Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/ANYZyLyhz7Z86oOoe8yhlcC3xBE.roa
File: ANYZyLyhz7Z86oOoe8yhlcC3xBE.roa (raw, json)
Hash identifier: QYpUVG4DeC2b/sYJf9LH1ht5KHjNFQ5dPdN36vFB4VA=
Subject key identifier: 00:D6:19:C8:BC:A1:CF:B6:7C:EA:83:A8:7B:CC:A1:95:C0:B7:C4:11
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1396
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/ANYZyLyhz7Z86oOoe8yhlcC3xBE.roa
Signing time: Fri 12 Apr 2024 04:53:11 +0000
ROA not before: Fri 12 Apr 2024 04:53:11 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5014 (0x1396)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 12 04:53:11 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=00D619C8BCA1CFB67CEA83A87BCCA195C0B7C411
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:44:22:19:d4:72:34:ac:87:55:3f:1e:a3:0a:
11:31:a8:51:e9:10:f0:3c:f8:f0:63:e4:27:04:96:
73:32:26:df:0b:fb:69:2e:83:32:09:f8:7d:06:0c:
b2:f5:b4:c2:84:bc:8c:34:ff:0c:2e:fc:ab:74:ff:
b4:6d:74:5c:19:ea:b0:98:d3:bf:61:4f:7c:fa:68:
5b:58:47:c0:c6:14:35:e3:c2:60:44:62:3e:ab:be:
e4:a4:29:7b:4c:14:d5:a8:e1:90:36:85:61:48:97:
37:05:b2:2a:03:5f:27:e7:2c:cf:35:9a:a5:ae:d5:
3a:a6:27:84:bf:e8:af:d4:d1:57:e4:4c:6b:b8:7f:
f2:10:aa:b6:65:8b:35:67:b7:7c:e2:7d:48:fb:34:
9f:6a:e0:d9:f9:93:72:6e:61:7f:76:33:69:15:90:
92:e4:63:00:87:ef:7f:f9:65:06:66:7f:a9:27:16:
90:0b:f9:42:bf:8b:35:eb:2a:13:6d:31:1c:46:17:
1c:a1:b3:fd:8b:94:b3:80:d0:31:97:81:87:15:6d:
72:d6:7a:70:e0:28:ad:5b:db:47:3e:cd:de:21:1e:
28:ea:ec:23:7e:11:1f:d4:06:84:b1:16:51:78:ca:
51:cd:c0:7c:2d:a0:e5:e0:68:ca:bf:24:cd:de:a2:
8b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:D6:19:C8:BC:A1:CF:B6:7C:EA:83:A8:7B:CC:A1:95:C0:B7:C4:11
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/ANYZyLyhz7Z86oOoe8yhlcC3xBE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4a:a4:b3:8f:f9:53:96:fa:22:da:8b:a6:07:de:08:bf:1b:4c:
b4:fe:ce:3c:f3:86:eb:db:8c:a0:80:ed:af:b0:86:3a:4f:fe:
bb:70:97:1a:7c:25:a6:d8:cd:43:fe:a7:70:95:24:76:c1:7d:
f4:ae:4c:10:ec:f8:f5:02:62:4f:cb:17:4a:e8:d5:83:7d:7c:
4e:07:a5:a9:db:dd:2b:a5:1d:b5:ab:81:36:1d:08:f2:f3:0d:
60:6e:94:b7:02:7d:b0:06:89:9f:f2:38:4f:76:6f:24:73:39:
d0:28:67:2d:94:0e:2c:18:8d:ea:b7:93:03:b9:80:15:81:47:
cb:65:d1:bc:de:c2:91:5f:90:41:1a:85:9f:b5:45:f4:d6:29:
df:02:73:c9:bf:6d:1a:17:5e:96:ae:f7:20:e8:a6:a7:5d:1b:
54:8e:c5:f1:77:6a:f2:60:9a:ab:51:2e:ed:e0:54:33:72:a0:
44:fc:54:c5:9f:3b:68:fc:3b:00:72:77:87:83:78:39:a8:12:
ad:ea:f7:25:7e:ce:3e:65:78:1c:7c:e4:30:9d:6b:c5:74:91:
ed:1e:0b:24:e3:5d:fa:4d:9f:61:c1:f4:07:6d:45:d4:78:9b:
14:25:a9:03:69:fc:53:f4:79:30:bf:17:3d:58:b2:53:e1:b9:
54:ca:bb:0b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICE5YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTIw
NDUzMTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDAwRDYxOUM4QkNBMUNG
QjY3Q0VBODNBODdCQ0NBMTk1QzBCN0M0MTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSRCIZ1HI0rIdVPx6jChExqFHpEPA8+PBj5CcElnMyJt8L+2ku
gzIJ+H0GDLL1tMKEvIw0/wwu/Kt0/7RtdFwZ6rCY079hT3z6aFtYR8DGFDXjwmBE
Yj6rvuSkKXtMFNWo4ZA2hWFIlzcFsioDXyfnLM81mqWu1TqmJ4S/6K/U0VfkTGu4
f/IQqrZlizVnt3zifUj7NJ9q4Nn5k3JuYX92M2kVkJLkYwCH73/5ZQZmf6knFpAL
+UK/izXrKhNtMRxGFxyhs/2LlLOA0DGXgYcVbXLWenDgKK1b20c+zd4hHijq7CN+
ER/UBoSxFlF4ylHNwHwtoOXgaMq/JM3eoospAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUANYZyLyhz7Z86oOoe8yhlcC3xBEwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0FOWVp5THloejdaODZv
T29lOHlobGNDM3hCRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEASqSzj/lTlvoi2oumB94IvxtMtP7OPPOG
69uMoIDtr7CGOk/+u3CXGnwlptjNQ/6ncJUkdsF99K5MEOz49QJiT8sXSujVg318
TgelqdvdK6UdtauBNh0I8vMNYG6UtwJ9sAaJn/I4T3ZvJHM50ChnLZQOLBiN6reT
A7mAFYFHy2XRvN7CkV+QQRqFn7VF9NYp3wJzyb9tGhdelq73IOimp10bVI7F8Xdq
8mCaq1Eu7eBUM3KgRPxUxZ87aPw7AHJ3h4N4OagSrer3JX7OPmV4HHzkMJ1rxXSR
7R4LJONd+k2fYcH0B21F1HibFCWpA2n8U/R5ML8XPViyU+G5VMq7Cw==
-----END CERTIFICATE-----
Generated at Fri Apr 12 12:38:47 2024 by rpki-client on console-fra.rpki-client.org