Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/AVPPTHnfzvSze3yyclPFFZHIrao.roa
File: AVPPTHnfzvSze3yyclPFFZHIrao.roa (raw, json)
Hash identifier: kVF4evvgxm1UteFtoRiy8/G/Qzar1m+RbYieknHDWyI=
Subject key identifier: 01:53:CF:4C:79:DF:CE:F4:B3:7B:7C:B2:72:53:C5:15:91:C8:AD:AA
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1186
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/AVPPTHnfzvSze3yyclPFFZHIrao.roa
Signing time: Sat 06 Apr 2024 16:52:58 +0000
ROA not before: Sat 06 Apr 2024 16:52:58 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4486 (0x1186)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 6 16:52:58 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0153CF4C79DFCEF4B37B7CB27253C51591C8ADAA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1f:c5:f8:17:14:5f:94:41:49:c5:82:76:9e:
44:6a:b8:56:87:e2:53:29:85:f0:cf:e3:a0:c7:cf:
2e:86:4f:0e:9c:9d:95:ef:38:31:2e:88:b7:41:2e:
85:18:c2:4c:ec:43:5f:d1:c8:46:4b:6d:78:d7:db:
f9:07:91:7e:0c:d1:61:6a:90:98:ab:ac:ab:5d:a6:
b8:46:3f:a5:ed:19:64:13:54:b5:3b:94:4c:b8:00:
38:d9:08:2d:7b:a0:45:9e:4b:6f:67:f0:66:78:5a:
45:b5:b7:96:a1:12:17:61:b8:f6:25:c4:27:82:61:
0c:58:24:ec:cb:ac:63:b8:a2:e8:1a:41:64:72:95:
7b:cc:34:ad:c6:d8:4e:8a:31:d9:69:55:b8:1e:f3:
0c:20:09:1e:64:d5:fd:b3:70:7b:ea:3c:51:e4:b6:
0a:04:d7:54:66:02:85:4c:96:79:17:d5:57:68:6c:
6b:1e:64:51:3b:d6:8c:2e:a6:51:b5:5f:4f:84:d7:
e9:73:6a:cf:44:83:3a:14:21:62:36:2c:04:cb:95:
46:ea:28:48:33:f3:a0:cb:72:27:26:f1:bb:cb:d6:
b5:0a:90:1c:57:3b:80:1c:8d:21:ea:e6:a7:30:c0:
5d:6c:5b:37:4f:99:77:8c:7c:ce:ee:15:4d:f3:12:
82:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:53:CF:4C:79:DF:CE:F4:B3:7B:7C:B2:72:53:C5:15:91:C8:AD:AA
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/AVPPTHnfzvSze3yyclPFFZHIrao.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
57:76:17:dd:c2:95:11:4b:f4:96:4f:74:e8:4b:f4:c8:0f:5f:
b1:8a:95:51:45:e5:f9:4e:51:24:a2:60:06:d2:55:16:ee:6c:
f0:08:50:43:a5:88:18:96:94:b0:75:70:45:67:55:df:bc:ff:
b6:ab:be:f1:f0:46:6a:57:80:36:19:ca:89:54:58:e7:e8:32:
4a:d3:ae:24:08:2f:65:3a:15:f7:82:ef:8d:76:1a:ce:6d:4c:
03:a2:50:06:91:bf:d8:6e:7a:c3:36:19:28:d8:75:74:7b:69:
55:73:6a:cd:89:09:d8:ec:a6:26:b3:a3:04:08:87:7e:1b:46:
66:94:a2:df:2c:e3:ec:53:17:7c:b7:8e:05:71:77:0d:8a:91:
38:c0:a4:d7:96:33:10:a1:9f:bd:04:93:6e:5c:7f:35:be:96:
55:36:f4:3f:ad:55:1d:bc:d1:9d:9d:e8:1b:72:47:b1:25:55:
d5:3b:78:2c:a3:48:ec:50:66:ed:f3:94:73:8b:16:a1:92:92:
4c:60:fd:cd:ac:1a:2b:5e:41:2a:79:41:c1:6c:3c:90:2f:e0:
6f:32:9d:67:21:16:0b:be:4b:78:2e:7f:f7:c1:cb:67:f2:0b:
7a:13:7e:f1:d6:d2:25:78:5a:74:dc:cf:ee:9f:69:4b:26:f2:
31:a7:58:a1
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEYYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDYx
NjUyNThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDAxNTNDRjRDNzlERkNF
RjRCMzdCN0NCMjcyNTNDNTE1OTFDOEFEQUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClH8X4FxRflEFJxYJ2nkRquFaH4lMphfDP46DHzy6GTw6cnZXv
ODEuiLdBLoUYwkzsQ1/RyEZLbXjX2/kHkX4M0WFqkJirrKtdprhGP6XtGWQTVLU7
lEy4ADjZCC17oEWeS29n8GZ4WkW1t5ahEhdhuPYlxCeCYQxYJOzLrGO4ougaQWRy
lXvMNK3G2E6KMdlpVbge8wwgCR5k1f2zcHvqPFHktgoE11RmAoVMlnkX1VdobGse
ZFE71owuplG1X0+E1+lzas9EgzoUIWI2LATLlUbqKEgz86DLcicm8bvL1rUKkBxX
O4AcjSHq5qcwwF1sWzdPmXeMfM7uFU3zEoJXAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUAVPPTHnfzvSze3yyclPFFZHIraowHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0FWUFBUSG5menZTemUz
eXljbFBGRlpISXJhby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAV3YX3cKVEUv0lk906Ev0yA9fsYqVUUXl
+U5RJKJgBtJVFu5s8AhQQ6WIGJaUsHVwRWdV37z/tqu+8fBGaleANhnKiVRY5+gy
StOuJAgvZToV94LvjXYazm1MA6JQBpG/2G56wzYZKNh1dHtpVXNqzYkJ2OymJrOj
BAiHfhtGZpSi3yzj7FMXfLeOBXF3DYqROMCk15YzEKGfvQSTblx/Nb6WVTb0P61V
HbzRnZ3oG3JHsSVV1Tt4LKNI7FBm7fOUc4sWoZKSTGD9zawaK15BKnlBwWw8kC/g
bzKdZyEWC75LeC5/98HLZ/ILehN+8dbSJXhadNzP7p9pSybyMadYoQ==
-----END CERTIFICATE-----
Generated at Sat Apr 6 22:00:30 2024 by rpki-client on console-ams.rpki-client.org