Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/1IjWagxxJcFZXX39CsDoxCqHzgI.roa
File: 1IjWagxxJcFZXX39CsDoxCqHzgI.roa (raw, json)
Hash identifier: aw9LHSjgVCxKBA9J0IkZ5Ggb1kkV7XurcRA79Kmgmrs=
Subject key identifier: D4:88:D6:6A:0C:71:25:C1:59:5D:7D:FD:0A:C0:E8:C4:2A:87:CE:02
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1436
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/1IjWagxxJcFZXX39CsDoxCqHzgI.roa
Signing time: Sat 13 Apr 2024 20:53:15 +0000
ROA not before: Sat 13 Apr 2024 20:53:15 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5174 (0x1436)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 13 20:53:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D488D66A0C7125C1595D7DFD0AC0E8C42A87CE02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:da:a4:c2:1a:07:c9:dc:55:c6:70:ce:9c:b2:
d9:25:a4:2d:95:7a:78:24:50:43:90:22:c1:f7:37:
43:db:5f:8d:e9:b0:7f:be:ac:22:59:21:89:82:8b:
76:02:d7:50:2d:5b:18:0c:27:b9:6e:df:66:99:4e:
b8:1e:bd:11:6d:8a:f3:44:2b:c8:51:44:47:40:ac:
c3:91:40:3d:46:37:0f:43:be:7d:a8:0c:d6:3a:03:
7d:64:00:2b:1f:c6:aa:47:7b:c2:99:08:b9:e7:cc:
e0:b5:3a:a0:58:72:e2:9e:6e:4b:ec:c7:bb:80:37:
f8:41:43:ea:b0:9d:30:ff:70:7e:c1:c0:06:54:ff:
48:f2:c3:90:d9:64:84:21:a6:4e:28:95:68:5d:42:
69:ce:c3:9a:3c:ca:9e:4e:26:d6:3f:78:84:af:10:
46:33:99:ea:e6:a7:c1:a6:7b:e9:d2:f6:ee:fe:92:
5b:5d:9a:88:d0:b8:84:fe:65:42:04:5a:09:53:f1:
96:b4:42:cf:c1:a2:f4:cb:0b:4a:5d:c1:47:47:11:
c0:c8:ac:11:c6:e6:73:98:68:c1:e9:20:47:f0:23:
36:f2:93:c4:79:f2:a5:61:33:7f:62:34:74:f7:a8:
57:b8:80:4f:48:20:14:2e:c3:4e:06:81:d4:4a:da:
bf:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:88:D6:6A:0C:71:25:C1:59:5D:7D:FD:0A:C0:E8:C4:2A:87:CE:02
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/1IjWagxxJcFZXX39CsDoxCqHzgI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
11:2b:8c:2a:2c:39:c2:80:5d:45:e1:88:d5:99:b1:ed:d6:93:
ea:51:79:cb:98:db:dc:2f:7e:fa:d8:ad:b4:a6:8b:58:1d:4f:
33:65:e1:aa:19:7d:e6:da:89:02:e2:47:05:1c:4c:c0:85:fe:
f4:37:17:9d:d3:e7:b6:90:57:66:88:0d:db:27:61:e6:0c:f5:
51:82:2c:a5:af:6a:cd:0b:5d:57:c8:54:17:de:e6:83:01:dd:
04:1c:43:0c:20:e7:2f:a6:83:e4:ae:7c:05:c8:4c:32:b4:05:
17:a7:bf:b8:17:92:3b:e4:10:45:6b:07:ab:d5:b7:d9:34:ab:
a7:d6:3c:73:17:99:dc:86:0a:d6:95:78:b7:a0:32:fd:50:48:
c6:4f:60:d1:d1:b8:f5:a8:c3:06:70:d9:a2:53:e5:cf:ba:03:
78:33:e3:0c:97:7a:23:60:d7:16:eb:ea:d3:b3:4c:7a:59:b4:
8e:27:36:e6:c9:20:83:bf:b6:59:cd:cd:d1:b5:a4:bd:96:b1:
96:d3:15:7c:c7:59:64:64:7d:4d:28:94:06:07:ec:d6:b7:98:
5d:f4:60:cd:36:8e:88:5a:6e:e8:93:ef:6e:36:20:42:1b:d1:
74:5d:fc:2b:61:5c:e2:71:c3:47:7c:ed:6c:3d:aa:d2:16:52:
2d:c2:8c:10
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFDYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTMy
MDUzMTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ0ODhENjZBMEM3MTI1
QzE1OTVEN0RGRDBBQzBFOEM0MkE4N0NFMDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDX2qTCGgfJ3FXGcM6cstklpC2VengkUEOQIsH3N0PbX43psH++
rCJZIYmCi3YC11AtWxgMJ7lu32aZTrgevRFtivNEK8hRREdArMORQD1GNw9Dvn2o
DNY6A31kACsfxqpHe8KZCLnnzOC1OqBYcuKebkvsx7uAN/hBQ+qwnTD/cH7BwAZU
/0jyw5DZZIQhpk4olWhdQmnOw5o8yp5OJtY/eISvEEYzmermp8Gme+nS9u7+kltd
mojQuIT+ZUIEWglT8Za0Qs/BovTLC0pdwUdHEcDIrBHG5nOYaMHpIEfwIzbyk8R5
8qVhM39iNHT3qFe4gE9IIBQuw04GgdRK2r9zAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU1IjWagxxJcFZXX39CsDoxCqHzgIwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzFJaldhZ3h4SmNGWlhY
MzlDc0RveENxSHpnSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAESuMKiw5woBdReGI1Zmx7daT6lF5y5jb
3C9++tittKaLWB1PM2Xhqhl95tqJAuJHBRxMwIX+9DcXndPntpBXZogN2ydh5gz1
UYIspa9qzQtdV8hUF97mgwHdBBxDDCDnL6aD5K58BchMMrQFF6e/uBeSO+QQRWsH
q9W32TSrp9Y8cxeZ3IYK1pV4t6Ay/VBIxk9g0dG49ajDBnDZolPlz7oDeDPjDJd6
I2DXFuvq07NMelm0jic25skgg7+2Wc3N0bWkvZaxltMVfMdZZGR9TSiUBgfs1reY
XfRgzTaOiFpu6JPvbjYgQhvRdF38K2Fc4nHDR3ztbD2q0hZSLcKMEA==
-----END CERTIFICATE-----
Generated at Sun Apr 14 00:24:00 2024 by rpki-client on console-ams.rpki-client.org