Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/FVtihXmR0mbI3k55tPOuVIG6ZP4.roa
File: FVtihXmR0mbI3k55tPOuVIG6ZP4.roa (raw, json)
Hash identifier: sYUx52FaoeljE50FSeYSpjSrzhm3NL/+Adxnvk1Xv4o=
Subject key identifier: 15:5B:62:85:79:91:D2:66:C8:DE:4E:79:B4:F3:AE:54:81:BA:64:FE
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 19D6
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/FVtihXmR0mbI3k55tPOuVIG6ZP4.roa
Signing time: Sun 28 Apr 2024 20:53:58 +0000
ROA not before: Sun 28 Apr 2024 20:53:58 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6614 (0x19d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 28 20:53:58 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=155B62857991D266C8DE4E79B4F3AE5481BA64FE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:be:ea:66:42:f1:fe:de:46:98:21:1a:9b:c5:
2d:9b:92:09:66:85:2b:d1:95:a1:e5:6b:d2:be:d2:
b4:22:b5:9b:d0:40:68:9a:6d:ec:2f:ab:37:51:a4:
ec:04:63:50:64:c5:dc:92:90:37:ef:e0:c5:09:e0:
75:14:16:e8:01:7e:11:1a:12:fa:79:ba:e8:11:de:
b8:c1:59:b6:0b:ea:9b:1f:29:6e:14:96:13:8d:8b:
80:cd:ba:7b:23:ed:9b:04:81:13:cd:34:6f:11:79:
f1:d2:3b:15:59:c9:46:3f:19:02:0f:69:4e:e7:b0:
39:77:33:94:3f:e6:6c:1e:5a:e7:49:65:dd:f1:43:
4d:d5:e6:83:ce:b3:13:d0:eb:86:df:a4:cd:3c:e3:
74:7d:eb:1e:6f:0b:ae:c0:5d:5c:dc:48:5a:ce:a6:
40:b9:53:8b:84:88:60:fe:ea:53:19:eb:74:9f:16:
34:32:7d:6e:ca:f9:48:90:80:3f:89:bf:a8:90:6d:
33:9b:3b:24:39:18:e0:c5:98:55:3f:73:bb:d3:8f:
db:b7:50:19:e4:7c:be:b2:90:3f:d1:67:88:97:f3:
25:6a:78:ee:47:c5:36:69:02:71:a6:b2:39:fb:cf:
8d:cc:01:56:73:e8:a7:31:c5:18:c1:15:2c:38:c8:
51:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:5B:62:85:79:91:D2:66:C8:DE:4E:79:B4:F3:AE:54:81:BA:64:FE
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/FVtihXmR0mbI3k55tPOuVIG6ZP4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
45:9d:b8:b0:07:6f:b2:e6:b9:f4:e8:49:84:e7:30:40:03:9c:
8d:48:af:32:fa:4f:d2:f5:8e:61:10:aa:7f:d5:8d:e0:4c:1a:
43:fd:f7:05:0b:08:e4:5e:56:46:5c:10:36:6d:1d:5d:89:15:
bd:98:66:80:e4:c8:25:fb:3f:f4:32:1e:5b:2f:2a:18:8a:b2:
8d:34:42:32:fb:35:6c:a0:52:99:a0:15:1e:6c:64:9e:b5:84:
9e:13:72:61:43:41:fe:38:77:52:64:aa:4a:83:45:2f:14:5c:
8a:30:14:cb:0f:61:52:fb:ee:5a:2e:3e:7b:6a:61:91:44:2b:
e7:05:fc:5d:74:cc:24:1f:30:7a:62:cb:43:bc:4c:29:47:05:
8e:fa:84:45:49:86:bd:8b:83:87:70:78:7b:e5:11:f8:53:60:
24:05:00:7e:60:d3:7c:d0:98:a9:09:b3:9f:1a:90:58:06:9e:
b0:c8:05:a7:19:d7:d5:a9:65:54:31:60:76:4c:47:4e:bc:cc:
b4:de:fb:58:70:61:4a:c5:0c:04:aa:e1:7d:9b:1e:a2:02:4d:
cb:75:5b:4c:bb:5b:08:8c:3b:03:6b:2f:d5:b1:41:a2:1a:f0:
da:4d:f1:4d:a8:5d:02:4e:45:d9:a3:34:41:dd:f5:5d:ee:71:
8b:c6:dd:6d
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGdYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0Mjgy
MDUzNThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE1NUI2Mjg1Nzk5MUQy
NjZDOERFNEU3OUI0RjNBRTU0ODFCQTY0RkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgvupmQvH+3kaYIRqbxS2bkglmhSvRlaHla9K+0rQitZvQQGia
bewvqzdRpOwEY1BkxdySkDfv4MUJ4HUUFugBfhEaEvp5uugR3rjBWbYL6psfKW4U
lhONi4DNunsj7ZsEgRPNNG8RefHSOxVZyUY/GQIPaU7nsDl3M5Q/5mweWudJZd3x
Q03V5oPOsxPQ64bfpM0843R96x5vC67AXVzcSFrOpkC5U4uEiGD+6lMZ63SfFjQy
fW7K+UiQgD+Jv6iQbTObOyQ5GODFmFU/c7vTj9u3UBnkfL6ykD/RZ4iX8yVqeO5H
xTZpAnGmsjn7z43MAVZz6KcxxRjBFSw4yFF7AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUFVtihXmR0mbI3k55tPOuVIG6ZP4wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0ZWdGloWG1SMG1iSTNr
NTV0UE91VklHNlpQNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEARZ24sAdvsua59OhJhOcwQAOcjUivMvpP
0vWOYRCqf9WN4EwaQ/33BQsI5F5WRlwQNm0dXYkVvZhmgOTIJfs/9DIeWy8qGIqy
jTRCMvs1bKBSmaAVHmxknrWEnhNyYUNB/jh3UmSqSoNFLxRcijAUyw9hUvvuWi4+
e2phkUQr5wX8XXTMJB8wemLLQ7xMKUcFjvqERUmGvYuDh3B4e+UR+FNgJAUAfmDT
fNCYqQmznxqQWAaesMgFpxnX1allVDFgdkxHTrzMtN77WHBhSsUMBKrhfZseogJN
y3VbTLtbCIw7A2sv1bFBohrw2k3xTahdAk5F2aM0Qd31Xe5xi8bdbQ==
-----END CERTIFICATE-----
Generated at Sun Apr 28 23:56:45 2024 by rpki-client on console-ams.rpki-client.org