Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/5Oh3MntkkQR44BjkZXI7M7t9xGA.roa
File: 5Oh3MntkkQR44BjkZXI7M7t9xGA.roa (raw, json)
Hash identifier: 0Z/fGXg9KgAJQm68/oAl8AGmQPlkvPxeKTWc5b7JPKc=
Subject key identifier: E4:E8:77:32:7B:64:91:04:78:E0:18:E4:65:72:3B:33:BB:7D:C4:60
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1320
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/5Oh3MntkkQR44BjkZXI7M7t9xGA.roa
Signing time: Wed 10 Apr 2024 23:23:11 +0000
ROA not before: Wed 10 Apr 2024 23:23:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4896 (0x1320)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 10 23:23:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E4E877327B64910478E018E465723B33BB7DC460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5e:34:11:d0:b1:bd:31:f2:9a:d9:43:0e:ae:
af:9b:a6:fa:57:e0:fc:5c:3c:84:93:b2:62:39:39:
59:c8:8e:ef:68:30:61:3f:c7:05:05:aa:e3:d7:c4:
08:5c:a6:0f:44:1f:3c:ca:49:8d:2d:77:06:8f:36:
e9:1f:63:d7:6c:ed:71:4c:25:99:bd:75:a1:f7:69:
e8:a2:8d:94:55:f9:7f:4c:b4:3b:fe:63:2f:0b:87:
9d:68:cc:7c:ba:4b:52:bd:42:84:7b:f7:56:80:f6:
64:50:90:f1:3b:06:ad:38:33:12:88:ce:91:28:da:
d3:17:db:7d:90:4d:fd:6d:5a:54:6d:da:2b:0c:52:
db:36:84:95:76:ad:f5:61:df:d0:8d:da:23:85:21:
dc:ae:33:6f:39:6c:62:1c:c5:88:71:85:72:32:88:
7c:5d:f4:30:5e:1b:89:03:74:99:2a:86:c3:3a:ad:
ca:d2:ef:7f:ea:ec:70:0d:e6:3a:a3:d5:68:d7:41:
84:98:7c:ac:ea:5c:e2:26:4c:25:4f:ef:09:f1:39:
62:58:00:fb:79:1a:56:6b:ae:3b:c5:cf:c2:4b:51:
34:bd:91:14:ae:97:50:cc:55:11:07:de:1c:46:70:
37:d7:4e:8d:72:e8:89:2e:3b:85:29:b8:1c:a7:7d:
13:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:E8:77:32:7B:64:91:04:78:E0:18:E4:65:72:3B:33:BB:7D:C4:60
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/5Oh3MntkkQR44BjkZXI7M7t9xGA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
aa:46:16:df:45:b2:fd:a7:2d:a9:22:56:04:8a:bc:a8:04:b8:
21:15:51:8c:c0:62:7b:3a:99:fe:01:e3:99:1f:91:2a:43:8e:
f7:63:5b:6a:51:8a:be:2e:2f:53:df:f0:19:d3:71:91:d3:c9:
df:46:b0:bc:2e:b4:7e:64:e0:53:20:d1:1f:d1:1e:b2:9b:17:
8a:c3:5e:62:f7:55:25:c7:6b:dc:e3:04:5a:94:b3:6f:a5:93:
8d:ac:52:e2:05:c1:e3:f0:2c:4e:61:f1:82:67:31:e2:a3:b1:
b5:7d:a7:af:69:27:11:89:d6:d8:43:b3:89:8e:2b:48:ca:4d:
1c:22:97:3d:fd:08:f1:6c:cc:f7:3e:95:67:ce:df:f5:a6:6a:
6c:2e:eb:f7:a2:f1:5e:5e:3e:24:05:f2:9b:6d:e9:e6:4d:d2:
92:f7:2d:9f:d9:87:68:c7:d0:17:71:bc:3e:c4:4a:6d:39:79:
3d:0c:ea:2f:c4:71:32:74:20:f8:27:a7:ff:06:ec:ad:e5:12:
5d:bd:c9:ed:c2:d0:bb:aa:f4:d9:82:dc:3d:f3:ea:a2:ea:6a:
92:75:a3:64:b3:c5:b6:b9:5b:6a:07:e2:67:43:2d:b1:50:86:
6d:f5:db:85:5e:30:78:c4:3e:d5:08:98:a4:5f:68:98:16:ac:
10:19:2f:27
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEyAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTAy
MzIzMTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU0RTg3NzMyN0I2NDkx
MDQ3OEUwMThFNDY1NzIzQjMzQkI3REM0NjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjXjQR0LG9MfKa2UMOrq+bpvpX4PxcPISTsmI5OVnIju9oMGE/
xwUFquPXxAhcpg9EHzzKSY0tdwaPNukfY9ds7XFMJZm9daH3aeiijZRV+X9MtDv+
Yy8Lh51ozHy6S1K9QoR791aA9mRQkPE7Bq04MxKIzpEo2tMX232QTf1tWlRt2isM
Uts2hJV2rfVh39CN2iOFIdyuM285bGIcxYhxhXIyiHxd9DBeG4kDdJkqhsM6rcrS
73/q7HAN5jqj1WjXQYSYfKzqXOImTCVP7wnxOWJYAPt5GlZrrjvFz8JLUTS9kRSu
l1DMVREH3hxGcDfXTo1y6IkuO4UpuBynfRNhAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU5Oh3MntkkQR44BjkZXI7M7t9xGAwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzVPaDNNbnRra1FSNDRC
amtaWEk3TTd0OXhHQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAqkYW30Wy/actqSJWBIq8qAS4IRVRjMBi
ezqZ/gHjmR+RKkOO92NbalGKvi4vU9/wGdNxkdPJ30awvC60fmTgUyDRH9EespsX
isNeYvdVJcdr3OMEWpSzb6WTjaxS4gXB4/AsTmHxgmcx4qOxtX2nr2knEYnW2EOz
iY4rSMpNHCKXPf0I8WzM9z6VZ87f9aZqbC7r96LxXl4+JAXym23p5k3Skvctn9mH
aMfQF3G8PsRKbTl5PQzqL8RxMnQg+Cen/wbsreUSXb3J7cLQu6r02YLcPfPqoupq
knWjZLPFtrlbagfiZ0MtsVCGbfXbhV4weMQ+1QiYpF9omBasEBkvJw==
-----END CERTIFICATE-----
Generated at Thu Apr 11 01:02:58 2024 by rpki-client on console-ams.rpki-client.org