Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/9eNTqQyUpCLnwvgil6mw8hzidco.roa
File: 9eNTqQyUpCLnwvgil6mw8hzidco.roa (raw, json)
Hash identifier: cI6c+937+gIkBgszhRl+S59B6XfrGWM8nTZhBdKxTmw=
Subject key identifier: F5:E3:53:A9:0C:94:A4:22:E7:C2:F8:22:97:A9:B0:F2:1C:E2:75:CA
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0F36
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/9eNTqQyUpCLnwvgil6mw8hzidco.roa
Signing time: Sun 31 Mar 2024 12:52:34 +0000
ROA not before: Sun 31 Mar 2024 12:52:34 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3894 (0xf36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 31 12:52:34 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F5E353A90C94A422E7C2F82297A9B0F21CE275CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:34:4e:51:e2:fc:4b:65:f6:cf:62:f3:a5:81:
6c:52:14:27:89:f0:62:09:b9:03:d2:38:a5:66:09:
5a:be:a6:bc:39:ea:b3:b2:41:a1:ec:8f:0e:50:bb:
19:1f:4c:95:c1:6e:23:0f:02:1b:80:d9:19:ab:a2:
7d:48:ea:ea:19:c7:98:6e:61:e4:fe:f4:53:e4:a9:
c9:cf:fe:88:d6:a0:b6:b2:56:91:fa:a6:aa:d0:39:
3e:b9:6a:f7:f3:b3:c5:91:bd:d7:23:36:13:52:f9:
4a:7f:9c:af:37:e0:0e:70:ba:96:de:3f:9a:22:50:
83:07:81:77:19:de:b2:ba:cc:19:ad:43:86:59:69:
69:d3:6c:ab:55:67:20:57:ad:fd:06:19:a6:c3:ba:
89:28:3a:a2:f8:1e:f5:64:5b:69:c7:bb:3d:cb:d7:
87:97:3c:cd:6f:32:16:54:1e:b9:22:7a:fb:e0:dc:
8b:e2:cc:aa:ed:9c:51:2e:01:b9:69:96:88:d2:23:
74:61:ad:58:ad:e3:3a:8f:9b:fe:ba:c5:74:e7:0b:
59:62:4c:15:7e:92:4a:cd:d5:9c:8b:a7:ab:2b:c0:
09:2e:d8:a5:3f:e1:1a:7b:d9:cf:af:00:2b:4b:69:
62:81:41:9b:cb:19:11:6f:f8:cd:ed:bb:2b:17:4b:
9f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:E3:53:A9:0C:94:A4:22:E7:C2:F8:22:97:A9:B0:F2:1C:E2:75:CA
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/9eNTqQyUpCLnwvgil6mw8hzidco.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ca:ef:f4:a6:1b:49:41:15:97:05:94:6b:40:23:74:48:37:4d:
d2:30:3a:40:25:12:b2:95:37:9d:8f:bb:cc:70:d3:4b:76:f7:
ad:bd:09:6a:8a:ae:f7:80:07:67:41:9d:2a:b6:e8:bc:0d:92:
22:5a:93:51:26:2c:e6:8c:41:af:9f:5d:ba:6d:c7:72:4a:2d:
64:94:6c:be:a3:cc:1a:f6:e5:a4:c6:94:6e:cd:53:47:b0:6e:
44:e9:1c:c4:c9:09:2f:70:80:f9:68:30:85:56:e6:d1:26:dc:
a5:5c:91:1c:3d:55:7f:45:db:cf:15:f3:c8:02:72:f2:c6:b9:
97:bd:2c:f2:db:f1:12:53:89:f2:65:9d:d0:4f:22:74:d4:d5:
dc:54:63:8d:f5:7c:11:15:18:51:65:2c:e9:cc:01:bc:75:ed:
1b:6e:d7:4e:fe:2b:c9:50:d8:15:ae:83:9b:ba:2f:ad:45:43:
29:1c:a3:c1:31:de:86:be:8a:d1:e3:c0:83:32:de:a5:d2:0a:
c8:a7:a7:06:57:54:6a:1b:5b:f5:55:a6:1d:86:00:5a:cb:6c:
50:72:c8:a8:73:a2:19:2d:2e:13:9f:a9:33:7b:c3:e5:87:62:
bd:36:b4:42:d6:09:fd:bd:df:ae:d7:df:5b:58:07:bd:fd:85:
b9:14:50:6f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDzYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMzEx
MjUyMzRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY1RTM1M0E5MEM5NEE0
MjJFN0MyRjgyMjk3QTlCMEYyMUNFMjc1Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjNE5R4vxLZfbPYvOlgWxSFCeJ8GIJuQPSOKVmCVq+prw56rOy
QaHsjw5QuxkfTJXBbiMPAhuA2Rmron1I6uoZx5huYeT+9FPkqcnP/ojWoLayVpH6
pqrQOT65avfzs8WRvdcjNhNS+Up/nK834A5wupbeP5oiUIMHgXcZ3rK6zBmtQ4ZZ
aWnTbKtVZyBXrf0GGabDuokoOqL4HvVkW2nHuz3L14eXPM1vMhZUHrkievvg3Ivi
zKrtnFEuAblplojSI3RhrVit4zqPm/66xXTnC1liTBV+kkrN1ZyLp6srwAku2KU/
4Rp72c+vACtLaWKBQZvLGRFv+M3tuysXS59nAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU9eNTqQyUpCLnwvgil6mw8hzidcowHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzllTlRxUXlVcENMbnd2
Z2lsNm13OGh6aWRjby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAyu/0phtJQRWXBZRrQCN0SDdN0jA6QCUS
spU3nY+7zHDTS3b3rb0Jaoqu94AHZ0GdKrbovA2SIlqTUSYs5oxBr59dum3Hckot
ZJRsvqPMGvblpMaUbs1TR7BuROkcxMkJL3CA+WgwhVbm0SbcpVyRHD1Vf0XbzxXz
yAJy8sa5l70s8tvxElOJ8mWd0E8idNTV3FRjjfV8ERUYUWUs6cwBvHXtG27XTv4r
yVDYFa6Dm7ovrUVDKRyjwTHehr6K0ePAgzLepdIKyKenBldUahtb9VWmHYYAWsts
UHLIqHOiGS0uE5+pM3vD5YdivTa0QtYJ/b3frtffW1gHvf2FuRRQbw==
-----END CERTIFICATE-----
Generated at Sun Mar 31 16:34:07 2024 by rpki-client on console-fra.rpki-client.org