Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/9riwA1eFdWBkm079JWB10Zj_5V8.roa
File: 9riwA1eFdWBkm079JWB10Zj_5V8.roa (raw, json)
Hash identifier: uLrRSQPA7dZqRsC2XHbhHj189epKwRC+8H66JoxFEMk=
Subject key identifier: F6:B8:B0:03:57:85:75:60:64:9B:4E:FD:25:60:75:D1:98:FF:E5:5F
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1808
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/9riwA1eFdWBkm079JWB10Zj_5V8.roa
Signing time: Wed 24 Apr 2024 01:23:39 +0000
ROA not before: Wed 24 Apr 2024 01:23:39 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6152 (0x1808)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 24 01:23:39 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F6B8B00357857560649B4EFD256075D198FFE55F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:34:fa:3a:ef:04:50:6b:a4:a4:ef:ff:84:86:
28:e1:38:dd:48:86:a2:38:87:b6:56:92:af:00:0d:
c6:d6:a5:2f:8e:17:1f:53:d4:fc:06:fa:83:f5:f1:
c7:79:9f:ea:c3:57:b5:ad:19:ac:bd:d6:37:c1:e4:
d9:9e:af:57:6f:ea:68:41:5e:ee:5e:14:6f:51:c6:
7a:b2:1e:d6:a4:6b:b9:3f:9a:9e:e8:ac:e6:fe:31:
1b:5c:07:de:98:1a:cb:e7:82:f1:69:3f:1a:1f:65:
10:48:ef:1a:73:34:fa:ae:4a:63:18:e2:0b:8c:ef:
fc:04:4a:ea:42:b0:b0:dc:52:81:aa:1a:c0:d7:6f:
f1:16:32:38:19:dd:6b:92:56:06:4a:7e:83:00:22:
90:e6:23:81:97:1a:74:a1:10:fb:ce:5b:fc:4b:3c:
d6:fc:10:19:1c:cc:90:8c:00:b4:b9:a8:bd:7d:41:
75:10:2b:78:d1:4f:da:bd:59:40:d6:63:a0:ad:d1:
c0:61:20:fa:20:b7:79:bc:7a:82:4e:4c:32:7e:05:
81:f0:94:ce:d1:c7:3a:39:cf:67:a5:7b:7c:39:e6:
54:1d:d0:a2:f4:a5:46:a4:b2:3b:71:71:df:75:3a:
e7:fe:1d:e1:3e:3e:b6:b8:51:bc:20:69:2b:54:c5:
05:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:B8:B0:03:57:85:75:60:64:9B:4E:FD:25:60:75:D1:98:FF:E5:5F
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/9riwA1eFdWBkm079JWB10Zj_5V8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
63:58:a7:d1:49:8e:86:55:43:16:59:31:fb:23:4d:24:af:cb:
94:30:ab:2f:df:1f:24:9f:6f:10:f5:e5:49:70:23:68:10:28:
c1:c6:1e:38:73:8f:da:c9:d1:76:c0:ec:8e:89:15:e1:4f:ea:
50:cb:da:03:1b:26:05:d1:18:17:87:c3:81:20:da:fe:dc:ab:
f3:ca:83:6b:87:81:db:a7:e9:53:97:7d:27:18:f4:5e:1e:1b:
ea:c1:ce:c8:60:b0:ad:59:21:cd:6d:65:97:aa:27:ce:65:4b:
71:5e:84:10:2f:00:0f:85:46:57:98:b2:8d:7c:02:94:17:cd:
9b:8b:dd:6f:bb:2b:91:df:64:68:ae:02:74:15:07:54:cf:37:
b4:57:7b:f2:b5:89:28:3f:6b:ce:d2:8a:d4:b9:8a:d2:9b:da:
2c:02:5c:0a:3e:1b:ee:ed:f0:5e:19:4c:a2:c5:18:25:fd:9f:
3e:24:c8:a6:fd:df:3f:a1:55:b7:ff:c4:4e:b4:13:58:ee:28:
aa:8a:c6:44:1a:ef:f7:15:1c:18:80:8b:e3:5f:d9:63:e4:d0:
40:55:a5:e3:25:58:11:91:86:ba:c7:66:23:bb:ba:12:d4:fa:
c2:ec:07:08:2e:42:5e:2d:5e:fb:72:d6:ad:25:35:6f:2f:80:
05:b8:8f:c6
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGAgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjQw
MTIzMzlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY2QjhCMDAzNTc4NTc1
NjA2NDlCNEVGRDI1NjA3NUQxOThGRkU1NUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDyNPo67wRQa6Sk7/+EhijhON1IhqI4h7ZWkq8ADcbWpS+OFx9T
1PwG+oP18cd5n+rDV7WtGay91jfB5Nmer1dv6mhBXu5eFG9RxnqyHtaka7k/mp7o
rOb+MRtcB96YGsvngvFpPxofZRBI7xpzNPquSmMY4guM7/wESupCsLDcUoGqGsDX
b/EWMjgZ3WuSVgZKfoMAIpDmI4GXGnShEPvOW/xLPNb8EBkczJCMALS5qL19QXUQ
K3jRT9q9WUDWY6Ct0cBhIPogt3m8eoJOTDJ+BYHwlM7Rxzo5z2ele3w55lQd0KL0
pUaksjtxcd91Ouf+HeE+Pra4UbwgaStUxQUzAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU9riwA1eFdWBkm079JWB10Zj/5V8wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzlyaXdBMWVGZFdCa20w
NzlKV0IxMFpqXzVWOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAY1in0UmOhlVDFlkx+yNNJK/LlDCrL98f
JJ9vEPXlSXAjaBAowcYeOHOP2snRdsDsjokV4U/qUMvaAxsmBdEYF4fDgSDa/tyr
88qDa4eB26fpU5d9Jxj0Xh4b6sHOyGCwrVkhzW1ll6onzmVLcV6EEC8AD4VGV5iy
jXwClBfNm4vdb7srkd9kaK4CdBUHVM83tFd78rWJKD9rztKK1LmK0pvaLAJcCj4b
7u3wXhlMosUYJf2fPiTIpv3fP6FVt//ETrQTWO4oqorGRBrv9xUcGICL41/ZY+TQ
QFWl4yVYEZGGusdmI7u6EtT6wuwHCC5CXi1e+3LWrSU1by+ABbiPxg==
-----END CERTIFICATE-----
Generated at Wed Apr 24 04:43:08 2024 by rpki-client on console-ams.rpki-client.org