Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/6pp7TTuvHHRWxauMecxwKNiX20M.roa
File: 6pp7TTuvHHRWxauMecxwKNiX20M.roa (raw, json)
Hash identifier: kSuvzRnE7g8i6Eh8uwX8U7ybeWxYx5ly8uyJ28zfLkc=
Subject key identifier: EA:9A:7B:4D:3B:AF:1C:74:56:C5:AB:8C:79:CC:70:28:D8:97:DB:43
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 12CC
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/6pp7TTuvHHRWxauMecxwKNiX20M.roa
Signing time: Wed 10 Apr 2024 02:23:06 +0000
ROA not before: Wed 10 Apr 2024 02:23:06 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4812 (0x12cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 10 02:23:06 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=EA9A7B4D3BAF1C7456C5AB8C79CC7028D897DB43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:76:21:0a:56:50:d7:2d:f0:c8:48:28:4b:4f:
00:c8:e0:bd:ee:11:b3:29:2e:a1:25:dc:5c:79:46:
de:dc:f1:2c:d0:48:7f:88:dd:4a:1b:13:f2:12:cd:
94:3f:11:65:31:16:19:f6:46:82:20:ac:08:a1:9d:
13:4c:bb:35:c7:50:cb:90:47:b7:1d:bb:a9:14:28:
08:2c:f2:d1:fb:b2:93:28:89:4b:7a:24:ed:9d:59:
05:6a:f8:94:20:4c:14:5e:23:25:46:64:4b:47:36:
59:c8:c4:31:2c:b9:44:6a:dd:44:70:38:88:66:5a:
0c:5e:cd:c3:20:39:97:e2:73:ec:91:20:9d:86:35:
0f:ab:f8:e0:07:e2:8d:51:c5:60:71:60:44:00:47:
dc:b7:a3:01:b1:10:eb:fe:88:42:d4:02:12:68:fe:
e7:42:cd:df:78:db:91:13:14:09:d4:4b:b2:d8:d7:
6b:e1:e1:ac:33:33:73:6f:5d:9d:b2:15:3e:d3:52:
f8:ff:b4:b2:31:8c:fd:70:b6:2e:82:cf:35:73:88:
b2:2c:ae:fb:38:ab:7e:9c:f8:17:87:a1:e2:39:ff:
37:8f:2e:31:09:e3:33:e4:3f:df:70:c1:4b:26:b9:
5b:54:9e:e9:a2:a8:e7:95:a7:b8:ab:0c:4f:fb:de:
71:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:9A:7B:4D:3B:AF:1C:74:56:C5:AB:8C:79:CC:70:28:D8:97:DB:43
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/6pp7TTuvHHRWxauMecxwKNiX20M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a9:43:74:7d:60:eb:89:d2:00:37:66:1c:a6:4e:ac:6c:f0:b7:
c9:07:ac:3b:2c:58:a0:48:db:6a:7b:1b:b0:3d:3d:b8:41:a2:
de:a8:30:d6:28:c7:1d:94:61:7e:23:6e:47:41:d5:ac:9b:ed:
d6:21:ce:cc:ee:5e:1d:3f:4c:e2:1b:87:60:7a:17:e1:45:78:
b5:63:ff:e4:01:6c:0c:99:76:e8:f9:6d:3b:b8:ce:34:ce:c8:
ba:ab:59:7d:30:24:66:ae:6e:ca:ca:26:a3:94:28:ee:34:59:
3b:65:01:ae:58:8f:17:e8:9d:7e:e2:07:2b:c8:6f:90:43:ef:
57:f1:3d:c5:22:c1:57:fe:89:1e:02:51:e9:a4:c7:73:50:d5:
66:72:17:d8:ee:18:d2:a8:e8:e3:e1:bc:a5:f4:e3:68:f9:af:
7a:55:73:2f:f6:d8:0f:58:9e:0e:7f:ff:b9:44:b9:14:16:c5:
93:8f:8d:a2:08:6a:1c:1f:35:f2:ac:80:e4:c4:f1:e5:11:58:
f4:fe:28:c8:44:ca:f4:32:f6:38:24:6c:30:ad:82:14:d8:99:
6c:3c:dd:a0:35:ee:34:ee:c4:17:86:a8:a1:83:51:c3:56:88:
27:8a:f9:eb:47:08:dd:e4:a7:b2:60:ab:4b:b0:b3:8a:35:31:
36:2e:c2:b7
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEswwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTAw
MjIzMDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVBOUE3QjREM0JBRjFD
NzQ1NkM1QUI4Qzc5Q0M3MDI4RDg5N0RCNDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQdiEKVlDXLfDISChLTwDI4L3uEbMpLqEl3Fx5Rt7c8SzQSH+I
3UobE/ISzZQ/EWUxFhn2RoIgrAihnRNMuzXHUMuQR7cdu6kUKAgs8tH7spMoiUt6
JO2dWQVq+JQgTBReIyVGZEtHNlnIxDEsuURq3URwOIhmWgxezcMgOZfic+yRIJ2G
NQ+r+OAH4o1RxWBxYEQAR9y3owGxEOv+iELUAhJo/udCzd9425ETFAnUS7LY12vh
4awzM3NvXZ2yFT7TUvj/tLIxjP1wti6CzzVziLIsrvs4q36c+BeHoeI5/zePLjEJ
4zPkP99wwUsmuVtUnumiqOeVp7irDE/73nEhAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU6pp7TTuvHHRWxauMecxwKNiX20MwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzZwcDdUVHV2SEhSV3hh
dU1lY3h3S05pWDIwTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAqUN0fWDridIAN2Ycpk6sbPC3yQesOyxY
oEjbansbsD09uEGi3qgw1ijHHZRhfiNuR0HVrJvt1iHOzO5eHT9M4huHYHoX4UV4
tWP/5AFsDJl26PltO7jONM7IuqtZfTAkZq5uysomo5Qo7jRZO2UBrliPF+idfuIH
K8hvkEPvV/E9xSLBV/6JHgJR6aTHc1DVZnIX2O4Y0qjo4+G8pfTjaPmvelVzL/bY
D1ieDn//uUS5FBbFk4+NoghqHB818qyA5MTx5RFY9P4oyETK9DL2OCRsMK2CFNiZ
bDzdoDXuNO7EF4aooYNRw1aIJ4r560cI3eSnsmCrS7CzijUxNi7Ctw==
Generated at Wed Apr 10 04:18:32 2024 by rpki-client on console-fra.rpki-client.org