Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/-AGhR1BCE3OY04lyqGEGntdarvI.roa
File: -AGhR1BCE3OY04lyqGEGntdarvI.roa (raw, json)
Hash identifier: L8UdJg3EjvGVNbIsRL6mrnjz/90Mw6ObJ4XYDz8+/y8=
Subject key identifier: F8:01:A1:47:50:42:13:73:98:D3:89:72:A8:61:06:9E:D7:5A:AE:F2
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1BD2
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/-AGhR1BCE3OY04lyqGEGntdarvI.roa
Signing time: Sat 04 May 2024 03:54:11 +0000
ROA not before: Sat 04 May 2024 03:54:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7122 (0x1bd2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 4 03:54:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F801A1475042137398D38972A861069ED75AAEF2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:12:b6:a0:27:fc:ad:b2:0f:3e:91:36:95:6a:
92:68:7f:c2:34:8d:7a:83:b2:a1:71:36:80:a2:0c:
cd:e7:df:17:1f:6b:5e:c4:68:68:45:ec:77:f6:df:
22:97:b4:7f:31:6a:fa:86:78:7f:d2:45:53:85:83:
89:c9:90:1b:11:30:3f:52:9a:91:72:83:b7:88:37:
de:28:29:21:19:c2:f1:05:61:8a:3c:d2:eb:ad:f8:
17:a8:d5:d6:4f:63:a0:9f:e5:78:4e:da:77:af:13:
59:c3:67:48:89:f5:02:33:99:43:45:1b:40:b5:62:
6d:96:1b:15:29:69:49:58:3b:a1:69:09:e8:5d:5a:
ce:1b:f8:58:e3:17:70:b0:57:a8:13:0f:21:6a:3a:
07:67:bc:2d:16:7b:09:91:d8:cf:cd:87:ed:78:db:
4e:86:4d:99:32:d0:28:26:49:46:90:47:e6:6c:eb:
25:09:c0:3a:56:58:f3:ce:5f:09:f8:56:a9:03:16:
3b:34:5f:5f:94:f9:28:5a:9c:70:84:01:63:67:57:
ae:cc:56:79:f4:2f:a8:29:b8:de:77:c6:68:49:2f:
b7:74:fb:2f:4e:7c:21:6a:85:3e:35:da:e4:f5:fe:
32:72:e8:20:59:a8:25:2d:18:3f:3b:c8:25:c4:40:
15:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:01:A1:47:50:42:13:73:98:D3:89:72:A8:61:06:9E:D7:5A:AE:F2
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/-AGhR1BCE3OY04lyqGEGntdarvI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3c:61:13:d9:be:61:53:f9:11:86:a7:2a:ef:70:69:22:57:6a:
10:20:c4:be:39:d2:e6:fd:fc:d9:60:c7:e1:57:42:7a:f0:e8:
75:d9:ee:78:ec:0b:41:b3:5a:46:76:1c:96:f4:20:d6:88:d4:
6f:0a:be:96:43:69:37:14:6c:72:72:1a:14:94:09:69:0f:f0:
af:43:4b:e0:0a:ce:6f:a7:5c:0b:f8:6e:cf:22:43:c1:72:ad:
44:7c:b6:60:f6:e2:a3:0d:78:e8:f1:09:07:6b:7d:21:0f:1f:
2f:20:3b:f2:bc:4a:b2:33:97:ba:6d:b7:b9:6c:14:c1:dc:1c:
df:a5:ef:64:60:e8:54:2c:0f:4d:49:d4:e1:ec:74:15:d9:31:
e1:f4:6a:24:bf:e5:2e:50:10:ec:dd:bf:0d:68:8e:43:a0:6c:
12:29:77:a4:86:9c:c6:73:4c:93:4a:24:fd:a1:f0:c2:6a:6a:
d6:09:58:c1:72:30:2b:de:9a:29:e1:84:8f:7c:7d:60:de:1d:
18:a6:0f:9c:e9:b9:9a:ab:1c:6a:1f:0e:99:dd:fe:33:69:25:
30:a5:75:e0:02:cb:f0:d8:fd:f1:3a:fc:4a:7d:5d:41:5a:3f:
df:49:f5:60:5b:b7:20:3d:dd:75:61:ac:7a:40:9a:06:3b:49:
1c:a7:7e:60
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICG9IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDQw
MzU0MTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY4MDFBMTQ3NTA0MjEz
NzM5OEQzODk3MkE4NjEwNjlFRDc1QUFFRjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCiEragJ/ytsg8+kTaVapJof8I0jXqDsqFxNoCiDM3n3xcfa17E
aGhF7Hf23yKXtH8xavqGeH/SRVOFg4nJkBsRMD9SmpFyg7eIN94oKSEZwvEFYYo8
0uut+Beo1dZPY6Cf5XhO2nevE1nDZ0iJ9QIzmUNFG0C1Ym2WGxUpaUlYO6FpCehd
Ws4b+FjjF3CwV6gTDyFqOgdnvC0WewmR2M/Nh+14206GTZky0CgmSUaQR+Zs6yUJ
wDpWWPPOXwn4VqkDFjs0X1+U+ShanHCEAWNnV67MVnn0L6gpuN53xmhJL7d0+y9O
fCFqhT412uT1/jJy6CBZqCUtGD87yCXEQBU/AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU+AGhR1BCE3OY04lyqGEGntdarvIwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLy1BR2hSMUJDRTNPWTA0
bHlxR0VHbnRkYXJ2SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAPGET2b5hU/kRhqcq73BpIldqECDEvjnS
5v382WDH4VdCevDoddnueOwLQbNaRnYclvQg1ojUbwq+lkNpNxRscnIaFJQJaQ/w
r0NL4ArOb6dcC/huzyJDwXKtRHy2YPbiow146PEJB2t9IQ8fLyA78rxKsjOXum23
uWwUwdwc36XvZGDoVCwPTUnU4ex0Fdkx4fRqJL/lLlAQ7N2/DWiOQ6BsEil3pIac
xnNMk0ok/aHwwmpq1glYwXIwK96aKeGEj3x9YN4dGKYPnOm5mqscah8Omd3+M2kl
MKV14ALL8Nj98Tr8Sn1dQVo/30n1YFu3ID3ddWGsekCaBjtJHKd+YA==
-----END CERTIFICATE-----
Generated at Sat May 4 05:47:13 2024 by rpki-client on console-ams.rpki-client.org