Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/ErzK1K-XoNTiB0mr1qZLBeCzxac.roa
File: ErzK1K-XoNTiB0mr1qZLBeCzxac.roa (raw, json)
Hash identifier: qwTMZmW95taHkDhj40bONxJ/5dhiWKzQZpqTmshWN0k=
Subject key identifier: 12:BC:CA:D4:AF:97:A0:D4:E2:07:49:AB:D6:A6:4B:05:E0:B3:C5:A7
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 19E2
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/ErzK1K-XoNTiB0mr1qZLBeCzxac.roa
Signing time: Sun 28 Apr 2024 23:53:57 +0000
ROA not before: Sun 28 Apr 2024 23:53:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6626 (0x19e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 28 23:53:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=12BCCAD4AF97A0D4E20749ABD6A64B05E0B3C5A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:75:96:7c:7a:77:4c:ab:53:52:e5:18:ed:8f:
f4:48:31:86:78:b4:62:de:ac:16:38:cc:f0:fa:79:
e1:b4:3e:3f:d8:57:b1:80:c5:8e:10:98:6d:73:00:
cb:ae:74:50:6d:90:59:a6:8d:ed:2e:15:6c:8e:fa:
3c:5c:bf:dd:e6:63:09:e7:3e:9d:42:17:7c:f9:b0:
cb:8b:a0:25:a4:dd:63:5d:4e:56:55:c1:f1:42:8d:
8f:2b:de:ef:59:07:d2:53:6d:b9:16:b3:55:b4:14:
17:c5:e1:3e:23:9e:c8:23:47:2f:22:5e:73:94:8b:
07:09:c4:e2:51:6a:1f:45:a2:17:f8:25:3f:ba:ed:
30:6b:55:27:3e:79:44:d6:5a:a8:f2:c3:21:d9:67:
50:b2:40:2c:da:3c:a5:a2:17:a8:19:50:52:71:d6:
c8:4a:ef:c0:15:71:e8:9d:5f:69:0e:9d:17:30:52:
44:d6:05:8d:a5:d8:2d:bc:30:c6:e9:84:cb:d4:e0:
79:0a:ba:40:9f:14:da:f4:1b:1b:7a:f1:f1:01:61:
c2:ce:b5:52:55:d7:73:c5:46:da:5e:72:4f:1a:7d:
7d:54:d3:e4:03:3a:94:1a:9b:a2:2c:b6:77:9b:1b:
65:98:d4:27:1c:11:92:87:9a:24:fb:df:b8:7b:77:
a7:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:BC:CA:D4:AF:97:A0:D4:E2:07:49:AB:D6:A6:4B:05:E0:B3:C5:A7
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/ErzK1K-XoNTiB0mr1qZLBeCzxac.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
10:23:57:b1:2d:67:e2:ef:ed:a2:db:20:1d:f1:a0:89:1d:43:
d4:6a:d0:09:5b:9a:f5:83:26:fc:0c:f0:5e:7c:6f:8b:68:f5:
0d:60:b9:e8:19:3e:5d:61:1e:1e:80:0c:cb:71:4b:ae:52:a4:
d9:27:98:e3:48:4e:31:c4:08:9d:11:02:3c:9f:b9:8f:0a:fb:
8b:34:28:b2:32:65:8e:9d:e1:ab:a4:f1:f6:eb:81:87:d7:8a:
2e:ce:22:fa:88:f5:21:62:85:27:1c:e6:61:73:ed:82:50:96:
02:08:2d:d4:07:69:47:28:f0:74:8d:db:7d:53:c6:77:4d:ae:
e2:7b:50:0e:f8:3a:b6:cc:27:68:c0:c3:32:06:7f:60:48:98:
24:d8:7c:04:92:f3:c1:a7:fc:59:c1:c4:a9:61:3f:89:8c:fc:
e7:e7:0b:a5:63:fc:9a:32:43:2d:1e:af:d5:34:a1:3c:6c:fd:
fb:0b:78:2c:43:7b:5f:03:da:db:f4:87:0e:a7:5e:56:cc:89:
7b:30:ed:41:62:89:23:42:34:27:6a:c2:b7:90:2a:81:9c:0a:
91:1d:08:6b:86:40:bb:ec:2b:31:21:da:50:5a:42:bc:bd:25:
80:58:65:bc:8b:02:10:6b:fe:1e:c9:93:58:21:f4:94:11:4c:
10:60:a8:51
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGeIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0Mjgy
MzUzNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDEyQkNDQUQ0QUY5N0Ew
RDRFMjA3NDlBQkQ2QTY0QjA1RTBCM0M1QTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGdZZ8endMq1NS5Rjtj/RIMYZ4tGLerBY4zPD6eeG0Pj/YV7GA
xY4QmG1zAMuudFBtkFmmje0uFWyO+jxcv93mYwnnPp1CF3z5sMuLoCWk3WNdTlZV
wfFCjY8r3u9ZB9JTbbkWs1W0FBfF4T4jnsgjRy8iXnOUiwcJxOJRah9Fohf4JT+6
7TBrVSc+eUTWWqjywyHZZ1CyQCzaPKWiF6gZUFJx1shK78AVceidX2kOnRcwUkTW
BY2l2C28MMbphMvU4HkKukCfFNr0Gxt68fEBYcLOtVJV13PFRtpeck8afX1U0+QD
OpQam6IstnebG2WY1CccEZKHmiT737h7d6e/AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUErzK1K+XoNTiB0mr1qZLBeCzxacwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0VyeksxSy1Yb05UaUIw
bXIxcVpMQmVDenhhYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAECNXsS1n4u/totsgHfGgiR1D1GrQCVua
9YMm/AzwXnxvi2j1DWC56Bk+XWEeHoAMy3FLrlKk2SeY40hOMcQInRECPJ+5jwr7
izQosjJljp3hq6Tx9uuBh9eKLs4i+oj1IWKFJxzmYXPtglCWAggt1AdpRyjwdI3b
fVPGd02u4ntQDvg6tswnaMDDMgZ/YEiYJNh8BJLzwaf8WcHEqWE/iYz85+cLpWP8
mjJDLR6v1TShPGz9+wt4LEN7XwPa2/SHDqdeVsyJezDtQWKJI0I0J2rCt5AqgZwK
kR0Ia4ZAu+wrMSHaUFpCvL0lgFhlvIsCEGv+HsmTWCH0lBFMEGCoUQ==
-----END CERTIFICATE-----
Generated at Mon Apr 29 00:57:50 2024 by rpki-client on console-ams.rpki-client.org