Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/96dC8COwxAGivHwwBynuksq4cXc.roa
File: 96dC8COwxAGivHwwBynuksq4cXc.roa (raw, json)
Hash identifier: nW1jjGGdeg8GxJU1oZLc9lcoUVIxBgHqbjLgheRWDfs=
Subject key identifier: F7:A7:42:F0:23:B0:C4:01:A2:BC:7C:30:07:29:EE:92:CA:B8:71:77
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1B60
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/96dC8COwxAGivHwwBynuksq4cXc.roa
Signing time: Thu 02 May 2024 23:24:14 +0000
ROA not before: Thu 02 May 2024 23:24:14 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7008 (0x1b60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 2 23:24:14 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F7A742F023B0C401A2BC7C300729EE92CAB87177
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a6:e4:23:89:f1:ed:81:92:f4:fd:dd:62:ee:
84:12:17:8e:30:2b:00:70:45:c1:0e:8f:b7:f5:a9:
0b:fa:9b:70:e3:03:42:56:b9:0a:19:b4:61:38:6e:
12:32:7b:11:1f:6e:87:bf:a5:f5:c4:0c:69:f5:5f:
8a:48:a6:23:cc:86:95:92:77:8f:4a:c7:1d:e9:1b:
a7:06:4d:04:74:72:76:d9:56:b3:6d:8d:ae:48:6c:
64:d8:76:b6:a7:cb:51:b1:72:6d:69:9a:63:4a:c7:
f6:db:c0:bb:73:8c:e4:33:d2:b1:72:3f:cf:ed:32:
ca:57:4a:fd:a1:3e:83:59:4b:d2:ef:c9:64:40:e9:
88:86:f1:45:bf:ce:24:c2:02:e4:ec:fb:a3:b0:de:
be:bc:3b:b1:29:e5:23:0f:f1:7c:14:88:58:a6:6d:
a0:be:02:2e:13:db:98:bc:de:a3:4a:5e:7b:f4:bf:
71:e1:d4:70:d3:21:d3:e8:98:f7:1e:cc:36:53:cd:
59:55:94:7b:ad:62:2e:10:df:ff:b0:92:1c:4b:bd:
15:7e:53:9d:ec:85:fa:c0:13:c1:e5:e4:d5:db:4c:
74:09:a2:67:f7:5a:bf:20:01:8f:bb:41:00:f7:d6:
31:02:06:91:21:ad:98:ee:d7:5a:60:f0:d5:a4:e1:
a5:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:A7:42:F0:23:B0:C4:01:A2:BC:7C:30:07:29:EE:92:CA:B8:71:77
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/96dC8COwxAGivHwwBynuksq4cXc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a8:dc:49:52:55:e4:c5:bc:2b:d3:84:95:63:25:79:fb:5f:d4:
06:f3:e2:9d:46:8c:c4:d1:b2:59:b2:c7:d3:20:48:42:5a:97:
9e:e4:d3:19:60:fc:0a:c8:ef:c3:01:94:ea:2a:14:f1:37:ec:
e3:e3:d0:03:12:dd:01:3b:f4:fc:aa:3c:b4:04:91:b8:bc:8d:
c2:7b:02:6b:a0:26:9b:0e:b8:89:99:42:c9:3f:6d:35:7e:ee:
17:bb:c3:c0:0f:1a:0a:c6:bd:c5:ef:4e:d9:7f:5c:65:45:c6:
87:da:8c:03:52:50:22:53:31:59:36:b6:f8:45:cd:f9:e9:7c:
3b:09:e2:37:fd:31:47:4c:cb:5c:93:2b:d8:8b:f1:a4:c9:c8:
c8:c6:41:ea:13:55:78:4f:17:15:a5:1d:a1:2c:92:d4:e0:47:
65:9c:ca:a0:4e:62:37:30:b1:86:50:22:4b:9e:2e:5f:5d:47:
ec:05:e9:74:0f:3d:67:de:ae:dd:58:93:68:ad:72:b0:b5:a9:
91:c8:52:fd:f3:9b:3f:f3:f4:a4:4a:df:14:a0:4a:a4:17:e2:
a0:6a:22:7d:5c:50:77:d8:69:b0:d6:51:fd:e4:40:ce:2f:b6:
d7:a5:f2:02:d7:3d:ed:4a:33:6e:42:07:0b:14:95:18:0d:8d:
93:41:dd:a2
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICG2AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDIy
MzI0MTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY3QTc0MkYwMjNCMEM0
MDFBMkJDN0MzMDA3MjlFRTkyQ0FCODcxNzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwpuQjifHtgZL0/d1i7oQSF44wKwBwRcEOj7f1qQv6m3DjA0JW
uQoZtGE4bhIyexEfboe/pfXEDGn1X4pIpiPMhpWSd49Kxx3pG6cGTQR0cnbZVrNt
ja5IbGTYdrany1Gxcm1pmmNKx/bbwLtzjOQz0rFyP8/tMspXSv2hPoNZS9LvyWRA
6YiG8UW/ziTCAuTs+6Ow3r68O7Ep5SMP8XwUiFimbaC+Ai4T25i83qNKXnv0v3Hh
1HDTIdPomPcezDZTzVlVlHutYi4Q3/+wkhxLvRV+U53shfrAE8Hl5NXbTHQJomf3
Wr8gAY+7QQD31jECBpEhrZju11pg8NWk4aVlAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU96dC8COwxAGivHwwBynuksq4cXcwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzk2ZEM4Q093eEFHaXZI
d3dCeW51a3NxNGNYYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAqNxJUlXkxbwr04SVYyV5+1/UBvPinUaM
xNGyWbLH0yBIQlqXnuTTGWD8CsjvwwGU6ioU8Tfs4+PQAxLdATv0/Ko8tASRuLyN
wnsCa6Ammw64iZlCyT9tNX7uF7vDwA8aCsa9xe9O2X9cZUXGh9qMA1JQIlMxWTa2
+EXN+el8OwniN/0xR0zLXJMr2IvxpMnIyMZB6hNVeE8XFaUdoSyS1OBHZZzKoE5i
NzCxhlAiS54uX11H7AXpdA89Z96u3ViTaK1ysLWpkchS/fObP/P0pErfFKBKpBfi
oGoifVxQd9hpsNZR/eRAzi+216XyAtc97UozbkIHCxSVGA2Nk0Hdog==
-----END CERTIFICATE-----
Generated at Fri May 3 02:21:42 2024 by rpki-client on console-ams.rpki-client.org