Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/1Usn0qhkPCDE38vDNp5hX_z7Xfs.roa
File: 1Usn0qhkPCDE38vDNp5hX_z7Xfs.roa (raw, json)
Hash identifier: uM3I0BcBeo8/hUfkiJCeB8mrxnDDFyybbcOJvkOJOMc=
Subject key identifier: D5:4B:27:D2:A8:64:3C:20:C4:DF:CB:C3:36:9E:61:5F:FC:FB:5D:FB
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 10BE
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/1Usn0qhkPCDE38vDNp5hX_z7Xfs.roa
Signing time: Thu 04 Apr 2024 14:52:48 +0000
ROA not before: Thu 04 Apr 2024 14:52:48 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4286 (0x10be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 4 14:52:48 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D54B27D2A8643C20C4DFCBC3369E615FFCFB5DFB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e5:3b:40:8a:53:cf:e8:81:16:70:06:71:10:
70:bf:f2:b8:e2:a2:0d:b4:5e:05:88:73:b0:d2:bb:
ea:d9:12:f5:8e:96:a6:e4:b6:42:73:a1:7c:0b:d0:
37:a6:cd:f1:c5:b8:f8:38:f0:2c:27:30:8c:bd:be:
30:7f:2f:2c:70:95:85:25:48:53:9e:d2:80:d2:f0:
dc:7a:f3:20:f7:b2:17:7d:1e:3e:15:76:c8:d0:e1:
a3:f7:8d:0d:16:fa:d0:d2:8f:d2:db:9b:55:4c:5f:
ca:02:68:5f:70:a1:60:56:5e:53:ba:76:f4:8b:8d:
6f:5b:52:92:cd:f3:81:99:f8:1b:15:8d:84:85:ec:
8d:d4:5a:bb:d9:a3:31:39:b2:c8:79:d5:81:d8:e9:
e8:35:fb:72:bf:15:7d:e6:e1:9a:a3:1f:1d:26:44:
b5:56:cc:57:3c:bf:93:78:73:73:99:54:ee:ad:d7:
fb:52:f8:63:b9:cf:04:75:65:f7:4c:d4:08:32:61:
7e:c6:e7:94:84:37:ba:59:2b:28:6e:39:73:d9:df:
5b:3a:36:3a:bb:81:ef:91:4e:9a:67:54:fa:42:9b:
40:fc:3f:79:74:fb:c3:a8:d0:a6:d2:89:69:e3:f3:
34:3f:b3:5e:40:f8:21:a0:2e:36:98:df:2e:ea:05:
10:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:4B:27:D2:A8:64:3C:20:C4:DF:CB:C3:36:9E:61:5F:FC:FB:5D:FB
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/1Usn0qhkPCDE38vDNp5hX_z7Xfs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7c:d3:c9:a4:7b:ff:a9:0f:7b:13:2e:6b:d3:f2:09:5b:4f:7f:
5e:d0:c3:73:73:81:5a:1f:05:48:09:a9:55:62:b9:79:19:a4:
37:c3:d1:fa:34:e6:17:ad:49:fc:47:4c:ea:4a:21:4d:84:65:
99:1e:24:b0:03:4c:f1:b6:77:ae:d5:31:be:e3:94:16:e1:6d:
8d:18:d1:a9:be:70:97:37:50:83:7f:24:40:cf:78:e3:4a:03:
62:4f:5a:d4:8d:5f:8c:82:c8:07:c1:fa:16:3b:ec:31:49:81:
8a:a5:be:12:f1:6c:e6:41:33:81:3a:02:72:b2:b9:58:2b:45:
37:e0:05:65:c0:00:98:da:88:d9:45:18:f1:98:94:4d:a3:a0:
c1:43:de:86:cb:48:11:a1:1c:bb:33:51:42:52:5e:7b:a4:3f:
57:de:51:08:7b:09:24:86:ef:6c:8c:ae:56:ec:44:45:c3:95:
11:a2:f7:ba:bf:d6:24:91:fc:67:c1:bd:8d:3a:c9:43:8a:32:
d3:2b:d3:27:20:5e:f1:ec:d9:e3:75:d1:7c:cf:10:ad:a6:a5:
dd:a5:49:d1:80:7b:ab:b6:d9:ac:c8:30:c3:ff:52:7f:8e:fb:
55:38:49:d6:a8:10:e7:7d:a2:97:52:0a:97:ab:c2:36:b4:e4:
3d:14:8b:c0
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEL4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDQx
NDUyNDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ1NEIyN0QyQTg2NDND
MjBDNERGQ0JDMzM2OUU2MTVGRkNGQjVERkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCq5TtAilPP6IEWcAZxEHC/8rjiog20XgWIc7DSu+rZEvWOlqbk
tkJzoXwL0DemzfHFuPg48CwnMIy9vjB/LyxwlYUlSFOe0oDS8Nx68yD3shd9Hj4V
dsjQ4aP3jQ0W+tDSj9Lbm1VMX8oCaF9woWBWXlO6dvSLjW9bUpLN84GZ+BsVjYSF
7I3UWrvZozE5ssh51YHY6eg1+3K/FX3m4ZqjHx0mRLVWzFc8v5N4c3OZVO6t1/tS
+GO5zwR1ZfdM1AgyYX7G55SEN7pZKyhuOXPZ31s6Njq7ge+RTppnVPpCm0D8P3l0
+8Oo0KbSiWnj8zQ/s15A+CGgLjaY3y7qBRAxAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU1Usn0qhkPCDE38vDNp5hX/z7XfswHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzFVc24wcWhrUENERTM4
dkROcDVoWF96N1hmcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAfNPJpHv/qQ97Ey5r0/IJW09/XtDDc3OB
Wh8FSAmpVWK5eRmkN8PR+jTmF61J/EdM6kohTYRlmR4ksANM8bZ3rtUxvuOUFuFt
jRjRqb5wlzdQg38kQM9440oDYk9a1I1fjILIB8H6FjvsMUmBiqW+EvFs5kEzgToC
crK5WCtFN+AFZcAAmNqI2UUY8ZiUTaOgwUPehstIEaEcuzNRQlJee6Q/V95RCHsJ
JIbvbIyuVuxERcOVEaL3ur/WJJH8Z8G9jTrJQ4oy0yvTJyBe8ezZ43XRfM8Qraal
3aVJ0YB7q7bZrMgww/9Sf477VThJ1qgQ532il1IKl6vCNrTkPRSLwA==
-----END CERTIFICATE-----
Generated at Thu Apr 4 20:21:27 2024 by rpki-client on console-fra.rpki-client.org