Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/CHj7D0Zd8GnIia5RfR8xBdZm0N4.roa
File: CHj7D0Zd8GnIia5RfR8xBdZm0N4.roa (raw, json)
Hash identifier: H3kHZoyGBkQgIaWMlwt6BOtYg94JPXvIh5fsqOqZ1sQ=
Subject key identifier: 08:78:FB:0F:46:5D:F0:69:C8:89:AE:51:7D:1F:31:05:D6:66:D0:DE
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 13E2
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/CHj7D0Zd8GnIia5RfR8xBdZm0N4.roa
Signing time: Fri 12 Apr 2024 23:53:17 +0000
ROA not before: Fri 12 Apr 2024 23:53:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5090 (0x13e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 12 23:53:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0878FB0F465DF069C889AE517D1F3105D666D0DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:02:39:40:50:ec:4a:06:ae:32:ba:5e:69:af:
6c:ea:db:5e:82:8b:55:fc:d8:6a:b3:9f:5c:aa:6f:
94:a0:e4:d4:9b:4b:a8:e4:3b:39:f8:d1:1b:40:fc:
51:d8:7d:4d:30:7f:45:48:a9:64:4d:d3:2b:b1:92:
cb:81:5a:40:57:80:da:6d:f3:22:22:a1:5a:cb:aa:
20:60:00:bd:94:d4:06:d0:08:2c:e7:0f:79:59:3d:
1c:7c:68:79:aa:7e:0c:8a:06:37:d0:dc:a7:26:16:
18:9c:1c:17:fb:7a:80:93:c8:b6:9f:e6:bc:ae:3a:
00:e0:87:a8:c9:e8:34:ac:82:b5:44:27:ba:1e:8e:
ee:22:27:22:f9:37:ef:e7:a6:0c:27:35:aa:f6:4f:
fa:e4:3c:0c:70:95:a1:4e:4c:7b:fa:32:10:f7:8f:
40:11:a5:e8:53:9e:04:d5:33:f9:f0:18:b3:81:d4:
94:9a:93:a7:19:02:b5:1c:7a:85:f6:cb:77:68:4d:
c0:2c:ab:6b:3f:5f:0e:1b:5e:fe:c3:07:e3:09:02:
91:65:dd:e4:ad:81:59:37:a5:4d:1d:b0:d1:95:c7:
0b:76:03:1b:f8:d1:7b:d9:5d:88:f9:69:ef:c1:17:
88:41:3a:80:01:3d:65:42:d4:b0:0c:b6:81:31:0b:
87:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:78:FB:0F:46:5D:F0:69:C8:89:AE:51:7D:1F:31:05:D6:66:D0:DE
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/CHj7D0Zd8GnIia5RfR8xBdZm0N4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
28:27:59:5d:72:63:a0:d5:f4:77:a0:36:27:a4:56:36:1f:c5:
46:17:93:61:33:d5:ca:56:eb:ae:8e:b1:d7:14:b2:93:b0:d4:
47:6b:da:bc:6c:69:3b:6e:45:c3:ef:62:7f:97:4d:3d:2e:0e:
0c:9a:c0:a3:21:a4:79:a2:d7:88:b7:dc:d0:38:54:2c:d9:28:
b8:73:4b:0c:3c:dc:98:19:f1:ed:4c:55:67:61:e3:e4:88:a3:
91:d2:40:84:2a:55:94:e5:97:49:02:8b:e8:a3:40:7f:1b:49:
6e:43:cf:7d:52:b6:25:bf:a0:83:67:64:1f:85:44:0e:11:42:
06:21:98:f2:74:c4:cd:6c:7d:00:36:ea:76:60:8e:87:02:b4:
77:a4:af:2e:69:96:e6:87:3f:22:7e:1b:6f:86:79:0d:7c:2e:
e8:f8:5c:bd:72:2a:75:d2:93:17:62:27:b3:7f:6d:db:bf:04:
bd:f3:35:d4:e1:52:fc:05:66:26:a7:7a:59:df:87:60:c4:bf:
70:e9:3b:94:99:6c:79:e2:ee:f5:44:07:fa:14:b1:4b:52:8f:
68:39:42:1b:ad:43:f6:9f:52:dd:5b:64:ee:e8:10:84:7f:ac:
f0:0d:76:89:3d:ef:4d:c5:6a:e4:52:6d:42:17:dc:92:40:74:
4a:5d:2e:ba
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICE+IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTIy
MzUzMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA4NzhGQjBGNDY1REYw
NjlDODg5QUU1MTdEMUYzMTA1RDY2NkQwREUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1AjlAUOxKBq4yul5pr2zq216Ci1X82Gqzn1yqb5Sg5NSbS6jk
Ozn40RtA/FHYfU0wf0VIqWRN0yuxksuBWkBXgNpt8yIioVrLqiBgAL2U1AbQCCzn
D3lZPRx8aHmqfgyKBjfQ3KcmFhicHBf7eoCTyLaf5ryuOgDgh6jJ6DSsgrVEJ7oe
ju4iJyL5N+/npgwnNar2T/rkPAxwlaFOTHv6MhD3j0ARpehTngTVM/nwGLOB1JSa
k6cZArUceoX2y3doTcAsq2s/Xw4bXv7DB+MJApFl3eStgVk3pU0dsNGVxwt2Axv4
0XvZXYj5ae/BF4hBOoABPWVC1LAMtoExC4ddAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUCHj7D0Zd8GnIia5RfR8xBdZm0N4wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0NIajdEMFpkOEduSWlh
NVJmUjh4QmRabTBONC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAKCdZXXJjoNX0d6A2J6RWNh/FRheTYTPV
ylbrro6x1xSyk7DUR2vavGxpO25Fw+9if5dNPS4ODJrAoyGkeaLXiLfc0DhULNko
uHNLDDzcmBnx7UxVZ2Hj5IijkdJAhCpVlOWXSQKL6KNAfxtJbkPPfVK2Jb+gg2dk
H4VEDhFCBiGY8nTEzWx9ADbqdmCOhwK0d6SvLmmW5oc/In4bb4Z5DXwu6PhcvXIq
ddKTF2Ins39t278EvfM11OFS/AVmJqd6Wd+HYMS/cOk7lJlseeLu9UQH+hSxS1KP
aDlCG61D9p9S3Vtk7ugQhH+s8A12iT3vTcVq5FJtQhfckkB0Sl0uug==
-----END CERTIFICATE-----
Generated at Sat Apr 13 02:09:09 2024 by rpki-client on console-fra.rpki-client.org