Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/7oNfDIfMxqn6AIIvr017fjG46Pw.roa
File: 7oNfDIfMxqn6AIIvr017fjG46Pw.roa (raw, json)
Hash identifier: IkSRUHJAFV91GO1JqjVx/+qlkxbxD4sPUq/Ox48NqRQ=
Subject key identifier: EE:83:5F:0C:87:CC:C6:A9:FA:00:82:2F:AF:4D:7B:7E:31:B8:E8:FC
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 17FE
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/7oNfDIfMxqn6AIIvr017fjG46Pw.roa
Signing time: Tue 23 Apr 2024 22:53:37 +0000
ROA not before: Tue 23 Apr 2024 22:53:37 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6142 (0x17fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 23 22:53:37 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=EE835F0C87CCC6A9FA00822FAF4D7B7E31B8E8FC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:64:59:bd:bf:56:7f:1b:d1:9b:a3:97:31:e5:
a5:4f:c2:c7:af:82:d5:88:c3:02:2e:66:db:c5:da:
92:fe:76:ff:d1:48:33:34:c0:9a:36:da:d8:d2:52:
ac:44:ba:54:45:fd:78:49:49:05:49:52:11:72:a3:
e0:89:97:f3:09:e3:71:1c:53:51:0c:a3:87:41:2b:
ab:41:cc:4a:78:03:46:b6:a6:33:3a:2c:31:da:b3:
2a:06:1d:2b:67:bb:8c:9a:bc:12:64:fa:6c:ed:23:
0b:58:5b:4b:a0:b0:1d:1c:f7:18:7f:c9:0c:5b:ea:
cb:cd:1e:40:02:34:5f:c9:94:2c:17:13:98:b3:d4:
2c:58:e7:dc:25:d3:2c:72:d8:03:70:de:b1:a1:bc:
d1:18:10:7c:f6:ac:67:4d:04:57:02:d5:44:04:c5:
98:dd:e6:6c:0e:0c:13:a7:f3:fa:ee:e2:63:2a:99:
f4:bd:63:d5:ac:97:31:26:6f:17:93:89:b0:f3:a8:
aa:90:bf:b4:09:62:62:08:7a:7a:24:0b:f7:38:82:
01:66:da:1d:77:c2:29:3b:35:5d:61:12:8d:c6:97:
53:bb:44:66:74:8d:72:55:ef:d3:9c:69:29:49:9b:
a9:19:47:18:f7:2c:07:53:ba:fd:99:56:a1:4a:b9:
3f:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:83:5F:0C:87:CC:C6:A9:FA:00:82:2F:AF:4D:7B:7E:31:B8:E8:FC
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/7oNfDIfMxqn6AIIvr017fjG46Pw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
43:9c:1b:75:3e:76:41:a9:9b:7d:91:9d:f5:c7:13:e4:45:62:
f2:a4:ed:39:d3:fc:6f:83:69:07:a2:e4:91:02:1d:11:cf:a2:
07:02:f7:23:b4:1d:55:3d:92:6e:4e:ea:b5:51:97:2c:2b:75:
e1:24:25:18:7f:66:34:37:4e:b6:a9:0f:86:95:01:30:bc:b9:
09:10:68:e2:e0:b4:68:29:0d:27:99:69:97:00:59:a7:79:4b:
c4:fe:12:b2:1c:2e:88:da:11:4d:67:55:5a:d5:97:2e:60:59:
76:25:0b:bc:d1:3e:d9:b3:ce:08:43:e7:5a:25:16:67:3b:33:
2b:09:ce:cf:bc:2a:72:1a:9a:81:1c:75:c3:f3:22:2b:86:47:
16:55:3e:5d:ba:17:b5:41:90:3a:02:55:69:e4:ea:f7:5a:9e:
a5:bf:2c:6a:3b:96:4f:bd:c8:69:94:8b:79:61:d0:33:bd:4c:
56:c7:b4:58:45:a9:71:ef:90:6a:a8:3e:3c:51:fb:65:88:59:
ae:a2:67:31:14:ef:31:78:df:13:8e:8a:bc:8b:e4:5b:bc:02:
dd:f8:86:fc:98:07:fd:62:ed:7a:8c:39:d7:51:63:02:08:b1:
b9:6b:f1:8a:4e:3d:c1:07:e8:fa:72:d1:bb:87:0b:54:1f:4b:
2c:18:3f:c8
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICF/4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjMy
MjUzMzdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVFODM1RjBDODdDQ0M2
QTlGQTAwODIyRkFGNEQ3QjdFMzFCOEU4RkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOZFm9v1Z/G9Gbo5cx5aVPwsevgtWIwwIuZtvF2pL+dv/RSDM0
wJo22tjSUqxEulRF/XhJSQVJUhFyo+CJl/MJ43EcU1EMo4dBK6tBzEp4A0a2pjM6
LDHasyoGHStnu4yavBJk+mztIwtYW0ugsB0c9xh/yQxb6svNHkACNF/JlCwXE5iz
1CxY59wl0yxy2ANw3rGhvNEYEHz2rGdNBFcC1UQExZjd5mwODBOn8/ru4mMqmfS9
Y9WslzEmbxeTibDzqKqQv7QJYmIIenokC/c4ggFm2h13wik7NV1hEo3Gl1O7RGZ0
jXJV79OcaSlJm6kZRxj3LAdTuv2ZVqFKuT/9AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU7oNfDIfMxqn6AIIvr017fjG46PwwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzdvTmZESWZNeHFuNkFJ
SXZyMDE3ZmpHNDZQdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAQ5wbdT52QambfZGd9ccT5EVi8qTtOdP8
b4NpB6LkkQIdEc+iBwL3I7QdVT2Sbk7qtVGXLCt14SQlGH9mNDdOtqkPhpUBMLy5
CRBo4uC0aCkNJ5lplwBZp3lLxP4SshwuiNoRTWdVWtWXLmBZdiULvNE+2bPOCEPn
WiUWZzszKwnOz7wqchqagRx1w/MiK4ZHFlU+XboXtUGQOgJVaeTq91qepb8sajuW
T73IaZSLeWHQM71MVse0WEWpce+Qaqg+PFH7ZYhZrqJnMRTvMXjfE46KvIvkW7wC
3fiG/JgH/WLteow511FjAgixuWvxik49wQfo+nLRu4cLVB9LLBg/yA==
-----END CERTIFICATE-----
Generated at Wed Apr 24 02:31:55 2024 by rpki-client on console-ams.rpki-client.org