Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/9lw83ztkfYcNfGem_6mvbtQ7kAI.roa
File: 9lw83ztkfYcNfGem_6mvbtQ7kAI.roa (raw, json)
Hash identifier: yIodVzq/XN+ogMCczkmeru7NwE30fvoMQ3Dl5v+dvmU=
Subject key identifier: F6:5C:3C:DF:3B:64:7D:87:0D:7C:67:A6:FF:A9:AF:6E:D4:3B:90:02
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1BF6
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/9lw83ztkfYcNfGem_6mvbtQ7kAI.roa
Signing time: Sat 04 May 2024 12:54:23 +0000
ROA not before: Sat 04 May 2024 12:54:23 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7158 (0x1bf6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 4 12:54:23 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F65C3CDF3B647D870D7C67A6FFA9AF6ED43B9002
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:bc:1f:f9:5f:19:58:23:bc:59:a0:d3:e2:75:
9e:07:8b:f2:98:fc:03:1b:86:64:33:39:14:ce:e1:
c7:02:87:a4:74:27:94:df:44:8b:5c:1e:ee:6f:a9:
7b:8c:8f:e9:4c:a3:d3:fd:9a:7c:59:b9:69:f1:0c:
41:c9:2b:cf:ff:56:f5:61:aa:69:a7:a6:cd:32:e9:
b3:fd:95:5f:d8:fb:b0:67:0a:bf:f3:29:64:4f:6b:
ea:68:0f:51:92:1c:b8:1c:2e:f6:24:35:2e:b9:2d:
cd:f2:12:5f:d9:93:09:7e:4f:4e:f5:66:38:97:c1:
dc:7a:00:4e:be:d8:0d:bb:ef:9b:91:f7:69:c1:c8:
0b:29:4e:75:58:c8:3b:97:08:90:77:20:86:fe:20:
19:8c:02:20:a7:73:94:dd:18:fc:6f:50:69:16:8b:
bb:79:6a:f3:ac:30:7b:cb:ef:4d:0f:21:ba:a8:25:
22:70:19:ea:b6:e8:d4:ba:6d:6b:19:5c:b3:98:1b:
22:f8:9e:5d:94:5e:bb:3f:27:75:d2:8f:a1:74:96:
54:3a:6d:b9:76:fb:e1:dc:04:7a:56:0e:f1:e3:e0:
1f:9b:65:78:aa:4f:5d:d9:70:ff:8c:b0:74:2d:25:
76:00:56:5f:34:95:d8:cd:14:76:d1:06:2a:a0:62:
d8:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:5C:3C:DF:3B:64:7D:87:0D:7C:67:A6:FF:A9:AF:6E:D4:3B:90:02
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/9lw83ztkfYcNfGem_6mvbtQ7kAI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ab:91:0f:e2:f4:30:62:8a:39:5d:03:05:db:2a:8e:2d:b0:7a:
85:7d:b1:cc:dd:a9:97:5e:a0:fa:ea:fe:36:34:72:46:dc:ed:
a6:25:07:c0:28:ba:ae:b7:e5:42:e0:b2:40:b4:ef:c6:1f:a0:
e4:d1:87:3e:6a:02:c5:98:10:aa:71:b0:a0:93:c5:d9:83:26:
c1:b9:d5:81:92:7b:d3:63:ab:03:10:4a:76:cc:6d:ae:e1:9a:
15:45:fb:86:8c:eb:8f:a5:59:e5:b9:80:43:13:d9:be:88:e0:
f0:e4:14:2d:c9:f9:75:6e:6c:05:99:3b:0e:4a:dc:f5:46:c1:
11:00:3b:69:cc:dc:1d:da:97:ae:46:f1:25:a9:31:c9:b8:18:
89:59:a4:35:55:23:ab:78:09:02:41:ec:eb:0b:1f:3c:d1:ab:
8f:4e:b9:9b:32:6c:5a:8e:14:77:da:d9:43:93:71:b1:a9:4b:
e2:27:d5:74:c1:ff:41:8c:c0:df:7c:a8:94:56:b5:2c:97:63:
d1:6e:62:b8:14:56:b1:47:a5:0f:95:32:2b:cc:21:70:df:99:
f0:f5:5f:6f:6e:ea:77:5d:6c:a1:7e:cd:ca:25:09:3f:41:73:
51:82:69:db:56:6f:b8:ca:36:13:e6:61:e4:b8:d8:e8:0a:52:
05:4b:84:58
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICG/YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDQx
MjU0MjNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY2NUMzQ0RGM0I2NDdE
ODcwRDdDNjdBNkZGQTlBRjZFRDQzQjkwMDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5vB/5XxlYI7xZoNPidZ4Hi/KY/AMbhmQzORTO4ccCh6R0J5Tf
RItcHu5vqXuMj+lMo9P9mnxZuWnxDEHJK8//VvVhqmmnps0y6bP9lV/Y+7BnCr/z
KWRPa+poD1GSHLgcLvYkNS65Lc3yEl/Zkwl+T071ZjiXwdx6AE6+2A2775uR92nB
yAspTnVYyDuXCJB3IIb+IBmMAiCnc5TdGPxvUGkWi7t5avOsMHvL700PIbqoJSJw
Geq26NS6bWsZXLOYGyL4nl2UXrs/J3XSj6F0llQ6bbl2++HcBHpWDvHj4B+bZXiq
T13ZcP+MsHQtJXYAVl80ldjNFHbRBiqgYtgNAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU9lw83ztkfYcNfGem/6mvbtQ7kAIwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzlsdzgzenRrZlljTmZH
ZW1fNm12YnRRN2tBSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAq5EP4vQwYoo5XQMF2yqOLbB6hX2xzN2p
l16g+ur+NjRyRtztpiUHwCi6rrflQuCyQLTvxh+g5NGHPmoCxZgQqnGwoJPF2YMm
wbnVgZJ702OrAxBKdsxtruGaFUX7hozrj6VZ5bmAQxPZvojg8OQULcn5dW5sBZk7
Dkrc9UbBEQA7aczcHdqXrkbxJakxybgYiVmkNVUjq3gJAkHs6wsfPNGrj065mzJs
Wo4Ud9rZQ5NxsalL4ifVdMH/QYzA33yolFa1LJdj0W5iuBRWsUelD5UyK8whcN+Z
8PVfb27qd11soX7NyiUJP0FzUYJp21ZvuMo2E+Zh5LjY6ApSBUuEWA==
-----END CERTIFICATE-----
Generated at Sat May 4 15:08:07 2024 by rpki-client on console-ams.rpki-client.org