Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/ocqDnUAZ7b1Nzw21H4b2-GdG-S0.roa
File: ocqDnUAZ7b1Nzw21H4b2-GdG-S0.roa (raw, json)
Hash identifier: clrlRiryqCQ2EJAdbuju03JBPrffjOHvsMP4rNYCISk=
Subject key identifier: A1:CA:83:9D:40:19:ED:BD:4D:CF:0D:B5:1F:86:F6:F8:67:46:F9:2D
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 125E
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/ocqDnUAZ7b1Nzw21H4b2-GdG-S0.roa
Signing time: Mon 08 Apr 2024 22:53:07 +0000
ROA not before: Mon 08 Apr 2024 22:53:07 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4702 (0x125e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 8 22:53:07 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=A1CA839D4019EDBD4DCF0DB51F86F6F86746F92D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:df:e8:26:58:39:7b:52:45:be:3a:e3:43:cd:
93:46:a1:fe:4b:98:8a:06:b8:52:45:96:01:4d:bd:
f5:b3:47:df:87:3c:0c:db:53:d3:92:1e:83:be:55:
9b:b8:9a:e1:9a:47:df:d8:60:ab:12:77:62:cc:bc:
15:e3:38:4b:1d:c4:58:fe:47:19:8a:a1:84:46:6e:
f6:e7:47:d7:ec:11:22:ef:03:59:ac:c7:6b:3c:b2:
6f:3a:44:9c:fb:b7:bb:50:b4:52:04:d7:a1:00:91:
f8:fe:da:cb:fb:6f:f2:00:51:0e:6f:eb:f2:6e:44:
74:4d:78:de:da:b8:14:d9:46:ff:ae:0e:0a:f4:9c:
7f:80:04:23:05:a9:2c:03:98:f5:f2:83:5e:13:cf:
e2:c6:b2:c1:6b:3c:55:4d:74:82:6e:ff:26:02:d1:
75:fe:c5:ac:96:49:9a:8f:7f:4c:2e:2f:f1:0b:02:
63:72:68:88:19:eb:d9:c3:4c:ed:e4:13:70:01:48:
81:ce:d8:81:74:db:87:68:8a:d0:80:d8:5b:f3:a8:
2f:8b:ac:ee:28:80:c4:3e:1a:7d:65:93:b3:06:ba:
7d:a0:aa:02:1f:f8:b4:05:bb:8f:68:91:12:64:2b:
bf:86:7c:3e:1d:c8:ee:62:fc:c2:7a:ba:3a:38:e3:
14:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:CA:83:9D:40:19:ED:BD:4D:CF:0D:B5:1F:86:F6:F8:67:46:F9:2D
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/ocqDnUAZ7b1Nzw21H4b2-GdG-S0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1b:c3:76:29:d1:e5:97:1d:39:66:fa:da:3e:79:9d:cf:c4:bc:
be:40:34:62:86:6b:00:0b:00:a7:79:75:c3:c4:fa:b6:f1:19:
c5:2f:0a:dd:4a:1f:9f:c8:46:c8:53:cf:15:ed:e9:a2:06:69:
9d:30:60:ba:25:73:b8:1a:87:1c:9c:3f:a8:9e:1b:1f:39:a0:
39:d7:26:46:6c:f2:2f:55:97:e7:ed:bf:0d:01:83:96:24:94:
45:66:d3:0c:da:7a:fd:85:7e:a5:ba:32:75:15:b5:30:f9:03:
1f:d7:d1:7a:9e:64:d7:bd:f0:61:70:48:28:06:3d:96:7d:02:
a9:86:92:98:da:85:83:04:46:2a:ed:fe:d5:1b:fb:5d:d7:89:
e1:6e:19:d1:fd:c3:a9:d5:f0:e4:5c:ea:25:17:8f:74:66:d6:
69:44:2b:40:c4:66:06:78:fd:bf:ca:70:57:12:d6:d0:ad:2f:
dc:ca:d9:fd:22:9e:f6:5c:bb:5c:50:d7:0d:55:80:be:47:68:
e6:b2:50:ac:0d:6b:3d:0b:63:aa:fa:8d:98:36:22:d9:96:66:
c8:03:b9:c1:9b:b5:b7:2c:96:b9:30:43:85:99:e2:04:d3:ff:
a7:a2:96:c6:7e:89:8f:2e:ed:5c:74:40:85:79:a7:86:43:2c:
4f:1b:9c:69
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEl4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDgy
MjUzMDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEExQ0E4MzlENDAxOUVE
QkQ0RENGMERCNTFGODZGNkY4Njc0NkY5MkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCm3+gmWDl7UkW+OuNDzZNGof5LmIoGuFJFlgFNvfWzR9+HPAzb
U9OSHoO+VZu4muGaR9/YYKsSd2LMvBXjOEsdxFj+RxmKoYRGbvbnR9fsESLvA1ms
x2s8sm86RJz7t7tQtFIE16EAkfj+2sv7b/IAUQ5v6/JuRHRNeN7auBTZRv+uDgr0
nH+ABCMFqSwDmPXyg14Tz+LGssFrPFVNdIJu/yYC0XX+xayWSZqPf0wuL/ELAmNy
aIgZ69nDTO3kE3ABSIHO2IF024doitCA2FvzqC+LrO4ogMQ+Gn1lk7MGun2gqgIf
+LQFu49okRJkK7+GfD4dyO5i/MJ6ujo44xTrAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUocqDnUAZ7b1Nzw21H4b2+GdG+S0wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL29jcURuVUFaN2IxTnp3
MjFINGIyLUdkRy1TMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAG8N2KdHllx05ZvraPnmdz8S8vkA0YoZr
AAsAp3l1w8T6tvEZxS8K3Uofn8hGyFPPFe3pogZpnTBguiVzuBqHHJw/qJ4bHzmg
OdcmRmzyL1WX5+2/DQGDliSURWbTDNp6/YV+pboydRW1MPkDH9fRep5k173wYXBI
KAY9ln0CqYaSmNqFgwRGKu3+1Rv7XdeJ4W4Z0f3DqdXw5FzqJRePdGbWaUQrQMRm
Bnj9v8pwVxLW0K0v3MrZ/SKe9ly7XFDXDVWAvkdo5rJQrA1rPQtjqvqNmDYi2ZZm
yAO5wZu1tyyWuTBDhZniBNP/p6KWxn6Jjy7tXHRAhXmnhkMsTxucaQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:39:04 2025 by rpki-client