Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/DR3dHsoqmFzrKK6h3DOd0aSN-B0.roa
File: DR3dHsoqmFzrKK6h3DOd0aSN-B0.roa (raw, json)
Hash identifier: IkbcVA8JtzW4NYy+NZlai5mvk0CRhueywXYeYZz69uE=
Subject key identifier: 0D:1D:DD:1E:CA:2A:98:5C:EB:28:AE:A1:DC:33:9D:D1:A4:8D:F8:1D
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 19D0
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/DR3dHsoqmFzrKK6h3DOd0aSN-B0.roa
Signing time: Sun 28 Apr 2024 19:23:56 +0000
ROA not before: Sun 28 Apr 2024 19:23:56 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6608 (0x19d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 28 19:23:56 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=0D1DDD1ECA2A985CEB28AEA1DC339DD1A48DF81D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:82:d6:41:f6:4c:d0:e6:b0:8d:7f:f2:cf:8a:
16:ad:40:4a:1d:89:69:a4:a7:ba:26:cd:da:0c:78:
4c:d6:be:d9:38:8c:b7:97:b7:df:80:a6:ba:a0:c4:
74:83:db:d8:ba:a9:59:d8:6a:31:7d:24:5b:d8:76:
95:48:8a:8b:c5:a5:14:6e:33:12:65:9b:7a:b1:9e:
6d:51:f2:72:1a:57:fc:82:48:68:68:fa:5d:a5:94:
d0:cc:d6:6d:e3:5e:15:80:14:61:f6:3b:8a:b6:3f:
54:ac:4d:07:39:f6:15:52:ba:d6:99:42:d9:5f:2d:
4b:bd:bf:06:8a:c2:0c:8e:ce:86:86:29:ac:41:2a:
86:df:7e:d2:96:53:a4:4c:08:a1:93:99:d0:52:92:
14:51:32:64:4d:f0:ec:2a:cc:b8:b3:26:03:44:8e:
e9:a9:8c:b9:7b:0d:79:22:a7:c8:77:e6:f6:58:4c:
13:a9:2e:88:5b:0c:32:b3:22:c6:2b:4a:84:f8:c3:
95:e1:86:79:5f:ec:c8:94:d0:51:f6:0f:3f:29:98:
e8:2b:9b:55:a8:0c:1f:55:2e:2e:a5:f9:6f:b6:f0:
9b:fd:01:7e:68:24:81:11:60:08:3f:4e:0c:cc:44:
58:fe:22:53:4c:78:e3:06:ac:ca:e1:0e:2e:08:d2:
70:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:1D:DD:1E:CA:2A:98:5C:EB:28:AE:A1:DC:33:9D:D1:A4:8D:F8:1D
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/DR3dHsoqmFzrKK6h3DOd0aSN-B0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
17:45:e1:99:9f:11:21:0e:28:da:c2:89:5e:8f:89:c0:8c:85:
a5:62:31:72:74:b9:db:7c:ff:ee:8a:17:85:31:40:e9:b0:e8:
e7:80:f4:69:31:5d:50:5f:da:74:22:c4:9b:a3:ec:0c:7c:05:
29:03:a2:67:4f:33:43:61:99:64:bd:b8:a8:be:0e:2f:20:5f:
b0:18:88:f4:a2:7a:9e:fc:73:26:09:e1:17:8d:60:c5:2e:09:
a4:6c:fb:8c:3c:97:a3:56:ee:97:39:ff:f6:27:66:d9:5a:21:
78:3f:3a:53:2d:fe:08:0f:f4:9f:90:66:d6:a8:97:a1:a5:8a:
c4:d2:64:c8:91:cf:31:77:95:df:b0:ca:af:88:69:17:db:47:
99:d7:46:09:ad:3e:0d:5f:39:53:d9:9c:d6:c2:d8:82:a6:0d:
39:78:6f:59:ad:9b:7b:a2:5b:8b:5e:65:5d:8a:a6:91:4e:e6:
f9:12:64:29:a0:2c:1f:fe:7e:a5:f1:e1:b9:c1:5a:26:b6:62:
5b:df:38:04:81:25:52:ec:55:b1:05:5c:0f:a4:3f:cd:56:2c:
cb:20:75:18:ab:61:ae:5a:21:57:7a:ae:c1:ad:1d:3a:52:91:
ad:0d:0f:47:39:6f:33:6b:f6:cc:bc:41:d1:ac:8a:39:31:be:
09:43:b3:ec
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGdAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0Mjgx
OTIzNTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBEMURERDFFQ0EyQTk4
NUNFQjI4QUVBMURDMzM5REQxQTQ4REY4MUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+gtZB9kzQ5rCNf/LPihatQEodiWmkp7omzdoMeEzWvtk4jLeX
t9+AprqgxHSD29i6qVnYajF9JFvYdpVIiovFpRRuMxJlm3qxnm1R8nIaV/yCSGho
+l2llNDM1m3jXhWAFGH2O4q2P1SsTQc59hVSutaZQtlfLUu9vwaKwgyOzoaGKaxB
KobfftKWU6RMCKGTmdBSkhRRMmRN8OwqzLizJgNEjumpjLl7DXkip8h35vZYTBOp
LohbDDKzIsYrSoT4w5Xhhnlf7MiU0FH2Dz8pmOgrm1WoDB9VLi6l+W+28Jv9AX5o
JIERYAg/TgzMRFj+IlNMeOMGrMrhDi4I0nDNAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUDR3dHsoqmFzrKK6h3DOd0aSN+B0wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0RSM2RIc29xbUZ6cktL
NmgzRE9kMGFTTi1CMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAF0XhmZ8RIQ4o2sKJXo+JwIyFpWIxcnS5
23z/7ooXhTFA6bDo54D0aTFdUF/adCLEm6PsDHwFKQOiZ08zQ2GZZL24qL4OLyBf
sBiI9KJ6nvxzJgnhF41gxS4JpGz7jDyXo1bulzn/9idm2VoheD86Uy3+CA/0n5Bm
1qiXoaWKxNJkyJHPMXeV37DKr4hpF9tHmddGCa0+DV85U9mc1sLYgqYNOXhvWa2b
e6Jbi15lXYqmkU7m+RJkKaAsH/5+pfHhucFaJrZiW984BIElUuxVsQVcD6Q/zVYs
yyB1GKthrlohV3quwa0dOlKRrQ0PRzlvM2v2zLxB0ayKOTG+CUOz7A==
-----END CERTIFICATE-----
Generated at Sun Apr 28 20:45:58 2024 by rpki-client on console-fra.rpki-client.org