Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/Cc52NdvAyz5ew0RXpwybFhoo4i4.roa
File: Cc52NdvAyz5ew0RXpwybFhoo4i4.roa (raw, json)
Hash identifier: YL2bNx0oX9oigsHLnFALgywzC/deYozNdUXjb5ksMSs=
Subject key identifier: 09:CE:76:35:DB:C0:CB:3E:5E:C3:44:57:A7:0C:9B:16:1A:28:E2:2E
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 189A
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Cc52NdvAyz5ew0RXpwybFhoo4i4.roa
Signing time: Thu 25 Apr 2024 13:53:40 +0000
ROA not before: Thu 25 Apr 2024 13:53:40 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6298 (0x189a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 25 13:53:40 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=09CE7635DBC0CB3E5EC34457A70C9B161A28E22E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:51:21:49:21:7c:97:04:b2:fe:31:4b:78:7c:
bd:de:c9:4d:23:fc:0e:55:af:92:3e:de:d6:ac:74:
31:24:07:a1:f6:d9:30:77:36:49:cf:82:32:8d:5f:
09:8a:53:fa:28:98:f3:2a:1b:cf:a9:54:e7:7c:05:
d1:db:4c:e5:33:49:8a:1f:14:9a:a8:7f:89:bd:0b:
f2:1b:bf:97:8b:8c:85:56:09:40:91:99:51:68:4f:
fc:b0:c0:48:79:33:71:b2:07:8e:3e:ac:ab:f4:5b:
2d:5d:3e:81:76:7d:07:e9:89:d9:84:9d:de:02:66:
b3:36:a4:79:86:df:86:6c:d2:99:4b:88:81:ed:9c:
c9:c4:2c:9a:ea:32:f3:9e:c7:35:a0:f4:0b:54:47:
5d:12:e7:e6:ae:65:b2:db:39:77:60:48:5b:88:6c:
ab:76:1d:93:18:62:f2:a5:d2:d4:af:b1:d4:6e:3b:
79:07:f0:97:03:bc:bf:b6:bc:12:e3:fb:c4:d3:df:
7f:92:05:f1:39:e1:0b:51:ae:e8:65:9f:1b:46:99:
8c:02:d2:aa:c3:74:e4:fa:62:c3:ad:63:4b:4e:65:
1b:99:81:96:0f:26:46:56:1c:32:cc:1e:8c:00:e4:
d4:95:54:b1:63:b2:c7:86:39:49:26:29:15:17:1e:
73:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:CE:76:35:DB:C0:CB:3E:5E:C3:44:57:A7:0C:9B:16:1A:28:E2:2E
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Cc52NdvAyz5ew0RXpwybFhoo4i4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c3:9b:9d:24:ac:ec:21:e8:33:6e:98:5d:6d:46:1a:d1:f6:64:
97:97:62:62:f8:36:2e:47:15:76:d8:47:70:e7:80:1a:fa:32:
35:a2:45:8d:ad:8d:61:b8:a0:7c:2b:7d:9a:55:f2:58:b6:87:
65:eb:d6:06:3e:9c:5f:32:91:c4:29:b0:e3:4e:56:84:8a:6c:
d7:3f:c4:dc:ef:10:8a:b1:65:fc:53:ae:6a:b6:a2:ae:df:cb:
05:58:2a:b2:79:9f:3a:57:fd:c3:47:75:a3:d7:01:48:23:0e:
27:bf:94:c1:09:ea:91:d3:d7:c6:05:69:dd:1b:76:91:b5:6e:
22:5d:e0:e7:3c:dd:a4:1b:c4:06:6f:33:2e:1a:b0:e5:54:c8:
9b:f9:9e:d7:0d:7c:09:9b:9b:48:91:ea:9c:8c:9d:d7:e6:ba:
5c:af:ed:8f:12:68:c6:30:ee:2b:d8:ee:c5:88:5d:4d:e4:20:
37:2d:ea:c4:b9:74:5d:eb:45:6e:5b:37:02:16:02:f9:65:b7:
5e:12:83:7b:89:59:b4:42:ff:ab:35:c4:4d:da:83:b9:d6:d9:
4e:de:0c:8b:4d:1f:dd:27:f0:05:97:fb:37:f4:28:66:13:03:
09:69:e4:81:a2:f6:a9:60:be:e4:a8:52:86:54:78:e4:b8:9e:
f8:66:5c:7e
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGJowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjUx
MzUzNDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDA5Q0U3NjM1REJDMENC
M0U1RUMzNDQ1N0E3MEM5QjE2MUEyOEUyMkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhUSFJIXyXBLL+MUt4fL3eyU0j/A5Vr5I+3tasdDEkB6H22TB3
NknPgjKNXwmKU/oomPMqG8+pVOd8BdHbTOUzSYofFJqof4m9C/Ibv5eLjIVWCUCR
mVFoT/ywwEh5M3GyB44+rKv0Wy1dPoF2fQfpidmEnd4CZrM2pHmG34Zs0plLiIHt
nMnELJrqMvOexzWg9AtUR10S5+auZbLbOXdgSFuIbKt2HZMYYvKl0tSvsdRuO3kH
8JcDvL+2vBLj+8TT33+SBfE54QtRruhlnxtGmYwC0qrDdOT6YsOtY0tOZRuZgZYP
JkZWHDLMHowA5NSVVLFjsseGOUkmKRUXHnMDAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUCc52NdvAyz5ew0RXpwybFhoo4i4wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0NjNTJOZHZBeXo1ZXcw
Ulhwd3liRmhvbzRpNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAw5udJKzsIegzbphdbUYa0fZkl5diYvg2
LkcVdthHcOeAGvoyNaJFja2NYbigfCt9mlXyWLaHZevWBj6cXzKRxCmw405WhIps
1z/E3O8QirFl/FOuarairt/LBVgqsnmfOlf9w0d1o9cBSCMOJ7+UwQnqkdPXxgVp
3Rt2kbVuIl3g5zzdpBvEBm8zLhqw5VTIm/me1w18CZubSJHqnIyd1+a6XK/tjxJo
xjDuK9juxYhdTeQgNy3qxLl0XetFbls3AhYC+WW3XhKDe4lZtEL/qzXETdqDudbZ
Tt4Mi00f3SfwBZf7N/QoZhMDCWnkgaL2qWC+5KhShlR45Lie+GZcfg==
-----END CERTIFICATE-----
Generated at Thu Apr 25 14:27:04 2024 by rpki-client on console-fra.rpki-client.org