1:44:6e:05:b3:0c:de:58:0e:1c:ef:a6:a6:8e:
c1:ca:58:16:ca:b3:50:34:04:ec:3e:1d:07:47:b3:
7c:11:7b:8b:b1:b5:28:6d:11:0b:f8:be:23:a5:93:
b8:68:87:78:62:65:85:a2:59:6c:b3:2e:bf:ea:5a:
76:9b:31:f1:78:b7:2e:25:c1:8f:35:c0:0e:82:1c:
73:1e:e1:07:19:75:31:6b:bf:ca:9e:00:4a:de:9d:
8c:7e:be:b4:6c:03:84:d2:0d:27:b9:f8:80:5b:4c:
cb:d7:3a:d5:c6:12:89:af:77:32:54:aa:50:59:91:
ae:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:66:94:46:B1:F2:70:BE:B0:0F:B2:0C:66:4A:7F:40:AD:EF:1D:07
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/hGaURrHycL6wD7IMZkp_QK3vHQc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6c:6b:58:48:58:23:65:0b:a8:bf:2c:4c:8b:bf:12:47:d0:7b:
e9:dc:1b:ce:f5:cd:cf:42:38:2d:2c:e7:42:97:15:23:2e:b5:
2e:65:b7:f6:eb:12:53:12:6c:4e:c8:6f:2f:0c:cd:7c:d5:fa:
c2:8f:70:b7:10:3d:7d:f1:8b:a8:a8:65:e5:2c:8a:c1:dc:98:
7c:00:22:71:0f:b8:a7:a1:27:bf:fa:11:58:6c:64:06:8a:aa:
13:c3:24:f1:5d:9e:32:9f:03:48:da:c0:68:f7:4d:6a:4d:cc:
d7:b2:ad:3c:51:9a:ef:a2:b5:40:7a:79:51:c0:ab:59:f0:43:
e6:0e:c8:f9:33:21:f9:d0:73:61:0e:e0:ea:b7:51:e3:24:ce:
8c:4a:9f:84:5e:3a:3b:5a:5b:e0:23:8a:14:04:dd:4d:80:2b:
0b:cb:30:47:44:b3:4e:c1:eb:fb:9d:62:97:b4:37:ee:16:9b:
64:3a:ed:37:36:fb:d6:96:da:2c:e9:ef:ba:b0:5c:4f:e9:fc:
34:2e:7a:1f:8e:c7:e9:03:b5:3a:19:01:09:9f:7d:85:49:c2:
aa:9d:e1:dd:d0:ce:c0:9c:c8:c0:2c:03:10:cf:43:85:f0:90:
83:c5:29:6e:de:81:67:96:79:72:3f:9f:69:8d:89:f1:f2:e6:
01:6b:f2:9c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICD9QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDIw
NDIyMzlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg0NjY5NDQ2QjFGMjcw
QkVCMDBGQjIwQzY2NEE3RjQwQURFRjFEMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5cf4r0j0qrof9JHaCTR++dNTKZ568W61Dws4d5TpUTV79Qu6z
szuTWwDEoDsToUGIEyV8Dwrsg71wz1lgFJEM9BTtezDJnQBUGMSx6j0pNfyNt6zE
sbncXpsdSaSNQH53GHq8NKZYQQfx+hu0B1PWzmOoBTVFXHzacg2EWcES9OyWwZcS
3AHBRG4FswzeWA4c76amjsHKWBbKs1A0BOw+HQdHs3wRe4uxtShtEQv4viOlk7ho
h3hiZYWiWWyzLr/qWnabMfF4ty4lwY81wA6CHHMe4QcZdTFrv8qeAErenYx+vrRs
A4TSDSe5+IBbTMvXOtXGEomvdzJUqlBZka5lAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUhGaURrHycL6wD7IMZkp/QK3vHQcwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL2hHYVVSckh5Y0w2d0Q3
SU1aa3BfUUszdkhRYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAbGtYSFgjZQuovyxMi78SR9B76dwbzvXN
z0I4LSznQpcVIy61LmW39usSUxJsTshvLwzNfNX6wo9wtxA9ffGLqKhl5SyKwdyY
fAAicQ+4p6Env/oRWGxkBoqqE8Mk8V2eMp8DSNrAaPdNak3M17KtPFGa76K1QHp5
UcCrWfBD5g7I+TMh+dBzYQ7g6rdR4yTOjEqfhF46O1pb4COKFATdTYArC8swR0Sz
TsHr+51il7Q37habZDrtNzb71pbaLOnvurBcT+n8NC56H47H6QO1OhkBCZ99hUnC
qp3h3dDOwJzIwCwDEM9DhfCQg8Upbt6BZ5Z5cj+faY2J8fLmAWvynA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:21:47 2025 by rpki-client