Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/EJz8Bef66uSXp5ICqSzIy_VopN4.roa
File: EJz8Bef66uSXp5ICqSzIy_VopN4.roa (raw, json)
Hash identifier: zT29uP/tvjQrtF18abKCXTmjxhi3EPMlLNvKhl0ZqAc=
Subject key identifier: 10:9C:FC:05:E7:FA:EA:E4:97:A7:92:02:A9:2C:C8:CB:F5:68:A4:DE
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 185A
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/EJz8Bef66uSXp5ICqSzIy_VopN4.roa
Signing time: Wed 24 Apr 2024 21:53:43 +0000
ROA not before: Wed 24 Apr 2024 21:53:43 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6234 (0x185a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 24 21:53:43 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=109CFC05E7FAEAE497A79202A92CC8CBF568A4DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:05:bf:67:d5:dd:f1:3c:58:10:08:f2:6c:d2:
26:c8:4b:3e:ac:2b:52:db:f9:15:3e:15:82:7e:38:
00:6a:a8:92:0f:91:4a:c3:39:14:bf:3b:a5:b8:25:
e4:69:b8:e9:48:43:af:ac:b6:31:1e:8f:4b:f0:cf:
f9:9d:0d:e8:00:1d:cb:65:9c:72:ba:fd:f9:36:cb:
8f:79:f5:fd:3e:a1:c6:6d:dd:55:d9:9e:ae:09:cc:
bf:0a:e6:8b:c3:e1:cb:26:71:d7:a0:2a:df:d7:82:
e1:e8:11:45:37:52:6c:f4:06:c8:72:59:a5:d7:5e:
43:f0:4d:b0:8f:54:da:63:8c:4e:bf:c7:d7:dd:de:
84:be:60:66:52:54:c6:c7:32:e7:df:fe:9e:be:a5:
12:54:3e:d5:77:f7:96:63:c3:f4:e0:bf:48:fc:66:
cc:5f:e8:4b:40:34:78:25:51:42:96:3a:24:9d:a9:
aa:9f:56:20:25:cb:a7:43:c0:80:4d:c4:1a:e0:83:
14:16:9b:84:e3:19:69:21:77:4d:f6:db:48:bc:d0:
32:9e:0d:ae:09:66:2e:f3:6f:e2:44:2d:9d:c5:b5:
6a:30:1f:9b:24:ac:bd:1b:e1:75:03:37:ae:c6:74:
cf:09:bb:e7:59:89:d1:51:5a:0c:de:a6:1f:61:06:
01:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:9C:FC:05:E7:FA:EA:E4:97:A7:92:02:A9:2C:C8:CB:F5:68:A4:DE
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/EJz8Bef66uSXp5ICqSzIy_VopN4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
af:07:e2:7f:dd:5f:07:7c:6a:c9:af:13:27:26:85:f8:ee:14:
4b:36:35:12:c7:3a:37:1e:13:53:c9:20:32:f9:a4:c2:01:ba:
61:3c:a7:c8:ad:9b:a2:00:c8:c2:9a:84:6d:0c:30:9f:1e:55:
e0:6a:9f:4f:bf:bc:fc:16:4d:f8:15:88:1a:09:66:5f:39:75:
ec:91:e8:66:b2:8d:57:41:66:18:c8:97:f1:99:71:12:b9:0f:
a3:1a:33:76:f7:e3:a1:c1:7c:2a:90:07:94:e1:d5:74:14:40:
db:e0:da:ed:81:a6:c0:a2:42:8f:4a:b8:27:0a:35:03:09:4a:
71:6e:5e:3b:e3:f1:1c:c7:ed:c9:9f:1f:66:81:69:20:3c:62:
d7:7e:56:3c:60:0d:92:d0:a1:ea:5a:98:54:b1:fa:c1:91:38:
9b:d8:86:68:6a:dd:77:66:ef:8a:7f:ca:e5:f5:b6:af:68:be:
64:15:2d:76:30:7f:e5:e2:53:84:f2:7e:96:7f:5b:ce:f2:2b:
d4:6e:be:f9:97:e9:87:5f:b9:54:35:15:19:e0:22:56:94:fb:
50:c4:99:c7:8c:96:bb:69:00:31:fa:70:e6:94:d0:41:e3:d6:
9c:cd:27:ec:48:16:58:17:83:54:24:3d:98:5b:90:3f:b8:6c:
cd:ab:5c:16
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGFowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjQy
MTUzNDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDEwOUNGQzA1RTdGQUVB
RTQ5N0E3OTIwMkE5MkNDOENCRjU2OEE0REUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfBb9n1d3xPFgQCPJs0ibISz6sK1Lb+RU+FYJ+OABqqJIPkUrD
ORS/O6W4JeRpuOlIQ6+stjEej0vwz/mdDegAHctlnHK6/fk2y4959f0+ocZt3VXZ
nq4JzL8K5ovD4csmcdegKt/XguHoEUU3Umz0BshyWaXXXkPwTbCPVNpjjE6/x9fd
3oS+YGZSVMbHMuff/p6+pRJUPtV395Zjw/Tgv0j8Zsxf6EtANHglUUKWOiSdqaqf
ViAly6dDwIBNxBrggxQWm4TjGWkhd03220i80DKeDa4JZi7zb+JELZ3FtWowH5sk
rL0b4XUDN67GdM8Ju+dZidFRWgzeph9hBgHnAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUEJz8Bef66uSXp5ICqSzIy/VopN4wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0VKejhCZWY2NnVTWHA1
SUNxU3pJeV9Wb3BONC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEArwfif91fB3xqya8TJyaF+O4USzY1Esc6
Nx4TU8kgMvmkwgG6YTynyK2bogDIwpqEbQwwnx5V4GqfT7+8/BZN+BWIGglmXzl1
7JHoZrKNV0FmGMiX8ZlxErkPoxozdvfjocF8KpAHlOHVdBRA2+Da7YGmwKJCj0q4
Jwo1AwlKcW5eO+PxHMftyZ8fZoFpIDxi135WPGANktCh6lqYVLH6wZE4m9iGaGrd
d2bvin/K5fW2r2i+ZBUtdjB/5eJThPJ+ln9bzvIr1G6++Zfph1+5VDUVGeAiVpT7
UMSZx4yWu2kAMfpw5pTQQePWnM0n7EgWWBeDVCQ9mFuQP7hszatcFg==
-----END CERTIFICATE-----
Generated at Thu Apr 25 00:46:41 2024 by rpki-client on console-fra.rpki-client.org