Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/E96A0R54AsnUnlEqpblcyF3LJJI.roa
File: E96A0R54AsnUnlEqpblcyF3LJJI.roa (raw, json)
Hash identifier: MuJ13CpGlBEge0uU03EjnJsSGk0UY7a/EtO08xXp9xc=
Subject key identifier: 13:DE:80:D1:1E:78:02:C9:D4:9E:51:2A:A5:B9:5C:C8:5D:CB:24:92
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 15D8
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/E96A0R54AsnUnlEqpblcyF3LJJI.roa
Signing time: Thu 18 Apr 2024 05:23:25 +0000
ROA not before: Thu 18 Apr 2024 05:23:25 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5592 (0x15d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 18 05:23:25 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=13DE80D11E7802C9D49E512AA5B95CC85DCB2492
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:bf:b5:1d:57:c4:d1:f9:5f:9e:23:40:fc:04:
20:2e:11:e6:e6:92:0b:a4:03:3f:78:96:6a:29:a2:
25:05:f6:ce:5b:c2:75:37:4f:cd:03:40:8d:cd:73:
ed:fc:7c:56:03:08:e3:d3:05:db:7c:eb:ee:8e:b9:
97:95:a2:2a:55:77:f6:24:4b:3d:34:03:0b:12:05:
d2:17:dc:b8:34:12:3f:f3:fa:43:ae:35:5c:15:2b:
08:ed:75:9e:32:b0:f8:bd:4e:2e:15:96:94:d1:f9:
6e:be:5f:eb:09:2f:e6:1a:b6:44:3e:17:23:ed:2b:
ca:bb:6c:61:43:64:9e:7f:24:f1:57:9a:fb:7b:ee:
16:d4:b4:b3:bc:4e:c7:f6:7d:95:3c:13:f1:40:5c:
15:03:44:be:7c:af:06:ad:df:ab:96:7f:83:a4:ba:
a2:73:60:f4:9f:be:93:7f:b8:a8:13:ec:db:fe:9d:
08:df:61:f8:e2:c8:cf:49:30:38:16:43:f1:73:07:
1d:fa:86:49:ed:5f:5c:a8:f8:92:93:e6:22:79:65:
bf:98:ac:6c:a4:e1:66:ae:ec:4e:49:b5:d8:c2:b2:
b3:ff:75:d2:df:27:6a:93:66:23:78:cf:0e:e8:d6:
51:55:cf:b4:28:98:a8:0a:eb:a3:56:b0:04:ff:e4:
ac:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:DE:80:D1:1E:78:02:C9:D4:9E:51:2A:A5:B9:5C:C8:5D:CB:24:92
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/E96A0R54AsnUnlEqpblcyF3LJJI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
97:15:1f:5b:b9:d6:89:e9:f9:df:19:f8:e8:fa:b2:be:c2:27:
1f:79:b4:fc:09:8f:0c:0f:f8:f2:2d:9e:b3:7f:dc:9a:77:06:
6b:39:dd:1c:f4:cf:42:ea:b2:d1:5d:73:c9:71:bb:5d:18:ab:
a8:10:ee:2d:82:b1:3f:d0:99:b9:f6:d6:42:63:5d:f0:cc:5b:
58:59:90:88:f9:44:64:50:fe:d4:6c:f0:ec:3a:a5:67:34:87:
1d:9d:ea:ae:78:7c:c3:ff:95:01:3f:9d:08:dc:7d:88:05:6a:
8a:12:f4:33:8d:db:47:7d:ea:f9:da:c4:02:6d:a5:74:2b:ec:
3a:c6:5d:d8:84:4f:0e:ad:64:dc:30:d4:4d:3f:82:7a:63:70:
ae:c6:76:f7:e6:7e:37:75:08:bc:58:46:5a:c8:ba:e4:ff:da:
b1:85:d3:f0:77:2a:fc:ff:bd:bc:49:e1:09:a4:b2:05:e7:3a:
02:b1:40:31:19:e7:8e:66:11:56:af:18:3b:a8:07:be:8e:14:
9e:52:81:c4:1f:32:61:92:5c:23:bc:00:f9:3e:4f:a7:c0:d8:
47:d5:3a:82:78:04:68:51:91:2b:03:04:e2:be:c9:fe:66:8f:
7f:64:7b:36:ca:06:58:49:bc:0d:4d:45:07:63:d1:3f:06:8a:
e1:fa:94:bb
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFdgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTgw
NTIzMjVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDEzREU4MEQxMUU3ODAy
QzlENDlFNTEyQUE1Qjk1Q0M4NURDQjI0OTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuv7UdV8TR+V+eI0D8BCAuEebmkgukAz94lmopoiUF9s5bwnU3
T80DQI3Nc+38fFYDCOPTBdt86+6OuZeVoipVd/YkSz00AwsSBdIX3Lg0Ej/z+kOu
NVwVKwjtdZ4ysPi9Ti4VlpTR+W6+X+sJL+YatkQ+FyPtK8q7bGFDZJ5/JPFXmvt7
7hbUtLO8Tsf2fZU8E/FAXBUDRL58rwat36uWf4OkuqJzYPSfvpN/uKgT7Nv+nQjf
YfjiyM9JMDgWQ/FzBx36hkntX1yo+JKT5iJ5Zb+YrGyk4Wau7E5JtdjCsrP/ddLf
J2qTZiN4zw7o1lFVz7QomKgK66NWsAT/5KyZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUE96A0R54AsnUnlEqpblcyF3LJJIwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0U5NkEwUjU0QXNuVW5s
RXFwYmxjeUYzTEpKSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAlxUfW7nWien53xn46PqyvsInH3m0/AmP
DA/48i2es3/cmncGazndHPTPQuqy0V1zyXG7XRirqBDuLYKxP9CZufbWQmNd8Mxb
WFmQiPlEZFD+1Gzw7DqlZzSHHZ3qrnh8w/+VAT+dCNx9iAVqihL0M43bR33q+drE
Am2ldCvsOsZd2IRPDq1k3DDUTT+CemNwrsZ29+Z+N3UIvFhGWsi65P/asYXT8Hcq
/P+9vEnhCaSyBec6ArFAMRnnjmYRVq8YO6gHvo4UnlKBxB8yYZJcI7wA+T5Pp8DY
R9U6gngEaFGRKwME4r7J/maPf2R7NsoGWEm8DU1FB2PRPwaK4fqUuw==
-----END CERTIFICATE-----
Generated at Thu Apr 18 06:42:59 2024 by rpki-client on console-ams.rpki-client.org