Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/CszvlnNBno5gO6BC4NPEXhdUmbw.roa
File: CszvlnNBno5gO6BC4NPEXhdUmbw.roa (raw, json)
Hash identifier: v2C3gsg3tACVC5UVENw58ik1HcZqT6rgA8o/oMm2aqY=
Subject key identifier: 0A:CC:EF:96:73:41:9E:8E:60:3B:A0:42:E0:D3:C4:5E:17:54:99:BC
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1C38
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/CszvlnNBno5gO6BC4NPEXhdUmbw.roa
Signing time: Sun 05 May 2024 05:24:30 +0000
ROA not before: Sun 05 May 2024 05:24:30 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7224 (0x1c38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 5 05:24:30 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0ACCEF9673419E8E603BA042E0D3C45E175499BC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:d5:7d:e9:df:2d:80:b8:31:70:67:56:4c:75:
27:b1:8e:9e:49:c6:23:10:49:48:61:61:58:78:2f:
78:24:73:08:86:57:dd:9b:6e:0b:3b:ea:e5:b0:34:
45:ef:83:af:7d:3e:0c:ec:52:f4:67:4b:75:69:57:
7f:c7:5e:2f:ea:c7:35:46:99:8f:2c:fe:4a:df:ed:
c2:47:b3:6e:9e:52:7f:04:b5:13:d1:03:56:38:27:
a8:1a:23:c5:6a:d3:76:b4:76:48:9a:60:1e:7c:f6:
d2:da:02:cb:e3:7d:ab:68:ac:2b:82:89:21:6b:c2:
a5:c9:5f:d6:99:49:6c:f7:a2:86:c0:e3:01:2e:57:
7c:27:7f:c8:38:75:a0:9d:02:00:88:ed:ec:1b:25:
b3:98:b5:68:cb:85:af:2a:09:ba:2a:b6:fb:2c:2a:
9b:4c:0d:f4:9a:5a:d7:b1:ea:23:40:58:a9:44:dd:
61:13:18:28:f0:75:30:bb:eb:23:05:b5:7d:d9:02:
0e:9d:9a:a2:99:d1:ac:66:f7:76:8e:18:57:e0:f9:
5a:fe:ed:d1:b8:4a:1c:26:be:74:f3:ca:8a:f9:99:
bb:04:16:ea:80:ae:1b:5b:41:fe:6c:ae:40:4e:c3:
06:4e:4c:4f:ef:e3:8d:6d:67:6d:5e:22:54:f2:9c:
eb:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:CC:EF:96:73:41:9E:8E:60:3B:A0:42:E0:D3:C4:5E:17:54:99:BC
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/CszvlnNBno5gO6BC4NPEXhdUmbw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
50:be:bd:fa:a2:d5:ad:73:e5:78:62:b9:9f:ab:05:21:e5:2c:
99:5c:7d:ae:c2:51:12:d2:fe:9e:ea:47:67:d5:4a:27:16:1d:
f6:80:54:fe:e6:63:ba:56:a2:ed:9c:a4:46:5c:df:94:94:eb:
b0:fa:51:d0:a6:30:8c:f2:d2:4b:3b:d8:92:f5:cd:34:c9:21:
8b:3a:0e:bf:d2:e7:43:f7:7e:f7:78:7d:12:e5:69:13:fd:12:
dd:b6:4c:6b:d1:b9:96:67:e2:10:a6:4e:e4:af:0a:9a:b4:89:
85:fd:d4:a6:ee:01:dd:eb:3e:9c:f5:4d:c1:62:91:77:ab:02:
0f:2d:21:be:fb:71:6b:3d:fe:b1:04:2c:6b:09:e1:8a:cf:e8:
31:ff:4c:ff:d2:23:85:5f:2c:b4:fc:cb:64:95:e9:d1:93:3b:
ec:d5:cb:d2:7f:8e:e7:07:93:6c:d3:12:e2:ca:f9:02:82:02:
44:7f:3c:dd:18:7e:1f:3e:39:fb:89:01:1a:29:31:cc:eb:b0:
d2:8a:b7:26:ad:79:39:cc:8c:bc:6c:35:51:95:dd:f6:34:42:
32:fc:7d:99:0e:8e:a9:14:6c:5c:3d:9a:f0:1a:2d:2e:c1:2c:
f5:6a:79:a9:eb:b5:33:8a:2e:73:98:8d:2f:83:17:e5:4c:6f:
40:2b:c1:7f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICHDgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDUw
NTI0MzBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBBQ0NFRjk2NzM0MTlF
OEU2MDNCQTA0MkUwRDNDNDVFMTc1NDk5QkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDi1X3p3y2AuDFwZ1ZMdSexjp5JxiMQSUhhYVh4L3gkcwiGV92b
bgs76uWwNEXvg699PgzsUvRnS3VpV3/HXi/qxzVGmY8s/krf7cJHs26eUn8EtRPR
A1Y4J6gaI8Vq03a0dkiaYB589tLaAsvjfatorCuCiSFrwqXJX9aZSWz3oobA4wEu
V3wnf8g4daCdAgCI7ewbJbOYtWjLha8qCboqtvssKptMDfSaWtex6iNAWKlE3WET
GCjwdTC76yMFtX3ZAg6dmqKZ0axm93aOGFfg+Vr+7dG4ShwmvnTzyor5mbsEFuqA
rhtbQf5srkBOwwZOTE/v441tZ21eIlTynOsxAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUCszvlnNBno5gO6BC4NPEXhdUmbwwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0NzenZsbk5Cbm81Z082
QkM0TlBFWGhkVW1idy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAUL69+qLVrXPleGK5n6sFIeUsmVx9rsJR
EtL+nupHZ9VKJxYd9oBU/uZjulai7ZykRlzflJTrsPpR0KYwjPLSSzvYkvXNNMkh
izoOv9LnQ/d+93h9EuVpE/0S3bZMa9G5lmfiEKZO5K8KmrSJhf3Upu4B3es+nPVN
wWKRd6sCDy0hvvtxaz3+sQQsawnhis/oMf9M/9IjhV8stPzLZJXp0ZM77NXL0n+O
5weTbNMS4sr5AoICRH883Rh+Hz45+4kBGikxzOuw0oq3Jq15OcyMvGw1UZXd9jRC
Mvx9mQ6OqRRsXD2a8BotLsEs9Wp5qeu1M4ouc5iNL4MX5UxvQCvBfw==
-----END CERTIFICATE-----
Generated at Sun May 5 09:11:37 2024 by rpki-client on console-fra.rpki-client.org