Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/AFcAL0jBMrUq-oust8_pqCoy0o4.roa
File: AFcAL0jBMrUq-oust8_pqCoy0o4.roa (raw, json)
Hash identifier: yUKzzVdPjEUaVjOdGoGF3d6kW5pUmoqgm0t07eKQ4qY=
Subject key identifier: 00:57:00:2F:48:C1:32:B5:2A:FA:8B:AC:B7:CF:E9:A8:2A:32:D2:8E
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1C7C
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/AFcAL0jBMrUq-oust8_pqCoy0o4.roa
Signing time: Sun 05 May 2024 22:24:20 +0000
ROA not before: Sun 05 May 2024 22:24:20 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7292 (0x1c7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 5 22:24:20 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0057002F48C132B52AFA8BACB7CFE9A82A32D28E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:83:ea:06:33:f1:0c:89:8d:93:44:2a:1d:cc:
7b:f4:5d:4b:ea:cd:ad:2c:0b:9f:a4:4f:cf:bb:6b:
9c:82:5f:2c:71:3e:c3:1b:ee:09:b5:3e:f6:ea:2a:
e0:a6:7f:fc:8e:8b:a2:1f:c8:aa:d5:b1:6f:d2:2b:
7b:d2:a6:70:e2:15:89:cf:92:d8:d0:77:64:a7:d1:
d4:8b:b5:ef:93:d8:fb:64:e1:df:ff:b5:72:ae:b0:
f1:a0:d5:84:8c:c2:54:7f:4c:56:59:75:bb:a0:f3:
fe:3f:27:a4:8d:5c:5c:e7:61:17:81:cc:92:04:bf:
81:70:3c:a6:86:19:f1:1d:be:55:4d:5b:ea:e5:c9:
b0:21:12:7e:e1:90:7e:17:88:f6:57:88:bc:96:14:
2a:69:3a:f0:c2:25:e9:cc:67:ac:18:1f:ca:b9:a3:
4e:33:02:78:c7:af:e6:a2:3b:f8:17:47:66:86:af:
7c:ba:b3:45:e4:da:ef:84:88:2f:66:08:f6:95:5f:
49:30:aa:33:1a:ef:97:44:44:9e:60:e9:aa:cf:3d:
68:a5:c6:c3:da:3b:f1:de:2c:6b:4c:e3:29:4f:4b:
6a:c8:a3:95:c5:f6:ae:90:15:2a:72:6e:fa:c5:b4:
1c:10:01:aa:a9:67:75:7a:98:4a:9b:39:35:43:18:
2a:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:57:00:2F:48:C1:32:B5:2A:FA:8B:AC:B7:CF:E9:A8:2A:32:D2:8E
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/AFcAL0jBMrUq-oust8_pqCoy0o4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3b:b7:83:77:ba:63:e8:6d:b4:af:3f:41:a3:f3:6e:b2:6b:29:
90:13:b8:f9:99:0f:00:f1:46:a9:47:8e:40:ee:b6:aa:75:aa:
62:61:68:7e:d1:bf:ce:a2:93:8f:a1:ab:87:b0:cc:9e:ba:bb:
dd:38:c1:2c:f7:8c:ce:58:3d:be:f9:18:6b:03:11:d8:f5:7c:
75:1b:2a:1f:cf:24:4f:2b:9a:b2:69:b7:49:f6:21:0c:bd:0d:
77:fe:cf:9e:fa:52:eb:e0:5a:76:f4:59:a0:0c:c2:a7:46:40:
57:3b:3f:39:60:15:a9:94:3c:1c:89:47:5b:7c:f3:50:8b:74:
73:1d:e4:42:12:33:57:41:97:9a:96:3b:f2:91:a2:9a:24:c9:
0a:49:31:48:34:90:8d:55:32:f5:82:35:68:8c:8b:0c:53:b1:
ea:13:0b:da:41:64:c1:13:45:b9:16:46:87:31:59:33:b8:ad:
5b:d3:ff:4f:7e:36:34:e1:ce:0c:ff:17:05:c4:fc:6b:c6:19:
96:f6:a5:48:bf:d4:09:eb:83:a0:ba:be:db:46:68:f9:21:7c:
64:98:51:b4:f7:af:8f:1c:ce:a2:43:5e:b7:89:9e:01:73:a7:
0d:dd:b1:5a:0c:63:a6:9e:fe:0f:7f:5f:2b:a3:a8:55:03:b0:
21:8d:e8:ec
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICHHwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDUy
MjI0MjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDAwNTcwMDJGNDhDMTMy
QjUyQUZBOEJBQ0I3Q0ZFOUE4MkEzMkQyOEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0g+oGM/EMiY2TRCodzHv0XUvqza0sC5+kT8+7a5yCXyxxPsMb
7gm1PvbqKuCmf/yOi6IfyKrVsW/SK3vSpnDiFYnPktjQd2Sn0dSLte+T2Ptk4d//
tXKusPGg1YSMwlR/TFZZdbug8/4/J6SNXFznYReBzJIEv4FwPKaGGfEdvlVNW+rl
ybAhEn7hkH4XiPZXiLyWFCppOvDCJenMZ6wYH8q5o04zAnjHr+aiO/gXR2aGr3y6
s0Xk2u+EiC9mCPaVX0kwqjMa75dERJ5g6arPPWilxsPaO/HeLGtM4ylPS2rIo5XF
9q6QFSpybvrFtBwQAaqpZ3V6mEqbOTVDGCpnAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUAFcAL0jBMrUq+oust8/pqCoy0o4wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0FGY0FMMGpCTXJVcS1v
dXN0OF9wcUNveTBvNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAO7eDd7pj6G20rz9Bo/NusmspkBO4+ZkP
APFGqUeOQO62qnWqYmFoftG/zqKTj6Grh7DMnrq73TjBLPeMzlg9vvkYawMR2PV8
dRsqH88kTyuasmm3SfYhDL0Nd/7PnvpS6+BadvRZoAzCp0ZAVzs/OWAVqZQ8HIlH
W3zzUIt0cx3kQhIzV0GXmpY78pGimiTJCkkxSDSQjVUy9YI1aIyLDFOx6hML2kFk
wRNFuRZGhzFZM7itW9P/T342NOHODP8XBcT8a8YZlvalSL/UCeuDoLq+20Zo+SF8
ZJhRtPevjxzOokNet4meAXOnDd2xWgxjpp7+D39fK6OoVQOwIY3o7A==
-----END CERTIFICATE-----
Generated at Sun May 5 23:35:07 2024 by rpki-client on console-fra.rpki-client.org