Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/29CLgsmdAPmDiUodbjNstKiarHU.roa
File: 29CLgsmdAPmDiUodbjNstKiarHU.roa (raw, json)
Hash identifier: EVam0019BmZgoCu/+PldeNDm9mQ+tk4sGPtbnkuA3Og=
Subject key identifier: DB:D0:8B:82:C9:9D:00:F9:83:89:4A:1D:6E:33:6C:B4:A8:9A:AC:75
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 17F2
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/29CLgsmdAPmDiUodbjNstKiarHU.roa
Signing time: Tue 23 Apr 2024 19:53:39 +0000
ROA not before: Tue 23 Apr 2024 19:53:39 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6130 (0x17f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 23 19:53:39 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DBD08B82C99D00F983894A1D6E336CB4A89AAC75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:55:73:92:48:93:e5:c3:0b:8d:1f:ab:e6:77:
9a:37:d5:90:15:9a:fd:f5:80:66:85:ff:33:49:b2:
c6:90:ee:5d:b8:5a:9c:dd:f1:90:ca:3b:d9:01:97:
30:2c:3d:c7:a6:9d:9b:17:d8:1c:e3:a4:aa:d1:a6:
49:ec:2f:31:9d:66:4b:df:c6:9e:2d:83:9d:28:fe:
67:fa:7e:02:d2:ab:6a:a6:de:43:83:c5:d1:9f:84:
38:d0:aa:38:35:b2:ad:2d:75:34:13:03:ab:cc:5c:
35:5c:11:86:7d:b9:1d:8e:c4:81:c2:a0:c8:60:59:
a6:12:5b:a4:13:5d:0e:72:e8:7d:37:4f:73:44:d7:
3e:f9:80:36:9c:2e:30:5f:1d:7e:4d:21:0c:67:19:
04:d8:2c:52:0a:e1:c6:e4:d2:24:ba:b9:3a:98:e6:
36:1f:79:3d:0c:2e:09:f8:bf:05:f5:8a:38:2c:0a:
22:8e:b4:ca:9e:0d:a8:56:9f:a4:c3:69:b7:19:75:
92:fe:07:c5:6b:93:14:e5:d0:fb:7e:5c:57:61:14:
ae:79:4b:50:8c:86:95:0f:ca:84:7d:16:9f:08:41:
22:c0:9b:d0:5f:77:ca:7a:80:a2:c4:b3:73:1a:5e:
c4:46:54:31:86:41:7a:5c:fe:a6:b4:c3:0c:11:40:
76:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:D0:8B:82:C9:9D:00:F9:83:89:4A:1D:6E:33:6C:B4:A8:9A:AC:75
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/29CLgsmdAPmDiUodbjNstKiarHU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b0:aa:6c:48:1d:92:d1:3a:3b:c3:a7:a9:09:2e:49:db:bf:a6:
eb:96:ad:36:bc:43:3c:1e:81:f0:43:90:33:55:24:ae:c5:cc:
50:44:a7:be:82:1e:96:ad:6c:7e:d2:71:81:bf:eb:26:69:a5:
e2:40:e9:42:6b:1f:10:a9:dd:09:dd:b6:ac:7c:d3:f9:3c:dc:
5a:a0:38:cb:00:83:90:da:66:66:5b:83:5e:5c:70:01:50:08:
5d:b2:2d:9e:dc:3d:d3:e9:ed:40:74:81:89:07:a7:63:b7:a6:
0d:3b:5c:ee:f2:70:4d:e9:7d:93:dd:0e:49:33:d2:83:35:d0:
f1:11:23:78:2e:f2:eb:c3:6f:16:e1:d1:7d:aa:70:f1:4d:e1:
1b:80:4f:fe:0d:6c:81:2e:af:fa:7a:e1:4d:48:8f:0c:ee:1d:
d0:bd:6d:25:f4:60:da:ec:62:32:a5:76:03:fd:63:3f:76:f8:
4b:98:65:b5:79:1f:57:fc:c7:54:4d:dc:2a:97:f4:46:f8:ab:
8b:a3:2e:51:27:c4:52:98:b5:bc:f3:51:0d:30:37:84:14:df:
6f:db:9c:32:81:36:45:d2:27:00:4e:df:61:a3:b6:3f:d2:df:
22:f4:82:06:1a:f8:de:2f:d6:7e:f6:f4:a6:21:c8:27:73:9e:
f7:63:bc:d6
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICF/IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjMx
OTUzMzlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERCRDA4QjgyQzk5RDAw
Rjk4Mzg5NEExRDZFMzM2Q0I0QTg5QUFDNzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7VXOSSJPlwwuNH6vmd5o31ZAVmv31gGaF/zNJssaQ7l24Wpzd
8ZDKO9kBlzAsPcemnZsX2BzjpKrRpknsLzGdZkvfxp4tg50o/mf6fgLSq2qm3kOD
xdGfhDjQqjg1sq0tdTQTA6vMXDVcEYZ9uR2OxIHCoMhgWaYSW6QTXQ5y6H03T3NE
1z75gDacLjBfHX5NIQxnGQTYLFIK4cbk0iS6uTqY5jYfeT0MLgn4vwX1ijgsCiKO
tMqeDahWn6TDabcZdZL+B8VrkxTl0Pt+XFdhFK55S1CMhpUPyoR9Fp8IQSLAm9Bf
d8p6gKLEs3MaXsRGVDGGQXpc/qa0wwwRQHaZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU29CLgsmdAPmDiUodbjNstKiarHUwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzI5Q0xnc21kQVBtRGlV
b2Riak5zdEtpYXJIVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAsKpsSB2S0To7w6epCS5J27+m65atNrxD
PB6B8EOQM1UkrsXMUESnvoIelq1sftJxgb/rJmml4kDpQmsfEKndCd22rHzT+Tzc
WqA4ywCDkNpmZluDXlxwAVAIXbItntw90+ntQHSBiQenY7emDTtc7vJwTel9k90O
STPSgzXQ8REjeC7y68NvFuHRfapw8U3hG4BP/g1sgS6v+nrhTUiPDO4d0L1tJfRg
2uxiMqV2A/1jP3b4S5hltXkfV/zHVE3cKpf0Rviri6MuUSfEUpi1vPNRDTA3hBTf
b9ucMoE2RdInAE7fYaO2P9LfIvSCBhr43i/Wfvb0piHIJ3Oe92O81g==
-----END CERTIFICATE-----
Generated at Tue Apr 23 21:39:44 2024 by rpki-client on console-fra.rpki-client.org