Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/2vZvlC1aap_zfl4AvqkCgisBqOE.roa
File: 2vZvlC1aap_zfl4AvqkCgisBqOE.roa (raw, json)
Hash identifier: YSn4iMMHBU5KSUMLu2jfdD1cgrCn0wwJyC5Q1ZAD0r0=
Subject key identifier: DA:F6:6F:94:2D:5A:6A:9F:F3:7E:5E:00:BE:A9:02:82:2B:01:A8:E1
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 116A
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/2vZvlC1aap_zfl4AvqkCgisBqOE.roa
Signing time: Sat 06 Apr 2024 09:52:52 +0000
ROA not before: Sat 06 Apr 2024 09:52:52 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4458 (0x116a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 6 09:52:52 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DAF66F942D5A6A9FF37E5E00BEA902822B01A8E1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:dd:fc:f7:92:11:99:76:d2:4f:1f:9f:64:1d:
df:24:63:86:48:9b:b8:cd:de:61:3d:03:64:c6:c8:
90:aa:09:7d:3a:fa:ac:d4:83:bd:d1:a9:3d:dd:03:
61:b4:6c:f5:56:74:0f:ac:2e:21:75:7a:50:ac:7c:
ef:02:af:14:c8:99:ff:35:59:c0:84:27:22:00:ca:
ce:f3:0c:e3:f5:9e:a2:07:8c:bd:bf:07:92:6c:0c:
01:ce:46:77:ca:3a:55:ce:d5:e2:7b:4c:c4:f6:fe:
6a:7d:b0:b6:2e:49:d5:8f:aa:49:ba:1d:2b:f0:66:
3d:54:05:ed:83:01:39:75:c9:b5:7f:49:8e:20:ff:
f8:73:12:7e:51:15:a8:05:d7:ca:64:57:ac:be:4e:
a9:7d:6d:b8:28:e4:9c:aa:84:05:6c:c8:85:f7:d0:
ec:83:0e:10:6a:24:05:66:e3:3a:b7:0f:6b:cf:8a:
de:8c:c8:0a:b3:da:45:3c:42:17:49:fc:c6:c4:04:
c3:59:c9:50:2b:ba:54:3f:c4:e2:93:88:a0:07:16:
0b:73:5b:ab:03:02:90:2f:b2:89:46:5c:5f:f4:11:
3d:d8:d5:41:d7:c7:5a:03:7e:90:c9:35:3a:c4:e0:
67:2b:49:64:b5:de:d7:41:e9:d2:13:2e:5a:3e:f3:
33:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:F6:6F:94:2D:5A:6A:9F:F3:7E:5E:00:BE:A9:02:82:2B:01:A8:E1
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/2vZvlC1aap_zfl4AvqkCgisBqOE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d9:5d:e3:2e:03:5e:09:7d:fb:d0:13:b3:45:97:5d:52:c7:d2:
a3:ee:1a:e5:08:1f:e9:a5:ad:80:60:77:04:9e:08:4f:39:ed:
11:43:57:18:1e:5c:99:0b:20:8c:6c:bc:99:95:ae:ad:d4:9a:
0a:f8:94:99:43:d2:1e:7b:42:c6:2f:3b:25:ea:ca:02:12:6d:
82:c2:54:dc:1a:a8:8c:89:21:f8:5a:29:25:f7:ad:d9:9b:28:
6c:ff:9e:89:72:90:db:11:db:fc:84:36:2d:87:16:67:1c:a2:
fb:5d:70:31:db:c2:c1:9a:0a:6a:eb:05:5e:f1:fb:3e:1d:cf:
4d:cb:e7:13:ca:3a:5b:a8:da:ed:e4:db:a6:ba:f2:4b:86:91:
ed:36:7e:f1:ef:d2:0f:05:21:9f:36:b7:90:8c:2b:df:9c:2b:
fb:0b:d9:6d:9c:35:c6:2b:b3:30:c2:74:01:92:5f:a1:ca:31:
bd:30:3d:0e:83:6b:69:dd:74:10:6e:36:a3:6f:ed:32:4b:ed:
ca:09:a7:6a:84:08:88:e9:33:5b:a9:d3:28:af:a6:c9:b9:4c:
ac:1b:5f:4b:dd:94:cf:e5:2f:4d:32:0a:e4:eb:3a:be:c4:46:
ec:b8:69:d9:c5:ab:38:cf:0d:2d:2d:9c:6d:2a:eb:4d:d3:2d:
b8:c9:eb:47
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEWowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDYw
OTUyNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERBRjY2Rjk0MkQ1QTZB
OUZGMzdFNUUwMEJFQTkwMjgyMkIwMUE4RTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCi3fz3khGZdtJPH59kHd8kY4ZIm7jN3mE9A2TGyJCqCX06+qzU
g73RqT3dA2G0bPVWdA+sLiF1elCsfO8CrxTImf81WcCEJyIAys7zDOP1nqIHjL2/
B5JsDAHORnfKOlXO1eJ7TMT2/mp9sLYuSdWPqkm6HSvwZj1UBe2DATl1ybV/SY4g
//hzEn5RFagF18pkV6y+Tql9bbgo5JyqhAVsyIX30OyDDhBqJAVm4zq3D2vPit6M
yAqz2kU8QhdJ/MbEBMNZyVArulQ/xOKTiKAHFgtzW6sDApAvsolGXF/0ET3Y1UHX
x1oDfpDJNTrE4GcrSWS13tdB6dITLlo+8zMpAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU2vZvlC1aap/zfl4AvqkCgisBqOEwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzJ2WnZsQzFhYXBfemZs
NEF2cWtDZ2lzQnFPRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEA2V3jLgNeCX370BOzRZddUsfSo+4a5Qgf
6aWtgGB3BJ4ITzntEUNXGB5cmQsgjGy8mZWurdSaCviUmUPSHntCxi87JerKAhJt
gsJU3BqojIkh+FopJfet2ZsobP+eiXKQ2xHb/IQ2LYcWZxyi+11wMdvCwZoKausF
XvH7Ph3PTcvnE8o6W6ja7eTbprryS4aR7TZ+8e/SDwUhnza3kIwr35wr+wvZbZw1
xiuzMMJ0AZJfocoxvTA9DoNrad10EG42o2/tMkvtygmnaoQIiOkzW6nTKK+myblM
rBtfS92Uz+UvTTIK5Os6vsRG7Lhp2cWrOM8NLS2cbSrrTdMtuMnrRw==
-----END CERTIFICATE-----
Generated at Sat Apr 6 11:35:12 2024 by rpki-client on console-fra.rpki-client.org