Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/GG5FS5WS9kZqKOn6AeC3E1yTQgA.roa
File: GG5FS5WS9kZqKOn6AeC3E1yTQgA.roa (raw, json)
Hash identifier: +14oCLLbUXVo/DlF95r/wDI/hsZyOaVhdOyIjESB1cM=
Subject key identifier: 18:6E:45:4B:95:92:F6:46:6A:28:E9:FA:01:E0:B7:13:5C:93:42:00
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1288
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/GG5FS5WS9kZqKOn6AeC3E1yTQgA.roa
Signing time: Tue 09 Apr 2024 09:23:57 +0000
ROA not before: Tue 09 Apr 2024 09:23:57 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4744 (0x1288)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 9 09:23:57 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=186E454B9592F6466A28E9FA01E0B7135C934200
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:fb:e6:d2:19:66:6e:78:f2:b9:7e:69:6f:41:
b2:d1:19:5e:19:5a:c9:47:39:52:e3:00:14:6b:ca:
61:d9:65:aa:81:2b:e8:f8:4f:95:03:e1:37:52:29:
1e:af:08:6c:20:de:35:44:66:a0:ff:b1:45:53:e1:
49:17:e2:a8:b7:e1:93:a1:ad:fc:6e:7d:b8:ea:e7:
5c:f3:11:ac:35:5e:04:98:74:d8:45:44:27:44:a8:
b0:03:63:3e:ae:d9:6e:76:73:0a:43:7b:02:72:ca:
7f:fa:a2:72:11:f9:fe:ae:2e:b0:27:1a:64:28:44:
d1:19:0a:b6:c1:5f:17:d5:2e:e5:28:4f:57:58:9a:
aa:63:9f:b1:cb:e8:d8:2d:42:87:3c:32:84:02:9e:
46:eb:f0:a7:dc:e1:95:33:6f:46:91:a0:f6:9b:e7:
ef:37:e9:8b:9e:d5:cd:88:3f:ce:7d:f7:70:ac:63:
12:14:7a:d7:31:59:c8:97:99:a0:02:dd:d6:86:4e:
5f:14:4c:a1:c6:99:ca:cf:7e:bf:9c:7d:17:43:57:
9a:b4:d3:4c:43:db:91:1b:95:59:99:fd:3d:d8:d8:
f1:fa:7e:e8:47:35:fe:19:ce:4d:8b:a1:dc:6c:92:
11:c6:10:21:93:09:f2:dc:4b:27:c3:c3:e8:15:29:
65:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:6E:45:4B:95:92:F6:46:6A:28:E9:FA:01:E0:B7:13:5C:93:42:00
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/GG5FS5WS9kZqKOn6AeC3E1yTQgA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d3:9e:1a:4c:47:a6:d4:fd:15:3c:d8:90:80:b0:97:5e:e0:a4:
ce:85:cb:37:66:2c:d1:40:81:c1:cb:89:ae:bd:07:35:c3:4f:
3a:32:a8:7d:d3:9c:6d:8b:64:97:7d:a6:f6:86:af:9c:c3:93:
89:51:52:35:ce:fe:3a:c1:38:a0:45:14:16:8f:d3:20:bb:f4:
36:6b:78:8b:25:81:c3:8d:29:13:e9:43:22:19:fb:fa:82:b0:
f6:2d:66:3b:08:85:60:0e:80:d5:27:23:a0:a1:7a:b2:03:ac:
f0:0a:2f:04:bf:06:f5:d7:d1:97:7f:79:8e:f3:f5:10:6f:99:
ff:da:9f:d5:6b:48:01:e3:85:ed:c1:af:c8:ca:48:65:63:4d:
72:cb:e7:6c:a7:45:ae:6e:5f:ff:b0:30:39:08:0c:a9:20:25:
e7:3e:58:af:af:b6:be:83:50:da:a9:06:f1:60:ab:47:e3:b4:
53:bb:b6:45:dc:0d:eb:c7:ed:72:bf:46:79:a6:ff:4f:2a:11:
30:66:15:3c:a4:45:01:b6:8d:26:d8:87:ed:cb:7f:89:4c:a3:
d4:6a:cd:01:c5:61:79:f6:88:d5:ad:ae:9e:50:16:c8:44:20:
d9:f8:d7:30:8d:58:66:a7:53:3e:ee:63:ea:8c:ec:14:55:f1:
36:2b:96:16
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEogwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDkw
OTIzNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE4NkU0NTRCOTU5MkY2
NDY2QTI4RTlGQTAxRTBCNzEzNUM5MzQyMDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8++bSGWZuePK5fmlvQbLRGV4ZWslHOVLjABRrymHZZaqBK+j4
T5UD4TdSKR6vCGwg3jVEZqD/sUVT4UkX4qi34ZOhrfxufbjq51zzEaw1XgSYdNhF
RCdEqLADYz6u2W52cwpDewJyyn/6onIR+f6uLrAnGmQoRNEZCrbBXxfVLuUoT1dY
mqpjn7HL6NgtQoc8MoQCnkbr8Kfc4ZUzb0aRoPab5+836Yue1c2IP85993CsYxIU
etcxWciXmaAC3daGTl8UTKHGmcrPfr+cfRdDV5q000xD25EblVmZ/T3Y2PH6fuhH
Nf4Zzk2LodxskhHGECGTCfLcSyfDw+gVKWUhAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUGG5FS5WS9kZqKOn6AeC3E1yTQgAwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0dHNUZTNVdTOWtacUtP
bjZBZUMzRTF5VFFnQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEA054aTEem1P0VPNiQgLCXXuCkzoXLN2Ys
0UCBwcuJrr0HNcNPOjKofdOcbYtkl32m9oavnMOTiVFSNc7+OsE4oEUUFo/TILv0
Nmt4iyWBw40pE+lDIhn7+oKw9i1mOwiFYA6A1ScjoKF6sgOs8AovBL8G9dfRl395
jvP1EG+Z/9qf1WtIAeOF7cGvyMpIZWNNcsvnbKdFrm5f/7AwOQgMqSAl5z5Yr6+2
voNQ2qkG8WCrR+O0U7u2RdwN68ftcr9Geab/TyoRMGYVPKRFAbaNJtiH7ct/iUyj
1GrNAcVhefaI1a2unlAWyEQg2fjXMI1YZqdTPu5j6ozsFFXxNiuWFg==
-----END CERTIFICATE-----
Generated at Tue Apr 9 15:26:09 2024 by rpki-client on console-ams.rpki-client.org