Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/4RpyGozcTR-0kDm8g1K13gt_vFQ.roa
File: 4RpyGozcTR-0kDm8g1K13gt_vFQ.roa (raw, json)
Hash identifier: ztnLQU+Q6ouzz0j0zoM35gaeG45UOvCP18bErFr0qmM=
Subject key identifier: E1:1A:72:1A:8C:DC:4D:1F:B4:90:39:BC:83:52:B5:DE:0B:7F:BC:54
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0E5A
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/4RpyGozcTR-0kDm8g1K13gt_vFQ.roa
Signing time: Fri 29 Mar 2024 05:52:28 +0000
ROA not before: Fri 29 Mar 2024 05:52:28 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3674 (0xe5a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 29 05:52:28 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E11A721A8CDC4D1FB49039BC8352B5DE0B7FBC54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:47:4a:26:14:f2:c6:fc:7f:3c:f9:5d:24:a3:
7a:c1:0e:c5:15:70:ab:49:83:b1:dc:c5:4b:5f:85:
9e:86:d1:76:5c:bf:91:dc:e1:65:6c:5b:30:b3:9b:
15:e8:2c:da:2d:73:d0:f7:89:db:ca:d8:92:65:c3:
7f:04:89:0a:46:6a:35:e1:52:81:50:9b:1b:4f:62:
1f:66:66:05:ae:7d:82:29:9c:c3:bc:9b:5f:ee:81:
1f:52:97:e0:0b:17:9c:c9:55:70:b3:46:bd:d3:0e:
65:e8:6b:99:5d:b4:ca:82:db:7e:23:19:1b:62:2c:
c7:cc:99:25:22:3e:24:96:71:fd:80:8a:ec:09:90:
bc:98:ac:61:85:bd:46:ed:58:cd:a0:33:8b:55:16:
61:fc:94:88:eb:c0:3d:13:19:74:ad:da:2f:b7:cd:
7e:4a:8f:2e:30:a6:8d:5c:e5:15:0c:4f:15:ba:c3:
c3:c1:45:86:d8:18:6a:28:e3:c1:44:ed:d9:b0:a9:
dc:c5:0a:1d:e8:8a:d0:f2:2c:fc:7a:37:a1:15:e8:
fa:b7:c5:bf:3b:4b:d7:62:18:35:45:ce:a5:2a:40:
9b:cb:98:49:a8:f3:d6:89:b4:e9:be:ea:da:f1:64:
47:70:e3:7f:e0:2d:ea:57:22:f5:ce:65:c0:1e:c2:
d2:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:1A:72:1A:8C:DC:4D:1F:B4:90:39:BC:83:52:B5:DE:0B:7F:BC:54
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/4RpyGozcTR-0kDm8g1K13gt_vFQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
47:eb:12:7d:ad:ef:aa:7d:6b:1c:c1:4d:48:1a:6d:23:61:bb:
26:d3:c2:71:65:13:0e:43:3b:76:2b:02:43:a6:c2:f6:8c:d2:
94:0f:b2:23:6e:d3:4f:8a:b6:97:8e:9f:e3:bf:42:f1:4f:14:
3c:47:bc:ae:a7:db:33:7d:9a:2d:a1:f5:2d:4d:53:a9:ee:ac:
37:e7:0c:ef:d6:0a:4a:29:b7:d0:07:53:01:ec:7f:47:6a:a1:
26:6d:19:40:6a:8a:74:06:32:e1:0a:a2:1a:8a:2b:80:c6:0e:
0b:27:8f:5a:26:29:97:47:a8:f9:0c:fd:cc:13:37:fe:f5:71:
ca:c2:23:14:d1:61:60:04:da:49:09:c3:35:68:c2:ab:ed:64:
91:82:90:67:7d:c4:97:62:8f:3c:8d:1a:9d:68:27:0b:e9:99:
c7:67:76:59:53:57:b8:f4:92:cd:d2:a3:4a:48:9e:ff:06:51:
8c:1a:71:e2:0a:d9:6a:f5:cf:61:fd:41:90:02:5a:73:71:8d:
56:b5:e3:7a:62:15:63:96:27:36:e4:5d:2a:7f:fb:c8:17:be:
e5:50:93:82:ef:39:23:83:32:39:cf:5f:e8:23:b9:20:a6:19:
c0:80:e5:c4:cf:c3:8e:87:f0:c4:08:5f:c2:e0:2f:bc:99:95:
7a:96:53:8a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDlowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMjkw
NTUyMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEUxMUE3MjFBOENEQzRE
MUZCNDkwMzlCQzgzNTJCNURFMEI3RkJDNTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDER0omFPLG/H88+V0ko3rBDsUVcKtJg7HcxUtfhZ6G0XZcv5Hc
4WVsWzCzmxXoLNotc9D3idvK2JJlw38EiQpGajXhUoFQmxtPYh9mZgWufYIpnMO8
m1/ugR9Sl+ALF5zJVXCzRr3TDmXoa5ldtMqC234jGRtiLMfMmSUiPiSWcf2AiuwJ
kLyYrGGFvUbtWM2gM4tVFmH8lIjrwD0TGXSt2i+3zX5Kjy4wpo1c5RUMTxW6w8PB
RYbYGGoo48FE7dmwqdzFCh3oitDyLPx6N6EV6Pq3xb87S9diGDVFzqUqQJvLmEmo
89aJtOm+6trxZEdw43/gLepXIvXOZcAewtIVAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU4RpyGozcTR+0kDm8g1K13gt/vFQwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzRScHlHb3pjVFItMGtE
bThnMUsxM2d0X3ZGUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAR+sSfa3vqn1rHMFNSBptI2G7JtPCcWUT
DkM7disCQ6bC9ozSlA+yI27TT4q2l46f479C8U8UPEe8rqfbM32aLaH1LU1Tqe6s
N+cM79YKSim30AdTAex/R2qhJm0ZQGqKdAYy4QqiGoorgMYOCyePWiYpl0eo+Qz9
zBM3/vVxysIjFNFhYATaSQnDNWjCq+1kkYKQZ33El2KPPI0anWgnC+mZx2d2WVNX
uPSSzdKjSkie/wZRjBpx4grZavXPYf1BkAJac3GNVrXjemIVY5YnNuRdKn/7yBe+
5VCTgu85I4MyOc9f6CO5IKYZwIDlxM/DjofwxAhfwuAvvJmVepZTig==
-----END CERTIFICATE-----
Generated at Fri Mar 29 07:14:13 2024 by rpki-client on console-ams.rpki-client.org