Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/DJ98aQz2zRGEpfU5YqkND4j5M5o.roa
File: DJ98aQz2zRGEpfU5YqkND4j5M5o.roa (raw, json)
Hash identifier: LxCfphcJHeJsydvMWU5bP065nv1Rcj1SDWvP9lZK6W0=
Subject key identifier: 0C:9F:7C:69:0C:F6:CD:11:84:A5:F5:39:62:A9:0D:0F:88:F9:33:9A
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 11E6
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/DJ98aQz2zRGEpfU5YqkND4j5M5o.roa
Signing time: Sun 07 Apr 2024 16:52:55 +0000
ROA not before: Sun 07 Apr 2024 16:52:55 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4582 (0x11e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 7 16:52:55 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0C9F7C690CF6CD1184A5F53962A90D0F88F9339A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f4:6b:9c:a3:1c:f5:2b:16:43:0e:71:19:58:
15:1c:b6:c8:dd:8d:71:c5:87:08:4a:12:47:ee:d0:
98:e2:3d:ae:2e:cd:f5:55:ce:23:51:29:0b:fc:82:
87:39:68:30:fb:e7:ef:b4:78:d4:32:ef:86:37:a8:
58:74:79:8e:41:09:29:71:51:ef:6c:29:88:78:5e:
b0:f2:4a:5e:0a:14:ab:33:71:5e:f4:b6:e5:18:9b:
bc:5d:64:c8:8b:79:9d:ca:e1:29:e8:16:99:ac:30:
39:50:c9:97:71:b9:6b:e8:d4:7a:8c:e6:fd:e5:80:
a0:d1:5d:4d:c5:6c:c5:88:a5:28:7e:07:9b:ef:0f:
e9:75:b3:1e:0f:6e:73:c8:c9:12:67:a4:0e:ba:db:
2b:45:07:00:5d:ec:34:f1:0a:c6:82:b9:bf:ba:9c:
2d:6a:b5:94:b0:3b:1a:de:f5:7e:69:bf:7f:df:bf:
d7:e9:16:25:05:be:48:e0:b1:c0:b2:b0:eb:bf:02:
08:14:d9:b3:d1:e3:2c:d7:61:46:9b:ea:5a:18:08:
88:1c:a9:1a:b3:90:1d:b2:8b:b4:36:f9:b9:01:64:
4c:33:ff:42:5a:ff:7a:6c:27:35:75:16:82:40:2a:
3b:17:8b:4e:b9:1a:c7:8a:8f:22:bf:91:fd:1e:98:
2a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:9F:7C:69:0C:F6:CD:11:84:A5:F5:39:62:A9:0D:0F:88:F9:33:9A
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/DJ98aQz2zRGEpfU5YqkND4j5M5o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3c:d3:e3:1e:e0:4b:69:73:bf:cb:8d:41:a7:b6:7c:c5:1b:f9:
6e:d2:e5:24:2e:ce:82:f9:37:e6:0c:d0:ed:eb:2e:40:3d:3e:
58:c2:0c:a8:17:52:90:aa:f5:cf:b1:c7:9c:ef:dd:14:82:ae:
fb:ac:36:53:8f:c0:73:cd:f3:85:e0:1d:03:9b:31:a5:c5:2b:
28:c2:cc:37:b1:7c:d7:3d:31:76:00:10:2e:bd:e0:bf:07:79:
04:3c:80:6e:f9:5d:29:f2:61:ed:84:ae:1b:e0:4c:fd:5c:d3:
cb:98:75:32:90:b7:4e:f6:19:fb:d1:72:b1:df:8f:dc:27:d6:
24:71:77:98:86:e9:96:32:c8:35:58:bc:d3:6a:d8:79:f0:d6:
5b:8a:2b:52:54:25:0c:5e:a0:6e:32:5e:ba:47:26:aa:4d:c4:
81:7c:0a:e9:bc:be:06:0e:05:a0:6b:c5:a5:b7:40:c2:f4:0a:
0e:22:d6:32:23:af:31:34:52:af:4d:69:67:d9:b9:09:40:30:
31:b9:00:2a:f1:0f:11:d8:71:a6:15:01:ac:ed:10:5e:61:46:
b3:7a:18:24:fc:51:c1:b6:2d:2d:e7:93:c7:1f:2c:b5:50:ed:
52:73:56:db:4b:1e:04:45:35:00:7b:a6:91:e5:9e:22:bd:dd:
98:83:c9:54
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEeYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDcx
NjUyNTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBDOUY3QzY5MENGNkNE
MTE4NEE1RjUzOTYyQTkwRDBGODhGOTMzOUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCl9Gucoxz1KxZDDnEZWBUctsjdjXHFhwhKEkfu0JjiPa4uzfVV
ziNRKQv8goc5aDD75++0eNQy74Y3qFh0eY5BCSlxUe9sKYh4XrDySl4KFKszcV70
tuUYm7xdZMiLeZ3K4SnoFpmsMDlQyZdxuWvo1HqM5v3lgKDRXU3FbMWIpSh+B5vv
D+l1sx4PbnPIyRJnpA662ytFBwBd7DTxCsaCub+6nC1qtZSwOxre9X5pv3/fv9fp
FiUFvkjgscCysOu/AggU2bPR4yzXYUab6loYCIgcqRqzkB2yi7Q2+bkBZEwz/0Ja
/3psJzV1FoJAKjsXi065GseKjyK/kf0emCpHAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUDJ98aQz2zRGEpfU5YqkND4j5M5owHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0RKOThhUXoyelJHRXBm
VTVZcWtORDRqNU01by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAPNPjHuBLaXO/y41Bp7Z8xRv5btLlJC7O
gvk35gzQ7esuQD0+WMIMqBdSkKr1z7HHnO/dFIKu+6w2U4/Ac83zheAdA5sxpcUr
KMLMN7F81z0xdgAQLr3gvwd5BDyAbvldKfJh7YSuG+BM/VzTy5h1MpC3TvYZ+9Fy
sd+P3CfWJHF3mIbpljLINVi802rYefDWW4orUlQlDF6gbjJeukcmqk3EgXwK6by+
Bg4FoGvFpbdAwvQKDiLWMiOvMTRSr01pZ9m5CUAwMbkAKvEPEdhxphUBrO0QXmFG
s3oYJPxRwbYtLeeTxx8stVDtUnNW20seBEU1AHumkeWeIr3dmIPJVA==
-----END CERTIFICATE-----
Generated at Sun Apr 7 18:24:58 2024 by rpki-client on console-fra.rpki-client.org