Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/2DD098V-rOoKHon-jCbcYauqX8s.roa
File: 2DD098V-rOoKHon-jCbcYauqX8s.roa (raw, json)
Hash identifier: ZAHbJ9iH+iBm/wZp8jCrkzuy31ZVOYhB29KrWKnAGDw=
Subject key identifier: D8:30:F4:F7:C5:7E:AC:EA:0A:1E:89:FE:8C:26:DC:61:AB:AA:5F:CB
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1C08
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/2DD098V-rOoKHon-jCbcYauqX8s.roa
Signing time: Sat 04 May 2024 17:24:12 +0000
ROA not before: Sat 04 May 2024 17:24:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7176 (0x1c08)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 4 17:24:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=D830F4F7C57EACEA0A1E89FE8C26DC61ABAA5FCB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:f5:43:89:e1:78:51:c9:b9:48:74:10:5c:47:
0c:91:47:f8:67:f7:97:06:46:5b:f5:1a:0e:de:8a:
a9:d5:b3:cb:d8:9c:63:88:0e:37:3c:4b:0b:3e:91:
6f:37:20:e5:35:5c:02:ae:49:e5:88:22:26:19:e3:
a4:66:a3:76:b7:28:c1:a9:c8:08:93:e0:da:91:32:
46:ae:ba:d4:e0:54:93:e7:da:f8:bf:4b:30:78:49:
4e:dd:66:a2:9f:87:6d:20:f1:d3:ad:18:f6:45:30:
1d:a5:82:e7:e1:7a:66:fd:44:ac:cc:a1:2f:10:6f:
9c:d4:e7:26:e2:a0:3c:65:9f:3a:2b:b7:8c:af:62:
db:7d:a9:12:4b:8f:d3:f6:e3:57:32:d1:01:a3:dc:
d8:10:84:34:cc:a0:08:73:db:62:d6:5a:e2:d3:65:
ec:33:92:b9:16:09:8a:ee:5b:27:65:ce:9f:b4:be:
41:bc:13:42:61:08:b7:29:56:68:c7:ac:05:01:c7:
c5:bc:16:31:dc:fd:96:7e:f1:b0:69:64:19:0e:75:
7a:e8:2b:55:11:cc:3d:b4:42:9c:11:fe:7f:2c:7c:
01:1a:cf:a4:dc:84:08:1a:eb:1c:6b:da:79:a8:e2:
48:59:0e:24:4b:04:88:9c:af:de:68:59:17:7d:1d:
4e:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:30:F4:F7:C5:7E:AC:EA:0A:1E:89:FE:8C:26:DC:61:AB:AA:5F:CB
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/2DD098V-rOoKHon-jCbcYauqX8s.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c1:08:60:67:54:5e:b7:47:06:2b:67:3c:8f:7f:d8:34:43:de:
3e:75:e7:2d:a3:d6:8a:e0:ef:f9:4e:7f:f2:54:4a:15:8b:3f:
3b:eb:ad:e7:48:8e:02:49:71:11:6b:74:2d:fc:a0:0f:08:e3:
d6:9d:2b:16:84:7c:c2:23:0b:37:8b:4e:70:46:94:b5:88:22:
9b:ae:a6:9d:eb:7b:14:d6:ca:29:5d:e1:0c:d2:8e:8e:dc:97:
6c:31:c4:90:e7:d2:a0:63:b7:80:92:a8:ad:4d:ce:48:84:fb:
fd:4b:23:71:3e:c8:e8:ff:15:23:71:3d:3c:1b:c7:0d:89:48:
b0:69:dc:28:8f:4a:e1:dc:74:7a:83:1d:58:54:80:d8:47:32:
30:3e:65:62:cf:b6:b7:8e:ef:38:45:a7:36:8a:e6:40:ca:88:
0e:de:05:08:a4:92:c5:aa:f2:32:63:4e:c5:b2:61:3a:6e:62:
06:60:c9:42:f2:3b:0b:9f:5b:12:35:08:30:e3:7d:dd:e1:39:
b5:77:e1:de:2a:b9:5e:18:93:98:5b:8b:5e:64:4e:8a:4c:fe:
47:b4:b6:36:27:35:c1:38:9e:7e:62:a4:fc:6c:02:eb:e1:a8:
30:5f:54:80:a7:db:bf:2c:de:11:99:d2:68:44:50:0c:90:ae:
93:78:9a:ef
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICHAgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDQx
NzI0MTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQ4MzBGNEY3QzU3RUFD
RUEwQTFFODlGRThDMjZEQzYxQUJBQTVGQ0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDf9UOJ4XhRyblIdBBcRwyRR/hn95cGRlv1Gg7eiqnVs8vYnGOI
Djc8Sws+kW83IOU1XAKuSeWIIiYZ46Rmo3a3KMGpyAiT4NqRMkauutTgVJPn2vi/
SzB4SU7dZqKfh20g8dOtGPZFMB2lgufhemb9RKzMoS8Qb5zU5ybioDxlnzort4yv
Ytt9qRJLj9P241cy0QGj3NgQhDTMoAhz22LWWuLTZewzkrkWCYruWydlzp+0vkG8
E0JhCLcpVmjHrAUBx8W8FjHc/ZZ+8bBpZBkOdXroK1URzD20QpwR/n8sfAEaz6Tc
hAga6xxr2nmo4khZDiRLBIicr95oWRd9HU6zAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU2DD098V+rOoKHon+jCbcYauqX8swHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzJERDA5OFYtck9vS0hv
bi1qQ2JjWWF1cVg4cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAwQhgZ1Ret0cGK2c8j3/YNEPePnXnLaPW
iuDv+U5/8lRKFYs/O+ut50iOAklxEWt0LfygDwjj1p0rFoR8wiMLN4tOcEaUtYgi
m66mnet7FNbKKV3hDNKOjtyXbDHEkOfSoGO3gJKorU3OSIT7/UsjcT7I6P8VI3E9
PBvHDYlIsGncKI9K4dx0eoMdWFSA2EcyMD5lYs+2t47vOEWnNormQMqIDt4FCKSS
xaryMmNOxbJhOm5iBmDJQvI7C59bEjUIMON93eE5tXfh3iq5XhiTmFuLXmROikz+
R7S2Nic1wTiefmKk/GwC6+GoMF9UgKfbvyzeEZnSaERQDJCuk3ia7w==
-----END CERTIFICATE-----
Generated at Sat May 4 20:52:57 2024 by rpki-client on console-fra.rpki-client.org