Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/5IlaUetwo_c4ZNG_nRTMFT3hhFs.roa
File: 5IlaUetwo_c4ZNG_nRTMFT3hhFs.roa (raw, json)
Hash identifier: VdtMwvyzIKzsay+MeUnlldCdUvao5VHKnmL9b3PvA4w=
Subject key identifier: E4:89:5A:51:EB:70:A3:F7:38:64:D1:BF:9D:14:CC:15:3D:E1:84:5B
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 16D6
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/5IlaUetwo_c4ZNG_nRTMFT3hhFs.roa
Signing time: Sat 20 Apr 2024 20:53:29 +0000
ROA not before: Sat 20 Apr 2024 20:53:29 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5846 (0x16d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 20 20:53:29 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E4895A51EB70A3F73864D1BF9D14CC153DE1845B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:2a:07:9c:05:4e:26:69:63:9e:13:2d:4f:50:
13:37:20:fb:14:72:38:53:d5:63:37:7f:12:b7:2f:
0b:e5:0d:59:b6:35:e4:04:d3:53:c6:c0:78:b5:75:
c4:3c:f7:4f:74:c5:28:5d:81:0e:d9:c9:0f:60:4d:
73:c7:ce:02:94:79:a8:6a:3f:6f:ee:c2:ca:3a:f7:
7c:8d:5f:f2:38:3a:f1:10:57:8b:44:f8:b0:ad:1e:
9f:60:85:9d:64:fe:41:11:70:80:4d:8d:a5:11:e0:
cc:05:88:51:23:4f:9b:53:69:fb:bd:9c:d3:e5:a7:
69:01:b0:a5:1a:d3:65:1b:94:76:41:d3:62:32:67:
bd:44:6a:0e:15:78:f2:d7:64:d3:4f:3d:4c:2e:7f:
49:c2:f5:8a:ba:ab:0d:23:02:71:cf:bb:3f:47:f6:
79:2e:27:bb:d5:13:ce:a3:d2:0e:a8:0c:c4:e6:d1:
1d:be:b9:c7:d4:ca:b7:5d:d4:34:7e:cb:fc:6d:58:
4e:f0:29:ad:75:d8:91:25:26:f1:38:58:11:1a:19:
c8:af:ff:3b:9b:2f:83:9b:80:d7:fc:bc:66:e0:3a:
e4:19:fb:f5:58:ee:80:68:e3:5e:b1:1f:c5:9e:2d:
cf:5f:51:39:51:e9:94:53:60:39:6a:ec:fb:32:0c:
da:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:89:5A:51:EB:70:A3:F7:38:64:D1:BF:9D:14:CC:15:3D:E1:84:5B
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/5IlaUetwo_c4ZNG_nRTMFT3hhFs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
11:93:ae:a5:0b:97:55:42:c3:d0:b4:18:91:d2:22:af:c3:00:
1c:86:83:30:7d:b3:11:cb:30:af:54:54:40:cc:3b:00:3d:90:
5e:e8:b3:9b:0d:f9:9c:d2:b9:95:d4:dd:38:06:cb:d8:f5:6a:
3f:cc:8a:76:b7:fa:e7:04:ec:7c:2f:c3:18:54:97:6c:de:91:
52:47:56:86:45:fa:9a:ad:12:2f:c9:96:b9:8e:43:2d:8d:7f:
dc:97:1e:8d:77:c8:14:b0:97:ea:cd:fd:fa:01:fa:1a:11:99:
26:a8:47:a4:5b:1a:14:25:cf:a7:2d:77:99:fe:4e:5e:dd:59:
5e:fe:45:d2:23:c9:88:e5:56:b6:5c:7d:d4:33:9b:64:73:01:
46:28:8f:cd:25:e3:0d:0f:a4:a7:d3:0d:ea:d7:76:b5:6e:b0:
e3:b4:9b:8a:4f:3d:e8:6b:6f:a5:c4:ef:4c:77:fa:ae:e2:95:
0c:aa:eb:d3:3f:f7:64:33:e6:4b:f7:f2:03:15:57:d0:58:1a:
3d:c6:a0:04:c0:1a:fa:ab:d7:cc:4b:2b:32:a7:22:8a:1d:ad:
25:cb:e4:b6:56:c9:61:de:73:a5:d4:7a:3a:4d:3a:3e:8a:ed:
9c:5a:3d:9d:c8:7c:59:c4:f0:01:0c:ea:34:f1:d8:32:52:66:
b0:77:9a:00
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFtYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjAy
MDUzMjlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU0ODk1QTUxRUI3MEEz
RjczODY0RDFCRjlEMTRDQzE1M0RFMTg0NUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRKgecBU4maWOeEy1PUBM3IPsUcjhT1WM3fxK3LwvlDVm2NeQE
01PGwHi1dcQ89090xShdgQ7ZyQ9gTXPHzgKUeahqP2/uwso693yNX/I4OvEQV4tE
+LCtHp9ghZ1k/kERcIBNjaUR4MwFiFEjT5tTafu9nNPlp2kBsKUa02UblHZB02Iy
Z71Eag4VePLXZNNPPUwuf0nC9Yq6qw0jAnHPuz9H9nkuJ7vVE86j0g6oDMTm0R2+
ucfUyrdd1DR+y/xtWE7wKa112JElJvE4WBEaGciv/zubL4ObgNf8vGbgOuQZ+/VY
7oBo416xH8WeLc9fUTlR6ZRTYDlq7PsyDNpxAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU5IlaUetwo/c4ZNG/nRTMFT3hhFswHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzVJbGFVZXR3b19jNFpO
R19uUlRNRlQzaGhGcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAEZOupQuXVULD0LQYkdIir8MAHIaDMH2z
Ecswr1RUQMw7AD2QXuizmw35nNK5ldTdOAbL2PVqP8yKdrf65wTsfC/DGFSXbN6R
UkdWhkX6mq0SL8mWuY5DLY1/3JcejXfIFLCX6s39+gH6GhGZJqhHpFsaFCXPpy13
mf5OXt1ZXv5F0iPJiOVWtlx91DObZHMBRiiPzSXjDQ+kp9MN6td2tW6w47Sbik89
6GtvpcTvTHf6ruKVDKrr0z/3ZDPmS/fyAxVX0FgaPcagBMAa+qvXzEsrMqciih2t
JcvktlbJYd5zpdR6Ok06PortnFo9nch8WcTwAQzqNPHYMlJmsHeaAA==
-----END CERTIFICATE-----
Generated at Sat Apr 20 22:13:57 2024 by rpki-client on console-fra.rpki-client.org