Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/-zOkPkMuZbSdW_utzoVR7UuDb3M.roa
File: -zOkPkMuZbSdW_utzoVR7UuDb3M.roa (raw, json)
Hash identifier: wm4QIiXs4eJm3wIzitd8Tuki1iBZhv5LjKpmZ/N6muA=
Subject key identifier: FB:33:A4:3E:43:2E:65:B4:9D:5B:FB:AD:CE:85:51:ED:4B:83:6F:73
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1822
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/-zOkPkMuZbSdW_utzoVR7UuDb3M.roa
Signing time: Wed 24 Apr 2024 07:53:36 +0000
ROA not before: Wed 24 Apr 2024 07:53:36 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6178 (0x1822)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 24 07:53:36 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=FB33A43E432E65B49D5BFBADCE8551ED4B836F73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a7:2f:32:fe:c8:1d:c0:ae:29:33:8b:88:24:
09:55:d9:ab:ac:ff:05:dc:cf:53:20:a3:2d:1e:4f:
0a:04:6d:ad:c2:66:fc:67:f1:a7:d8:26:30:c9:97:
c7:65:dc:7b:55:36:1b:6d:01:58:41:3f:0f:d9:08:
fb:96:72:4b:f9:f4:a2:d4:a6:65:3e:94:7b:1f:7e:
06:8d:6a:e7:84:39:67:fc:91:76:d8:a2:dd:e7:9a:
06:93:8d:bd:87:17:65:df:42:9d:3e:48:0d:d3:2d:
4a:66:67:db:3a:4b:dc:6e:cf:8f:56:4d:e5:da:54:
0d:03:b5:e5:ba:65:e2:cb:df:72:dd:f9:8c:ca:47:
ea:5d:f2:53:0b:0a:4c:3e:87:85:95:74:c0:aa:9c:
a2:25:38:6f:11:9b:9b:66:8f:3b:7f:c4:88:38:a8:
b3:95:db:48:66:ac:05:30:60:8f:fc:70:ab:57:f3:
bf:c4:66:f9:6e:38:9d:09:a5:40:ad:06:bd:b7:66:
70:bf:34:98:fc:07:4a:da:26:96:ae:4e:af:99:20:
87:04:6a:e2:cb:ee:99:4c:ae:78:ff:07:de:1f:3e:
df:ed:8d:b4:ec:07:f6:2e:99:89:e7:a5:b7:d3:cd:
5e:94:fb:cd:d8:90:c3:1f:4a:12:b6:83:87:bc:b5:
9a:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:33:A4:3E:43:2E:65:B4:9D:5B:FB:AD:CE:85:51:ED:4B:83:6F:73
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/-zOkPkMuZbSdW_utzoVR7UuDb3M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d9:7a:94:7c:f0:2f:9b:eb:64:f8:5b:ce:e7:ff:32:1e:68:9d:
82:45:69:cf:6a:be:ee:13:f0:54:15:e4:62:82:76:f0:ce:39:
db:01:9c:89:33:a6:8d:81:f7:dd:6c:b5:7c:c8:7c:8d:8c:96:
41:75:27:7e:2c:11:54:84:65:b6:78:36:91:bf:c3:2f:56:04:
ec:38:12:45:a5:27:59:e1:a2:67:24:31:43:76:6d:4a:c2:f1:
51:c4:50:b6:6e:22:8a:23:ac:87:9b:95:60:1e:26:9b:34:ec:
c0:66:53:2b:61:3e:21:d6:7b:02:52:d8:3a:48:aa:03:e5:d6:
ef:e6:a6:9c:f3:f4:65:a5:b7:e0:e5:d4:00:f5:56:46:6d:df:
fb:3e:37:ea:48:d6:50:c7:8e:28:71:29:6b:ad:03:74:66:e4:
45:94:5a:69:06:cc:6c:ab:af:19:23:74:ca:55:38:94:56:4a:
7f:cf:b6:2a:07:00:20:60:51:66:bd:34:05:28:90:6c:03:ef:
f6:81:df:86:0d:9d:b1:e5:ac:6d:b5:6b:ad:fb:09:18:42:60:
00:e9:1b:b5:20:66:38:34:99:20:12:f0:db:ff:72:b1:49:0c:
0f:79:63:10:6b:53:7f:b2:7d:b9:9e:67:84:34:7d:70:99:95:
ce:5c:e8:2e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGCIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjQw
NzUzMzZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZCMzNBNDNFNDMyRTY1
QjQ5RDVCRkJBRENFODU1MUVENEI4MzZGNzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2py8y/sgdwK4pM4uIJAlV2aus/wXcz1Mgoy0eTwoEba3CZvxn
8afYJjDJl8dl3HtVNhttAVhBPw/ZCPuWckv59KLUpmU+lHsffgaNaueEOWf8kXbY
ot3nmgaTjb2HF2XfQp0+SA3TLUpmZ9s6S9xuz49WTeXaVA0DteW6ZeLL33Ld+YzK
R+pd8lMLCkw+h4WVdMCqnKIlOG8Rm5tmjzt/xIg4qLOV20hmrAUwYI/8cKtX87/E
ZvluOJ0JpUCtBr23ZnC/NJj8B0raJpauTq+ZIIcEauLL7plMrnj/B94fPt/tjbTs
B/YumYnnpbfTzV6U+83YkMMfShK2g4e8tZqlAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU+zOkPkMuZbSdW/utzoVR7UuDb3MwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLy16T2tQa011WmJTZFdf
dXR6b1ZSN1V1RGIzTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEA2XqUfPAvm+tk+FvO5/8yHmidgkVpz2q+
7hPwVBXkYoJ28M452wGciTOmjYH33Wy1fMh8jYyWQXUnfiwRVIRltng2kb/DL1YE
7DgSRaUnWeGiZyQxQ3ZtSsLxUcRQtm4iiiOsh5uVYB4mmzTswGZTK2E+IdZ7AlLY
OkiqA+XW7+amnPP0ZaW34OXUAPVWRm3f+z436kjWUMeOKHEpa60DdGbkRZRaaQbM
bKuvGSN0ylU4lFZKf8+2KgcAIGBRZr00BSiQbAPv9oHfhg2dseWsbbVrrfsJGEJg
AOkbtSBmODSZIBLw2/9ysUkMD3ljEGtTf7J9uZ5nhDR9cJmVzlzoLg==
-----END CERTIFICATE-----
Generated at Wed Apr 24 11:55:19 2024 by rpki-client on console-fra.rpki-client.org