Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/Che7NFO4zj6jZotJL58PkN3AZr0.roa
File: Che7NFO4zj6jZotJL58PkN3AZr0.roa (raw, json)
Hash identifier: l/JdvV1anAZWzt7SuqtAiPY4AKZz+jvlkLVWG9dpSL4=
Subject key identifier: 0A:17:BB:34:53:B8:CE:3E:A3:66:8B:49:2F:9F:0F:90:DD:C0:66:BD
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1BE0
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Che7NFO4zj6jZotJL58PkN3AZr0.roa
Signing time: Sat 04 May 2024 07:24:16 +0000
ROA not before: Sat 04 May 2024 07:24:16 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7136 (0x1be0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 4 07:24:16 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0A17BB3453B8CE3EA3668B492F9F0F90DDC066BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e7:30:41:a0:38:3e:22:a0:96:9a:93:29:87:
99:28:6b:6e:1b:a9:87:b0:36:36:65:5d:8d:1d:9b:
93:33:77:be:cf:a2:65:84:a8:69:50:51:7d:f4:70:
e7:f4:bc:d1:03:52:5d:fc:66:d3:b9:93:92:9a:ea:
29:c7:f8:a7:d5:0e:49:fe:08:4f:77:14:bb:71:d3:
0a:f2:e8:c0:a0:02:fa:42:70:ba:59:d2:b3:7d:1b:
62:be:39:4a:94:4f:2f:4a:2a:99:65:61:b4:27:19:
d5:f2:58:f7:a1:cc:f0:f9:21:c5:7b:4e:8f:e8:af:
6d:01:69:31:a2:66:af:2c:46:6d:1c:76:c2:4b:3e:
84:fd:0c:49:9d:5a:81:73:a1:c2:a4:4b:83:5a:ed:
30:c0:08:fa:8f:b7:72:b8:0b:9a:89:84:ed:bb:e9:
c6:c3:8c:ad:13:b1:43:c0:37:2a:92:97:81:ca:05:
47:b2:9c:7a:82:d2:a5:e6:e9:2a:9a:95:9c:ff:71:
1d:16:31:2f:45:23:19:dd:13:e6:74:58:98:fa:be:
e3:64:f0:b7:90:2e:c4:47:8c:cc:16:d3:9e:d2:82:
8d:36:cb:de:1c:08:0f:e2:46:71:58:43:3b:77:72:
a3:ab:14:a7:24:e7:fa:72:69:39:de:bb:6d:8f:84:
c4:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:17:BB:34:53:B8:CE:3E:A3:66:8B:49:2F:9F:0F:90:DD:C0:66:BD
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Che7NFO4zj6jZotJL58PkN3AZr0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b2:7b:09:1f:c8:9b:b3:f1:9a:a5:d6:13:28:92:3a:ed:aa:21:
65:01:bb:9e:9a:66:e0:97:74:0c:ee:35:27:12:f0:a7:cf:5a:
ab:58:16:40:5e:2a:af:da:2b:e0:a1:b2:e6:97:53:ff:0d:cf:
6d:65:34:a0:25:32:2e:69:b0:0f:fe:5d:fa:32:a8:e9:7d:93:
01:b7:0d:de:68:45:3c:84:7f:81:9d:01:56:76:34:3e:e7:3e:
c2:5a:a1:9f:05:af:ac:66:3a:44:21:33:2b:12:ac:a4:ae:db:
db:94:3f:4f:ee:85:2d:5e:53:a3:24:c5:43:55:44:ae:eb:0c:
89:23:08:0f:cc:8e:e4:77:11:72:f1:56:bd:02:36:ad:a6:ae:
1f:30:ce:27:d1:16:a8:bb:1c:1f:64:07:01:de:02:97:dd:98:
6e:80:d7:c4:53:b5:91:a5:d7:88:8c:42:ad:16:a4:61:35:93:
d9:cf:d7:12:d5:89:e0:44:21:a8:8b:9d:09:3a:3a:db:e8:5a:
f7:82:dd:81:23:99:b9:e6:98:77:be:90:d9:6a:fe:20:59:c3:
4e:48:ef:2f:de:00:e5:a2:11:4c:3b:81:7a:1c:be:95:9f:35:
01:c6:f3:a4:63:bf:24:ea:19:3f:58:f3:82:a9:59:97:18:ee:
15:97:8b:08
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICG+AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDQw
NzI0MTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBBMTdCQjM0NTNCOENF
M0VBMzY2OEI0OTJGOUYwRjkwRERDMDY2QkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDB5zBBoDg+IqCWmpMph5koa24bqYewNjZlXY0dm5Mzd77PomWE
qGlQUX30cOf0vNEDUl38ZtO5k5Ka6inH+KfVDkn+CE93FLtx0wry6MCgAvpCcLpZ
0rN9G2K+OUqUTy9KKpllYbQnGdXyWPehzPD5IcV7To/or20BaTGiZq8sRm0cdsJL
PoT9DEmdWoFzocKkS4Na7TDACPqPt3K4C5qJhO276cbDjK0TsUPANyqSl4HKBUey
nHqC0qXm6SqalZz/cR0WMS9FIxndE+Z0WJj6vuNk8LeQLsRHjMwW057Sgo02y94c
CA/iRnFYQzt3cqOrFKck5/pyaTneu22PhMQDAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUChe7NFO4zj6jZotJL58PkN3AZr0wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0NoZTdORk80emo2alpv
dEpMNThQa04zQVpyMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAsnsJH8ibs/GapdYTKJI67aohZQG7nppm
4Jd0DO41JxLwp89aq1gWQF4qr9or4KGy5pdT/w3PbWU0oCUyLmmwD/5d+jKo6X2T
AbcN3mhFPIR/gZ0BVnY0Puc+wlqhnwWvrGY6RCEzKxKspK7b25Q/T+6FLV5ToyTF
Q1VErusMiSMID8yO5HcRcvFWvQI2raauHzDOJ9EWqLscH2QHAd4Cl92YboDXxFO1
kaXXiIxCrRakYTWT2c/XEtWJ4EQhqIudCTo62+ha94LdgSOZueaYd76Q2Wr+IFnD
TkjvL94A5aIRTDuBehy+lZ81AcbzpGO/JOoZP1jzgqlZlxjuFZeLCA==
-----END CERTIFICATE-----
Generated at Sat May 4 10:28:32 2024 by rpki-client on console-fra.rpki-client.org