Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/58lWAI9bFksInDrV8FuHkN99s9g.roa
File: 58lWAI9bFksInDrV8FuHkN99s9g.roa (raw, json)
Hash identifier: quN0N7a558BCZbzuNH4NRSFSvA9eWRL6mFfFW/Wzscg=
Subject key identifier: E7:C9:56:00:8F:5B:16:4B:08:9C:3A:D5:F0:5B:87:90:DF:7D:B3:D8
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1664
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/58lWAI9bFksInDrV8FuHkN99s9g.roa
Signing time: Fri 19 Apr 2024 16:23:28 +0000
ROA not before: Fri 19 Apr 2024 16:23:28 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5732 (0x1664)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 19 16:23:28 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E7C956008F5B164B089C3AD5F05B8790DF7DB3D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:1e:2e:84:6a:ee:f6:78:e3:d2:25:18:ca:69:
f8:cc:05:3c:71:6c:c8:1a:07:48:08:67:5d:ff:75:
e3:ff:e5:c6:91:dc:14:a1:e9:e1:de:8a:e2:6c:7e:
7d:08:2c:96:d0:33:a7:d5:5c:19:54:dc:de:96:44:
33:a0:70:62:98:48:f7:bc:da:40:a8:e3:6c:3f:98:
91:f1:f2:e1:3e:1d:39:c2:03:2b:3f:c4:65:6f:b0:
c6:2a:ae:f9:63:e2:9b:d8:e8:b8:11:9f:c5:5e:73:
1c:a8:a9:89:d1:7c:02:ac:ff:36:6d:bf:61:ff:30:
55:8c:38:83:01:67:0e:f6:14:43:4c:8f:fb:0c:ef:
50:36:d6:a6:4b:c2:d0:5f:26:34:ef:d5:4a:f6:2d:
04:45:8e:78:2a:bb:31:04:12:4b:07:aa:cd:9a:af:
30:93:c7:60:de:1b:4e:7f:09:57:6b:9c:aa:41:40:
75:b8:88:f4:8e:c3:ce:3b:e3:77:60:29:23:f9:bd:
86:9e:ef:91:fb:21:03:49:24:20:98:75:a9:64:7b:
42:d7:f5:8b:c3:c8:8b:43:3b:8d:2f:cd:80:2f:5f:
b5:4b:1c:93:05:e5:c6:63:72:4a:50:ef:3c:e3:75:
7c:a1:55:b6:e1:cf:1a:2d:81:af:e8:47:91:cc:6b:
c9:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:C9:56:00:8F:5B:16:4B:08:9C:3A:D5:F0:5B:87:90:DF:7D:B3:D8
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/58lWAI9bFksInDrV8FuHkN99s9g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8b:09:53:6c:9a:62:32:a9:06:0e:aa:53:06:05:e4:d5:d6:f1:
32:49:7f:80:0e:2d:aa:b7:72:a7:2a:a3:b2:f9:c4:77:77:3b:
eb:4a:81:f1:4a:b2:3c:a9:91:5b:03:43:bf:75:c9:69:39:7c:
9a:44:45:f5:59:85:c2:30:e8:58:ed:37:e8:3b:17:bb:d5:15:
dd:bf:59:86:c2:42:98:1b:54:55:3f:f3:29:fb:68:e6:f3:e3:
a8:17:9a:5b:d5:4f:c1:a4:90:a4:93:07:09:36:5c:54:87:ff:
37:a3:a7:69:12:f1:ef:68:a4:41:1d:29:1c:0c:f7:6a:51:bf:
89:5d:a3:23:1c:65:ec:e6:fa:38:45:e3:ef:95:b6:8b:16:80:
0a:d2:db:f5:c4:f4:38:67:e4:e1:9e:c4:ef:ad:44:99:c3:4b:
b5:d5:1f:99:21:e8:de:69:96:95:4b:a4:73:7d:b8:78:eb:a4:
b0:79:84:81:77:f7:51:f6:59:be:93:4a:e8:d2:2d:1b:aa:a9:
32:88:45:6c:60:1d:f4:91:7f:23:70:e5:e9:71:1f:b3:65:2a:
44:42:55:70:99:b8:6f:f8:a7:a5:f3:a2:22:27:37:30:3a:89:
51:c0:5d:68:f1:7e:ed:e4:19:7d:f0:82:ac:a4:1c:0d:9a:67:
9f:b3:ba:4c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFmQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTkx
NjIzMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU3Qzk1NjAwOEY1QjE2
NEIwODlDM0FENUYwNUI4NzkwREY3REIzRDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCHi6Eau72eOPSJRjKafjMBTxxbMgaB0gIZ13/deP/5caR3BSh
6eHeiuJsfn0ILJbQM6fVXBlU3N6WRDOgcGKYSPe82kCo42w/mJHx8uE+HTnCAys/
xGVvsMYqrvlj4pvY6LgRn8VecxyoqYnRfAKs/zZtv2H/MFWMOIMBZw72FENMj/sM
71A21qZLwtBfJjTv1Ur2LQRFjngquzEEEksHqs2arzCTx2DeG05/CVdrnKpBQHW4
iPSOw84743dgKSP5vYae75H7IQNJJCCYdalke0LX9YvDyItDO40vzYAvX7VLHJMF
5cZjckpQ7zzjdXyhVbbhzxotga/oR5HMa8mNAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU58lWAI9bFksInDrV8FuHkN99s9gwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzU4bFdBSTliRmtzSW5E
clY4RnVIa045OXM5Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAiwlTbJpiMqkGDqpTBgXk1dbxMkl/gA4t
qrdypyqjsvnEd3c760qB8UqyPKmRWwNDv3XJaTl8mkRF9VmFwjDoWO036DsXu9UV
3b9ZhsJCmBtUVT/zKfto5vPjqBeaW9VPwaSQpJMHCTZcVIf/N6OnaRLx72ikQR0p
HAz3alG/iV2jIxxl7Ob6OEXj75W2ixaACtLb9cT0OGfk4Z7E761EmcNLtdUfmSHo
3mmWlUukc324eOuksHmEgXf3UfZZvpNK6NItG6qpMohFbGAd9JF/I3Dl6XEfs2Uq
REJVcJm4b/inpfOiIic3MDqJUcBdaPF+7eQZffCCrKQcDZpnn7O6TA==
-----END CERTIFICATE-----
Generated at Fri Apr 19 21:44:05 2024 by rpki-client on console-fra.rpki-client.org