Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/EeaQdhwWzaPQVkabf3GUFV28XfQ.roa
File: EeaQdhwWzaPQVkabf3GUFV28XfQ.roa (raw, json)
Hash identifier: acbp0rLnJEt116xXPu3PO6w2tzfdwDBb8Yj+3RPcoe0=
Subject key identifier: 11:E6:90:76:1C:16:CD:A3:D0:56:46:9B:7F:71:94:15:5D:BC:5D:F4
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0EE4
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/EeaQdhwWzaPQVkabf3GUFV28XfQ.roa
Signing time: Sat 30 Mar 2024 16:22:49 +0000
ROA not before: Sat 30 Mar 2024 16:22:49 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3812 (0xee4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 30 16:22:49 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=11E690761C16CDA3D056469B7F7194155DBC5DF4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:dc:5b:10:f5:bb:ab:99:b2:7a:d1:f2:cf:98:
b9:58:5f:40:7d:53:4c:b4:a8:d4:a0:6a:e4:06:f3:
01:47:43:ee:2a:f0:46:61:a8:ad:86:1e:ba:38:62:
ca:d0:62:67:9b:cf:28:6e:21:6a:f6:93:5f:be:43:
9a:eb:8d:a4:f1:7e:6d:d0:6f:b3:05:a1:1d:a5:a1:
af:4a:20:fc:92:d5:42:54:32:8c:37:80:23:f4:57:
70:be:a6:0c:f2:a1:74:25:7d:ad:18:e7:88:d2:e8:
1c:47:70:db:56:85:3c:ad:dd:ac:21:66:62:b5:a0:
67:61:60:d2:b1:47:03:36:b7:7c:5f:08:19:a0:5a:
26:3a:89:04:67:39:3b:95:06:6a:44:a6:3e:11:92:
9d:53:5d:f7:4f:e6:b3:0b:93:8c:9d:fd:04:c3:a1:
46:ac:3a:0c:1f:f4:65:d8:99:dd:45:4e:a7:9f:be:
44:c2:fd:b6:62:78:7c:d2:3b:eb:44:44:1b:f4:6d:
52:09:b2:d4:a7:d4:52:ea:f3:2e:ec:24:fa:c7:68:
7a:b3:8d:02:21:0c:83:79:52:4e:91:11:b3:8a:21:
9f:ca:e9:6b:c3:32:97:79:41:19:33:77:e6:09:00:
cf:59:32:e1:cc:1c:ad:3d:32:ef:0f:9b:4f:fc:f4:
bb:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:E6:90:76:1C:16:CD:A3:D0:56:46:9B:7F:71:94:15:5D:BC:5D:F4
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/EeaQdhwWzaPQVkabf3GUFV28XfQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
42:19:22:08:8b:ee:68:30:ae:4b:9e:24:1f:9a:4b:32:2e:50:
be:04:bd:73:b8:d1:f1:77:89:b0:9e:07:47:b5:ea:d8:f1:db:
75:8a:10:2b:da:e2:c3:0b:3c:2a:9c:d6:bc:4f:ad:70:78:cb:
83:fc:0d:bc:e4:f3:51:2d:cc:5c:eb:e1:69:a2:7f:0b:1e:b4:
c4:7b:85:6f:c8:14:2a:d7:8a:39:2f:04:54:cb:96:53:2e:7c:
77:fc:23:b3:6a:0b:79:42:4c:e3:14:6d:e9:44:cd:5a:51:a4:
d2:8f:4a:34:4d:8a:1c:1d:aa:75:be:5b:1e:5b:99:50:44:12:
14:95:22:bc:06:51:2a:ba:c4:62:af:8d:91:7a:79:d5:48:bd:
8e:1c:8f:4a:a4:04:cc:72:20:1a:4c:77:ef:a2:07:7c:dd:6e:
89:4f:dd:91:d4:40:cb:10:1d:f2:5c:91:2b:90:9a:81:97:73:
48:63:71:dc:54:f9:6c:65:7c:f0:da:d4:01:c3:a0:d7:cd:bc:
78:86:c3:ba:c8:91:7c:99:ff:c7:0d:7d:1b:2a:be:3d:4d:9d:
1a:fd:9b:5e:7a:42:bc:de:24:1d:69:60:80:a9:3a:8e:da:33:
9c:cb:c9:41:28:ca:d8:89:1b:3c:96:5f:57:72:1f:42:ac:cc:
31:77:95:79
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDuQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMzAx
NjIyNDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDExRTY5MDc2MUMxNkNE
QTNEMDU2NDY5QjdGNzE5NDE1NURCQzVERjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDb3FsQ9burmbJ60fLPmLlYX0B9U0y0qNSgauQG8wFHQ+4q8EZh
qK2GHro4YsrQYmebzyhuIWr2k1++Q5rrjaTxfm3Qb7MFoR2loa9KIPyS1UJUMow3
gCP0V3C+pgzyoXQlfa0Y54jS6BxHcNtWhTyt3awhZmK1oGdhYNKxRwM2t3xfCBmg
WiY6iQRnOTuVBmpEpj4Rkp1TXfdP5rMLk4yd/QTDoUasOgwf9GXYmd1FTqefvkTC
/bZieHzSO+tERBv0bVIJstSn1FLq8y7sJPrHaHqzjQIhDIN5Uk6REbOKIZ/K6WvD
Mpd5QRkzd+YJAM9ZMuHMHK09Mu8Pm0/89Lt1AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUEeaQdhwWzaPQVkabf3GUFV28XfQwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0VlYVFkaHdXemFQUVZr
YWJmM0dVRlYyOFhmUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAQhkiCIvuaDCuS54kH5pLMi5QvgS9c7jR
8XeJsJ4HR7Xq2PHbdYoQK9riwws8KpzWvE+tcHjLg/wNvOTzUS3MXOvhaaJ/Cx60
xHuFb8gUKteKOS8EVMuWUy58d/wjs2oLeUJM4xRt6UTNWlGk0o9KNE2KHB2qdb5b
HluZUEQSFJUivAZRKrrEYq+NkXp51Ui9jhyPSqQEzHIgGkx376IHfN1uiU/dkdRA
yxAd8lyRK5CagZdzSGNx3FT5bGV88NrUAcOg1828eIbDusiRfJn/xw19Gyq+PU2d
Gv2bXnpCvN4kHWlggKk6jtoznMvJQSjK2IkbPJZfV3IfQqzMMXeVeQ==
-----END CERTIFICATE-----
Generated at Sat Mar 30 17:56:56 2024 by rpki-client on console-ams.rpki-client.org