Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/CZfCjgAc7I6VS1fUMuNfWoMZj70.roa
File: CZfCjgAc7I6VS1fUMuNfWoMZj70.roa (raw, json)
Hash identifier: 4qT4SoLdtYPwhT+0cbdMNKH/uaQQM3wWYF4zKoT6KJs=
Subject key identifier: 09:97:C2:8E:00:1C:EC:8E:95:4B:57:D4:32:E3:5F:5A:83:19:8F:BD
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 13D8
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/CZfCjgAc7I6VS1fUMuNfWoMZj70.roa
Signing time: Fri 12 Apr 2024 21:23:13 +0000
ROA not before: Fri 12 Apr 2024 21:23:13 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5080 (0x13d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 12 21:23:13 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0997C28E001CEC8E954B57D432E35F5A83198FBD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8c:3a:60:84:3d:0d:4d:a2:7a:fc:ba:7e:3e:
8f:67:29:e2:7f:20:f2:9d:b6:5f:bd:82:5f:11:e9:
55:a4:d2:fe:40:66:47:09:02:2b:8d:e7:e6:e2:f1:
8f:ca:7d:7f:91:2a:0d:bf:cc:fe:47:66:d4:06:03:
5a:dd:d6:44:e9:9b:30:29:a1:47:f0:23:6f:c8:55:
08:f6:f5:8d:87:89:ca:d7:96:01:36:e0:c9:26:5e:
d6:73:f4:62:34:2b:90:57:6b:f3:a1:0c:9d:c6:8d:
c8:68:50:e7:06:26:58:5b:15:4b:9b:4f:60:9a:9e:
9c:2b:c4:f2:94:a1:eb:a9:ac:c9:b6:61:5f:04:9b:
e6:7e:f3:06:d7:b9:5e:fc:4b:76:cc:db:af:86:52:
d4:b5:5c:ed:46:09:e8:7a:9d:8f:e9:f2:a3:49:86:
e2:c6:29:44:0f:80:5d:55:ef:88:75:6a:d8:82:4b:
63:da:43:eb:7e:c7:5e:01:92:70:ea:f4:42:f7:c8:
43:39:6e:4e:fb:c9:79:de:34:4e:a2:34:9f:c3:cb:
2f:bc:81:92:4a:77:a3:fb:90:a7:41:89:2a:f7:db:
6a:42:b6:69:d9:32:ce:91:10:c5:89:43:57:b8:e9:
83:90:4e:35:62:bf:0e:fa:5f:67:0b:49:54:1d:31:
80:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:97:C2:8E:00:1C:EC:8E:95:4B:57:D4:32:E3:5F:5A:83:19:8F:BD
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/CZfCjgAc7I6VS1fUMuNfWoMZj70.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c7:76:98:5b:42:47:b4:c1:06:38:cb:ef:39:1c:7b:f4:0b:5f:
37:b3:fb:39:db:85:8d:a4:7d:ea:08:12:ae:68:fb:ca:93:84:
97:ad:89:c4:b5:43:6f:61:9b:6c:d3:1c:13:d2:a1:16:69:b8:
6d:f9:c5:95:57:50:74:15:cf:59:8d:ae:63:3f:37:71:6e:fc:
22:52:07:9f:8a:1f:f7:df:93:20:6d:df:97:cf:40:64:43:f6:
a3:3d:cf:0f:96:3b:32:cd:b9:b7:87:d2:eb:7e:9d:d7:75:d7:
9a:23:08:85:71:83:c6:9d:18:f8:c8:b8:52:e1:49:98:ab:ba:
e2:e9:04:26:4b:ab:d1:a6:8e:2c:41:7b:65:3e:ff:ed:e6:a0:
4e:d1:e7:96:87:ce:32:14:72:a4:95:a2:58:2e:6f:ca:f1:b3:
89:78:bc:41:0f:45:72:e2:ac:dd:90:e3:b3:f1:db:bb:cc:8d:
f0:2c:ab:1a:9b:07:4a:8f:90:15:f0:d2:63:0a:8c:cd:0e:b9:
68:90:31:51:b6:1d:eb:b2:dc:08:ab:03:42:03:5c:8b:68:e9:
32:0f:3a:3b:85:f5:e1:04:54:0f:65:8b:74:e7:37:6e:3b:cd:
64:15:73:96:46:b9:86:67:6c:d3:9b:42:27:db:99:1e:91:a1:
c1:3c:d5:48
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICE9gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTIy
MTIzMTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA5OTdDMjhFMDAxQ0VD
OEU5NTRCNTdENDMyRTM1RjVBODMxOThGQkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsjDpghD0NTaJ6/Lp+Po9nKeJ/IPKdtl+9gl8R6VWk0v5AZkcJ
AiuN5+bi8Y/KfX+RKg2/zP5HZtQGA1rd1kTpmzApoUfwI2/IVQj29Y2HicrXlgE2
4MkmXtZz9GI0K5BXa/OhDJ3GjchoUOcGJlhbFUubT2CanpwrxPKUoeuprMm2YV8E
m+Z+8wbXuV78S3bM26+GUtS1XO1GCeh6nY/p8qNJhuLGKUQPgF1V74h1atiCS2Pa
Q+t+x14BknDq9EL3yEM5bk77yXneNE6iNJ/Dyy+8gZJKd6P7kKdBiSr322pCtmnZ
Ms6REMWJQ1e46YOQTjVivw76X2cLSVQdMYD9AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUCZfCjgAc7I6VS1fUMuNfWoMZj70wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0NaZkNqZ0FjN0k2VlMx
ZlVNdU5mV29NWmo3MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAx3aYW0JHtMEGOMvvORx79AtfN7P7OduF
jaR96ggSrmj7ypOEl62JxLVDb2GbbNMcE9KhFmm4bfnFlVdQdBXPWY2uYz83cW78
IlIHn4of99+TIG3fl89AZEP2oz3PD5Y7Ms25t4fS636d13XXmiMIhXGDxp0Y+Mi4
UuFJmKu64ukEJkur0aaOLEF7ZT7/7eagTtHnlofOMhRypJWiWC5vyvGziXi8QQ9F
cuKs3ZDjs/Hbu8yN8CyrGpsHSo+QFfDSYwqMzQ65aJAxUbYd67LcCKsDQgNci2jp
Mg86O4X14QRUD2WLdOc3bjvNZBVzlka5hmds05tCJ9uZHpGhwTzVSA==
-----END CERTIFICATE-----
Generated at Fri Apr 12 22:34:28 2024 by rpki-client on console-fra.rpki-client.org