Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/9G9sYnUPMm0_IsPl9Yv_3wy1dmQ.roa
File: 9G9sYnUPMm0_IsPl9Yv_3wy1dmQ.roa (raw, json)
Hash identifier: cvG7DdDI/Zrk/rg7DyndGoLvkFIwggAJKjLkbmrpJI0=
Subject key identifier: F4:6F:6C:62:75:0F:32:6D:3F:22:C3:E5:F5:8B:FF:DF:0C:B5:76:64
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1A54
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/9G9sYnUPMm0_IsPl9Yv_3wy1dmQ.roa
Signing time: Tue 30 Apr 2024 04:24:44 +0000
ROA not before: Tue 30 Apr 2024 04:24:44 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6740 (0x1a54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 30 04:24:44 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F46F6C62750F326D3F22C3E5F58BFFDF0CB57664
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:bf:1f:aa:80:f7:55:a8:a6:cf:70:d8:0f:81:
25:09:17:03:95:ba:ca:aa:bf:76:50:60:38:42:c9:
05:be:6b:19:67:0e:a0:09:80:9b:1d:96:b1:af:eb:
ab:24:8f:4a:98:dd:9b:47:fe:16:46:3a:15:38:bc:
ff:87:bc:bb:5c:de:cf:e8:94:94:ef:c4:e0:dc:6f:
26:d4:0b:d7:44:cf:6a:0e:5f:38:f3:63:82:0f:d0:
ca:5b:6f:00:9d:da:27:7e:f4:8d:41:b5:4e:6a:f4:
f7:da:b2:90:6c:56:72:ea:7e:fa:df:01:0f:96:25:
50:a3:ab:b7:8d:c5:a4:27:8d:97:51:2d:58:a0:1e:
6a:01:d8:5c:94:c0:a3:ca:84:75:37:a8:85:c0:32:
ef:d9:f5:e8:5c:98:88:15:be:29:33:2b:4d:1a:41:
f3:94:9c:4d:ac:43:0a:d7:f8:a6:4c:08:7d:21:8b:
cf:51:1a:de:f8:56:db:1c:f4:9a:41:51:25:60:d9:
5f:ce:90:f1:42:7c:24:97:5e:1e:d5:33:13:ad:3d:
c5:4a:74:33:c0:b2:c4:25:5b:53:8e:b3:e9:5e:3f:
69:cb:0c:15:27:1f:63:29:76:ca:b8:b6:30:de:4e:
38:0f:d7:7c:54:f4:94:2d:9e:d6:55:89:bb:10:93:
e0:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:6F:6C:62:75:0F:32:6D:3F:22:C3:E5:F5:8B:FF:DF:0C:B5:76:64
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/9G9sYnUPMm0_IsPl9Yv_3wy1dmQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ba:c4:dd:f0:f5:7c:a5:c3:ba:88:0f:68:fe:39:7a:60:d6:e9:
57:57:3b:82:57:bb:c5:04:ec:69:75:73:15:69:67:3b:0e:ca:
cd:2b:95:08:9a:8e:2f:d0:3a:d4:ec:f4:ab:b8:fa:bf:43:7e:
21:76:e6:2d:ac:20:7c:86:d7:f5:b6:3d:53:5b:5b:1d:1e:81:
f6:ac:fe:62:28:55:76:38:d0:ae:81:b7:74:17:8c:b0:9e:a2:
1d:6c:48:07:45:53:46:f2:38:23:99:52:ea:c0:21:be:a8:fe:
b1:71:10:61:07:cd:4f:ce:aa:64:13:2e:b7:76:0c:fb:1d:50:
db:f5:43:26:04:4f:b2:3e:37:24:13:13:3a:df:5e:ba:b4:41:
e6:7a:cb:fd:80:da:ba:15:aa:74:e5:c6:de:18:e9:2f:f6:ed:
75:eb:65:5e:3c:6d:ba:7f:d8:34:26:d5:73:0b:e2:f7:f0:25:
46:8a:92:b8:cf:eb:e5:12:70:df:e1:c3:65:ac:ec:fa:8d:db:
f8:da:52:5a:5e:c0:97:f3:f8:33:7a:5c:f6:e5:72:3b:69:47:
73:10:38:a0:c8:0f:bc:de:37:e7:f5:9f:b9:93:23:82:97:16:
cb:64:c6:ef:a1:71:61:94:e7:e7:75:df:0b:11:8b:ee:26:91:
25:08:cc:02
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGlQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MzAw
NDI0NDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY0NkY2QzYyNzUwRjMy
NkQzRjIyQzNFNUY1OEJGRkRGMENCNTc2NjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzvx+qgPdVqKbPcNgPgSUJFwOVusqqv3ZQYDhCyQW+axlnDqAJ
gJsdlrGv66skj0qY3ZtH/hZGOhU4vP+HvLtc3s/olJTvxODcbybUC9dEz2oOXzjz
Y4IP0MpbbwCd2id+9I1BtU5q9PfaspBsVnLqfvrfAQ+WJVCjq7eNxaQnjZdRLVig
HmoB2FyUwKPKhHU3qIXAMu/Z9ehcmIgVvikzK00aQfOUnE2sQwrX+KZMCH0hi89R
Gt74Vtsc9JpBUSVg2V/OkPFCfCSXXh7VMxOtPcVKdDPAssQlW1OOs+leP2nLDBUn
H2Mpdsq4tjDeTjgP13xU9JQtntZVibsQk+DhAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU9G9sYnUPMm0/IsPl9Yv/3wy1dmQwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzlHOXNZblVQTW0wX0lz
UGw5WXZfM3d5MWRtUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAusTd8PV8pcO6iA9o/jl6YNbpV1c7gle7
xQTsaXVzFWlnOw7KzSuVCJqOL9A61Oz0q7j6v0N+IXbmLawgfIbX9bY9U1tbHR6B
9qz+YihVdjjQroG3dBeMsJ6iHWxIB0VTRvI4I5lS6sAhvqj+sXEQYQfNT86qZBMu
t3YM+x1Q2/VDJgRPsj43JBMTOt9eurRB5nrL/YDauhWqdOXG3hjpL/btdetlXjxt
un/YNCbVcwvi9/AlRoqSuM/r5RJw3+HDZazs+o3b+NpSWl7Al/P4M3pc9uVyO2lH
cxA4oMgPvN435/WfuZMjgpcWy2TG76FxYZTn53XfCxGL7iaRJQjMAg==
-----END CERTIFICATE-----
Generated at Tue Apr 30 09:36:06 2024 by rpki-client on console-fra.rpki-client.org