Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/7kbPtdwhAHUaM95Ce_WgdhDvYOg.roa
File: 7kbPtdwhAHUaM95Ce_WgdhDvYOg.roa (raw, json)
Hash identifier: aBoFyhEPepkmuL3T/18KfBz3+ZCRPBqQ0xgd5W8moCY=
Subject key identifier: EE:46:CF:B5:DC:21:00:75:1A:33:DE:42:7B:F5:A0:76:10:EF:60:E8
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1488
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/7kbPtdwhAHUaM95Ce_WgdhDvYOg.roa
Signing time: Sun 14 Apr 2024 17:23:14 +0000
ROA not before: Sun 14 Apr 2024 17:23:14 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5256 (0x1488)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 14 17:23:14 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=EE46CFB5DC2100751A33DE427BF5A07610EF60E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:64:06:77:00:9d:bc:33:b8:5f:ab:5f:02:cb:
36:66:21:3b:84:29:1e:b2:a9:e9:b2:94:5c:64:4d:
dc:a7:a7:e4:ee:87:43:6f:7b:a0:ed:e1:4d:7e:4f:
ef:2e:81:d8:9b:da:17:95:1f:77:2e:14:7f:0b:2a:
36:cb:94:5f:e4:1c:1f:49:c9:60:e3:f8:c9:4a:11:
99:7d:6d:92:e1:67:ca:64:fa:2d:8b:cc:ce:1c:8e:
e7:c7:44:f8:7f:af:94:c6:1a:cd:42:6a:5e:83:54:
ff:43:b0:a8:26:bf:36:d8:5e:54:04:60:12:39:20:
ae:f1:74:96:66:2e:e3:2d:c0:f5:ab:c8:35:32:2f:
9e:d2:76:10:4d:91:05:ee:80:c7:e6:49:f0:d3:b4:
73:dd:97:3e:79:ae:81:8e:14:b0:a9:5f:e9:e3:ea:
73:43:64:2a:43:8d:30:90:fa:2f:4c:31:2c:ab:49:
dc:d7:15:04:bd:17:6b:d1:f2:db:9e:2b:f2:1f:f8:
34:7d:ed:26:2b:bd:0f:e7:51:9d:dd:3f:c9:a4:b6:
8e:4f:d5:1d:9d:e0:22:a2:70:9b:34:e5:c0:62:f5:
5e:11:00:6e:ce:79:96:e1:ad:1b:8e:8c:84:8b:40:
44:55:96:a2:90:15:4f:5f:6d:ad:cc:fc:d9:5e:87:
78:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:46:CF:B5:DC:21:00:75:1A:33:DE:42:7B:F5:A0:76:10:EF:60:E8
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/7kbPtdwhAHUaM95Ce_WgdhDvYOg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2d:ab:4f:c1:bc:e8:8c:62:e5:8a:ec:cb:b6:92:3a:58:55:9d:
69:15:dd:7a:ed:60:05:b6:79:17:88:98:5f:be:cc:79:42:38:
29:54:e5:da:2a:72:6a:15:14:ba:ca:2f:9e:3d:16:1b:07:49:
10:8d:ad:0f:5b:13:12:0e:ac:48:fd:7f:35:0b:6a:91:35:c3:
91:b0:53:d4:11:66:27:e5:93:8f:2f:a2:1a:33:a7:cd:e9:5c:
4a:ae:97:90:1f:23:0a:d5:df:74:3a:66:10:07:cd:d0:58:2e:
96:1e:61:a8:e9:4e:20:f4:61:af:1d:6e:78:90:e1:31:c5:84:
8f:9d:ec:28:4b:39:e0:77:5f:62:05:32:3e:c7:99:32:2e:93:
36:7b:26:a0:8f:15:0e:b6:26:3f:86:a9:5e:36:24:1e:0b:6c:
9f:3f:07:60:c4:2a:46:a7:73:07:40:38:ad:31:f0:48:b5:23:
b0:cd:ea:68:0e:45:43:a1:de:42:d9:ae:ff:5e:a1:74:5b:b0:
8a:2c:eb:94:f0:86:96:63:00:cf:0a:fd:54:52:75:52:b7:c5:
dd:11:30:29:47:be:ec:8c:3f:95:e8:a5:77:c4:a5:fc:a3:55:
68:f0:f5:ad:59:0f:ec:ef:36:33:71:42:d6:5e:21:c6:6d:8b:
6d:da:e6:60
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFIgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTQx
NzIzMTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVFNDZDRkI1REMyMTAw
NzUxQTMzREU0MjdCRjVBMDc2MTBFRjYwRTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlZAZ3AJ28M7hfq18CyzZmITuEKR6yqemylFxkTdynp+Tuh0Nv
e6Dt4U1+T+8ugdib2heVH3cuFH8LKjbLlF/kHB9JyWDj+MlKEZl9bZLhZ8pk+i2L
zM4cjufHRPh/r5TGGs1Cal6DVP9DsKgmvzbYXlQEYBI5IK7xdJZmLuMtwPWryDUy
L57SdhBNkQXugMfmSfDTtHPdlz55roGOFLCpX+nj6nNDZCpDjTCQ+i9MMSyrSdzX
FQS9F2vR8tueK/If+DR97SYrvQ/nUZ3dP8mkto5P1R2d4CKicJs05cBi9V4RAG7O
eZbhrRuOjISLQERVlqKQFU9fba3M/Nleh3iFAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU7kbPtdwhAHUaM95Ce/WgdhDvYOgwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzdrYlB0ZHdoQUhVYU05
NUNlX1dnZGhEdllPZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEALatPwbzojGLliuzLtpI6WFWdaRXdeu1g
BbZ5F4iYX77MeUI4KVTl2ipyahUUusovnj0WGwdJEI2tD1sTEg6sSP1/NQtqkTXD
kbBT1BFmJ+WTjy+iGjOnzelcSq6XkB8jCtXfdDpmEAfN0Fgulh5hqOlOIPRhrx1u
eJDhMcWEj53sKEs54HdfYgUyPseZMi6TNnsmoI8VDrYmP4apXjYkHgtsnz8HYMQq
RqdzB0A4rTHwSLUjsM3qaA5FQ6HeQtmu/16hdFuwiizrlPCGlmMAzwr9VFJ1UrfF
3REwKUe+7Iw/leild8Sl/KNVaPD1rVkP7O82M3FC1l4hxm2LbdrmYA==
-----END CERTIFICATE-----
Generated at Sun Apr 14 18:54:46 2024 by rpki-client on console-ams.rpki-client.org