Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/2xRAar0nJmc8CU2lbnpRkISnYCc.roa
File: 2xRAar0nJmc8CU2lbnpRkISnYCc.roa (raw, json)
Hash identifier: 63+rgrgv2vNlzcrxCSblXgxpG9eBt+QxXuw6oRn5krA=
Subject key identifier: DB:14:40:6A:BD:27:26:67:3C:09:4D:A5:6E:7A:51:90:84:A7:60:27
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 14E0
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/2xRAar0nJmc8CU2lbnpRkISnYCc.roa
Signing time: Mon 15 Apr 2024 15:23:26 +0000
ROA not before: Mon 15 Apr 2024 15:23:26 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5344 (0x14e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 15 15:23:26 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=DB14406ABD2726673C094DA56E7A519084A76027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:3f:2f:8a:08:04:e7:cf:2d:88:9f:4f:87:e4:
c3:99:50:0a:ea:fe:a6:af:a5:74:55:89:73:d9:cf:
59:97:1f:6d:93:74:50:e6:ab:c2:b6:00:96:34:2b:
66:0d:cc:58:32:15:ea:2c:22:b2:4b:79:c8:df:37:
ad:1c:16:ed:45:96:82:81:0c:3a:74:73:f9:b7:d6:
2b:45:d6:db:a2:bd:f5:b5:f9:20:a7:99:f6:df:fd:
c6:a0:17:c3:36:10:36:09:f7:fe:01:c6:1b:1e:a4:
b5:8c:36:8d:73:32:b6:f9:57:2b:06:dd:7e:2a:d6:
50:a0:5b:80:1a:42:7e:fd:b2:2d:aa:f1:43:33:52:
76:98:b3:74:c4:11:63:64:1e:fd:30:7d:46:73:b8:
95:4d:8e:66:b9:9f:82:ed:51:69:14:23:97:ca:3d:
e7:5c:84:f5:76:9b:a5:4d:79:9f:0d:f8:54:e4:50:
df:95:20:51:a3:42:8d:8c:13:18:71:06:ae:80:bc:
e7:12:2c:f1:2e:87:e5:55:e3:d7:ea:6e:65:13:61:
80:19:96:85:42:e2:2f:2a:0e:64:6f:e2:d5:44:b1:
88:4c:f7:d6:8b:d4:69:d0:bf:3e:f4:1f:7a:ba:bd:
cc:35:83:fa:76:6f:e2:d6:28:79:13:25:f9:ef:57:
2b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:14:40:6A:BD:27:26:67:3C:09:4D:A5:6E:7A:51:90:84:A7:60:27
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/2xRAar0nJmc8CU2lbnpRkISnYCc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cb:d8:16:20:12:fb:2e:5c:e7:8b:0e:ec:c5:47:9c:00:0d:b4:
10:57:df:93:5b:bf:b1:d0:3c:57:54:53:b9:04:ee:69:0e:78:
1b:27:7e:42:32:ff:f8:b8:e6:99:d0:11:27:3b:26:61:46:55:
85:70:dc:9c:d1:d3:0e:ea:a6:16:8f:5e:f7:b7:bd:b8:f1:1e:
8a:3c:e1:e6:20:e0:4b:73:b3:41:c3:3e:dc:71:f3:3f:56:6c:
35:b8:ab:7f:c5:1a:cb:3c:96:5a:5f:cc:f0:b3:a4:85:15:6d:
60:8f:f2:07:43:73:89:71:66:b4:a9:2d:55:55:f4:ae:85:e2:
32:dd:80:d0:44:b6:49:f8:de:9f:8f:7c:31:9d:08:84:d2:a3:
e4:8a:87:03:27:e4:04:62:2c:9b:ca:97:b9:5c:a9:cc:e5:6f:
6d:9a:55:fa:11:1c:5e:77:8a:68:ef:23:89:23:bb:ef:02:98:
76:ef:c8:b3:59:d2:79:a8:7b:f1:73:8d:21:fa:eb:b2:50:5a:
62:00:84:1c:3f:8d:02:2b:a9:9a:ec:8b:21:ca:9b:25:e3:c8:
e5:60:29:bb:b9:e0:87:76:2a:ec:fe:73:e1:5d:4d:2b:f6:34:
d1:1d:42:8e:fc:c0:9a:7c:04:7f:6d:60:15:4a:82:82:2c:12:
1f:3a:e5:76
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFOAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTUx
NTIzMjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERCMTQ0MDZBQkQyNzI2
NjczQzA5NERBNTZFN0E1MTkwODRBNzYwMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCaPy+KCATnzy2In0+H5MOZUArq/qavpXRViXPZz1mXH22TdFDm
q8K2AJY0K2YNzFgyFeosIrJLecjfN60cFu1FloKBDDp0c/m31itF1tuivfW1+SCn
mfbf/cagF8M2EDYJ9/4BxhsepLWMNo1zMrb5VysG3X4q1lCgW4AaQn79si2q8UMz
UnaYs3TEEWNkHv0wfUZzuJVNjma5n4LtUWkUI5fKPedchPV2m6VNeZ8N+FTkUN+V
IFGjQo2MExhxBq6AvOcSLPEuh+VV49fqbmUTYYAZloVC4i8qDmRv4tVEsYhM99aL
1GnQvz70H3q6vcw1g/p2b+LWKHkTJfnvVyuTAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU2xRAar0nJmc8CU2lbnpRkISnYCcwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzJ4UkFhcjBuSm1jOENV
MmxibnBSa0lTbllDYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAy9gWIBL7Llzniw7sxUecAA20EFffk1u/
sdA8V1RTuQTuaQ54Gyd+QjL/+LjmmdARJzsmYUZVhXDcnNHTDuqmFo9e97e9uPEe
ijzh5iDgS3OzQcM+3HHzP1ZsNbirf8UayzyWWl/M8LOkhRVtYI/yB0NziXFmtKkt
VVX0roXiMt2A0ES2Sfjen498MZ0IhNKj5IqHAyfkBGIsm8qXuVypzOVvbZpV+hEc
XneKaO8jiSO77wKYdu/Is1nSeah78XONIfrrslBaYgCEHD+NAiupmuyLIcqbJePI
5WApu7ngh3Yq7P5z4V1NK/Y00R1CjvzAmnwEf21gFUqCgiwSHzrldg==
-----END CERTIFICATE-----
Generated at Mon Apr 15 18:13:00 2024 by rpki-client on console-fra.rpki-client.org