Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/0rIgwwmS-H3GRwgqc-Tj3MwupOo.roa
File: 0rIgwwmS-H3GRwgqc-Tj3MwupOo.roa (raw, json)
Hash identifier: MLqbuJjOwgoRh5zSribMVLSV/pz29kGPnISjcPm4uLw=
Subject key identifier: D2:B2:20:C3:09:92:F8:7D:C6:47:08:2A:73:E4:E3:DC:CC:2E:A4:EA
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1152
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/0rIgwwmS-H3GRwgqc-Tj3MwupOo.roa
Signing time: Sat 06 Apr 2024 03:52:51 +0000
ROA not before: Sat 06 Apr 2024 03:52:51 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4434 (0x1152)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 6 03:52:51 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D2B220C30992F87DC647082A73E4E3DCCC2EA4EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:fe:f2:f4:b8:1d:7b:8f:c6:75:e9:33:8a:cd:
b9:e7:54:28:77:3d:b3:ca:20:02:02:01:cf:9a:4d:
8f:5b:4e:0e:60:ec:8f:2b:eb:13:b9:35:9f:b1:a9:
c8:0e:e3:e4:57:10:67:14:fe:40:b0:3e:5b:6f:6d:
06:b2:dc:9f:68:b5:7d:c3:95:09:17:64:9c:5e:ee:
9c:23:a0:3d:1d:dd:65:bf:11:4d:e8:07:b7:59:68:
be:a7:0e:1f:29:f2:a1:f9:5e:43:48:30:f1:c6:05:
53:a1:00:d3:1c:c5:43:f2:6a:79:01:c6:b3:27:60:
5a:ca:bb:48:52:37:f5:81:84:7c:35:6a:23:cc:3e:
17:ca:38:6e:86:1c:44:0e:c4:5a:f1:18:a2:e7:13:
3a:8e:c0:4a:92:56:c8:da:6e:fe:03:4c:82:2b:92:
f1:6c:c4:0a:66:56:b7:f2:6a:07:36:c5:16:ce:80:
85:9e:47:58:c7:b7:03:f0:36:a0:30:43:7c:57:cd:
f4:79:de:14:11:d8:bf:9a:6e:02:66:33:d8:a7:f3:
49:de:e7:d4:d0:34:c6:09:28:21:09:eb:5b:fd:68:
b8:e1:87:fa:7c:8d:f1:9b:4e:59:53:61:95:79:18:
43:ef:e1:be:5d:a4:c7:92:c2:b5:82:af:f9:3c:02:
3e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:B2:20:C3:09:92:F8:7D:C6:47:08:2A:73:E4:E3:DC:CC:2E:A4:EA
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/0rIgwwmS-H3GRwgqc-Tj3MwupOo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
73:bf:ac:72:f9:6e:ff:d5:34:e4:94:47:36:71:a7:3b:51:07:
d2:63:dc:fe:8f:b1:f8:dc:d5:0a:fe:9a:95:57:46:bc:d5:59:
23:14:31:e7:77:41:20:81:2d:c2:29:93:dd:00:45:a4:94:af:
f6:d8:23:1b:9c:8a:89:f9:d1:ee:a7:b3:9f:b0:b5:31:f3:1e:
42:2c:4f:a9:88:8c:39:7a:5d:a9:8a:d7:6f:3b:30:97:e5:a7:
48:01:25:23:50:5e:0e:01:f4:c1:59:2f:b5:7f:89:c9:5d:3f:
8e:d4:45:8c:8c:ff:2b:b6:dd:b4:f4:29:e5:1b:6b:7a:36:39:
36:04:0d:fa:73:5d:ac:45:41:dd:f9:35:3c:b6:88:42:9d:44:
9d:09:67:c2:57:fe:6b:23:9b:4f:4a:84:c7:c4:80:a7:19:b6:
7a:34:f8:b8:57:1a:35:d6:a2:3d:c5:ee:aa:b9:5c:e2:d1:cb:
4d:52:35:f7:33:0d:aa:94:be:c8:d2:30:0d:3a:d6:ee:3d:11:
ce:16:b6:6e:2c:8b:e0:e8:b8:9d:16:09:fc:39:92:b8:0c:72:
18:8d:93:4d:02:13:a5:90:06:93:50:16:22:5b:1d:db:c0:a6:
05:70:04:9a:de:d5:2f:8e:7e:b5:b1:f8:54:02:35:30:f0:ce:
dc:69:d7:95
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEVIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDYw
MzUyNTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQyQjIyMEMzMDk5MkY4
N0RDNjQ3MDgyQTczRTRFM0RDQ0MyRUE0RUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDY/vL0uB17j8Z16TOKzbnnVCh3PbPKIAICAc+aTY9bTg5g7I8r
6xO5NZ+xqcgO4+RXEGcU/kCwPltvbQay3J9otX3DlQkXZJxe7pwjoD0d3WW/EU3o
B7dZaL6nDh8p8qH5XkNIMPHGBVOhANMcxUPyankBxrMnYFrKu0hSN/WBhHw1aiPM
PhfKOG6GHEQOxFrxGKLnEzqOwEqSVsjabv4DTIIrkvFsxApmVrfyagc2xRbOgIWe
R1jHtwPwNqAwQ3xXzfR53hQR2L+abgJmM9in80ne59TQNMYJKCEJ61v9aLjhh/p8
jfGbTllTYZV5GEPv4b5dpMeSwrWCr/k8Aj57AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU0rIgwwmS+H3GRwgqc+Tj3MwupOowHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzBySWd3d21TLUgzR1J3
Z3FjLVRqM013dXBPby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAc7+scvlu/9U05JRHNnGnO1EH0mPc/o+x
+NzVCv6alVdGvNVZIxQx53dBIIEtwimT3QBFpJSv9tgjG5yKifnR7qezn7C1MfMe
QixPqYiMOXpdqYrXbzswl+WnSAElI1BeDgH0wVkvtX+JyV0/jtRFjIz/K7bdtPQp
5RtrejY5NgQN+nNdrEVB3fk1PLaIQp1EnQlnwlf+ayObT0qEx8SApxm2ejT4uFca
NdaiPcXuqrlc4tHLTVI19zMNqpS+yNIwDTrW7j0Rzha2biyL4Oi4nRYJ/DmSuAxy
GI2TTQITpZAGk1AWIlsd28CmBXAEmt7VL45+tbH4VAI1MPDO3GnXlQ==
-----END CERTIFICATE-----
Generated at Sat Apr 6 09:01:07 2024 by rpki-client on console-ams.rpki-client.org