Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/5yrGjLHdHpE9jWWZ10qp2cz-XiA.roa
File: 5yrGjLHdHpE9jWWZ10qp2cz-XiA.roa (raw, json)
Hash identifier: 1RoOrrP09d8d+NLGQOJJzlAB+UtqpKFQV2eM9LZYCqI=
Subject key identifier: E7:2A:C6:8C:B1:DD:1E:91:3D:8D:65:99:D7:4A:A9:D9:CC:FE:5E:20
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1390
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/5yrGjLHdHpE9jWWZ10qp2cz-XiA.roa
Signing time: Fri 12 Apr 2024 03:23:15 +0000
ROA not before: Fri 12 Apr 2024 03:23:15 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5008 (0x1390)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 12 03:23:15 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=E72AC68CB1DD1E913D8D6599D74AA9D9CCFE5E20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e9:c3:92:e5:82:37:42:b1:50:af:8e:5b:96:
de:27:fb:ff:2e:15:31:bf:1f:74:d5:0d:35:93:78:
a3:64:ff:6d:84:ad:20:2f:02:db:f9:3c:bf:cc:ed:
c3:f4:00:66:08:c3:3f:55:d6:b7:ed:b0:71:93:ee:
08:6c:76:a5:c9:0a:44:c4:c5:12:5c:34:88:b3:09:
93:9e:77:50:1a:c0:2c:a1:b4:a2:ad:96:6b:7c:56:
39:75:5b:4c:69:10:27:3a:cf:a0:33:8b:f3:fd:9c:
8a:12:be:d9:ca:f9:40:8b:6e:32:c0:0c:1c:92:da:
68:20:13:31:5f:f5:7f:b8:ac:1d:e6:42:33:84:da:
b5:70:1a:4b:a4:2f:2a:1d:4e:ef:42:fd:9d:a2:c9:
ac:bc:0d:a8:5b:e8:01:dd:93:cf:fd:e4:ee:85:6c:
bf:82:d9:5f:65:ee:c0:5c:cd:c3:da:c4:40:2a:0a:
62:d6:3a:53:96:66:6b:d2:61:77:b4:98:35:73:35:
8b:27:bf:a6:85:89:bc:fa:7c:bb:b8:38:00:d9:af:
95:a8:2b:af:8c:af:e5:4b:b2:37:11:5a:49:d2:18:
87:f7:df:8a:8c:78:10:99:ea:12:d7:05:b2:3c:ab:
d9:70:1d:d2:ed:dd:98:2b:94:38:6e:e1:cb:de:3c:
8d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:2A:C6:8C:B1:DD:1E:91:3D:8D:65:99:D7:4A:A9:D9:CC:FE:5E:20
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/5yrGjLHdHpE9jWWZ10qp2cz-XiA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7c:96:eb:cc:4c:c1:b8:38:11:76:4f:ce:30:b9:8d:f2:95:89:
ca:92:0c:2d:59:a2:1a:f2:87:8c:05:95:c5:b7:26:dc:34:ea:
df:82:bc:b8:e6:1f:62:1b:f3:aa:24:a0:c3:99:51:48:94:44:
53:c4:50:26:66:ea:ff:e4:d5:f6:ae:a1:72:86:d8:54:15:46:
51:0b:7a:de:06:a6:bf:85:96:fe:47:ba:00:c1:e2:5e:79:97:
5a:d6:d5:0d:87:f9:a4:a9:9d:52:38:d3:0e:19:83:f5:11:10:
22:ed:00:b5:71:06:f5:44:6f:c9:71:5c:19:15:ee:5e:3e:65:
98:5d:e8:ec:69:11:0c:0f:53:bb:84:eb:d7:cb:32:c0:22:b4:
b9:80:51:0f:cc:e7:24:1b:62:eb:ce:99:f2:9c:68:f4:f3:59:
2e:fe:7d:a2:18:29:81:3c:42:f8:d6:33:4f:5e:82:dd:39:d5:
25:89:e6:64:8e:40:79:bb:52:7a:37:74:bc:d3:0c:4e:ad:33:
54:b6:9d:08:42:03:68:13:74:2e:a6:2a:fd:1d:dc:43:fd:51:
26:08:d4:43:77:75:f7:66:2e:8d:a2:73:00:4b:96:b1:ba:bd:
5a:17:77:b3:58:a4:23:ec:e2:ca:03:e4:98:c8:a0:42:70:0e:
84:3f:20:6b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICE5AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTIw
MzIzMTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEU3MkFDNjhDQjFERDFF
OTEzRDhENjU5OUQ3NEFBOUQ5Q0NGRTVFMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDI6cOS5YI3QrFQr45blt4n+/8uFTG/H3TVDTWTeKNk/22ErSAv
Atv5PL/M7cP0AGYIwz9V1rftsHGT7ghsdqXJCkTExRJcNIizCZOed1AawCyhtKKt
lmt8Vjl1W0xpECc6z6Azi/P9nIoSvtnK+UCLbjLADByS2mggEzFf9X+4rB3mQjOE
2rVwGkukLyodTu9C/Z2iyay8Dahb6AHdk8/95O6FbL+C2V9l7sBczcPaxEAqCmLW
OlOWZmvSYXe0mDVzNYsnv6aFibz6fLu4OADZr5WoK6+Mr+VLsjcRWknSGIf334qM
eBCZ6hLXBbI8q9lwHdLt3ZgrlDhu4cvePI1tAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU5yrGjLHdHpE9jWWZ10qp2cz+XiAwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzV5ckdqTEhkSHBFOWpX
V1oxMHFwMmN6LVhpQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAfJbrzEzBuDgRdk/OMLmN8pWJypIMLVmi
GvKHjAWVxbcm3DTq34K8uOYfYhvzqiSgw5lRSJREU8RQJmbq/+TV9q6hcobYVBVG
UQt63gamv4WW/ke6AMHiXnmXWtbVDYf5pKmdUjjTDhmD9REQIu0AtXEG9URvyXFc
GRXuXj5lmF3o7GkRDA9Tu4Tr18sywCK0uYBRD8znJBti686Z8pxo9PNZLv59ohgp
gTxC+NYzT16C3TnVJYnmZI5AebtSejd0vNMMTq0zVLadCEIDaBN0LqYq/R3cQ/1R
JgjUQ3d192YujaJzAEuWsbq9Whd3s1ikI+ziygPkmMigQnAOhD8gaw==
-----END CERTIFICATE-----
Generated at Fri Apr 12 04:52:17 2024 by rpki-client on console-fra.rpki-client.org