Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/GI64Mm3j8xj6hTUF10EolEDovPI.roa
File: GI64Mm3j8xj6hTUF10EolEDovPI.roa (raw, json)
Hash identifier: cLKLnXArKyIvapzyCPR9Qd4qmcfi683vQ7LFh6xTUR4=
Subject key identifier: 18:8E:B8:32:6D:E3:F3:18:FA:85:35:05:D7:41:28:94:40:E8:BC:F2
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 19CC
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/GI64Mm3j8xj6hTUF10EolEDovPI.roa
Signing time: Sun 28 Apr 2024 18:24:43 +0000
ROA not before: Sun 28 Apr 2024 18:24:43 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6604 (0x19cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 28 18:24:43 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=188EB8326DE3F318FA853505D741289440E8BCF2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e2:71:3a:b1:03:d7:35:07:91:7e:18:8a:4c:
b0:f3:3c:31:ed:12:b3:2d:60:56:5c:94:ad:05:4b:
5d:0b:a5:5b:9a:c2:dd:ba:20:17:39:62:f1:7a:07:
31:3d:99:1b:50:ee:85:2c:2e:5f:b4:1c:16:04:b0:
e5:53:53:b9:d2:05:eb:4e:53:95:6e:aa:b9:dc:b4:
d5:f5:57:f3:f8:df:22:df:85:82:43:2c:53:ad:c1:
c5:eb:2f:0e:81:6e:70:8d:bf:35:0b:35:3b:d6:fe:
ca:71:32:87:1a:38:92:ac:f2:b1:f4:2e:58:bb:70:
4e:1c:54:3d:8c:0b:b1:e1:ae:02:ca:b6:33:8c:53:
00:07:81:13:b6:52:96:33:6c:79:4f:92:9c:06:57:
5d:65:d9:9c:d9:94:d2:90:60:83:5f:62:4a:e4:13:
bd:cf:8d:9f:cc:5e:b5:2a:7d:dd:45:21:43:13:73:
84:4a:e7:86:8c:2f:ea:79:57:36:2d:94:b2:63:84:
c4:a9:c5:d5:aa:92:72:80:5e:78:fe:52:ec:54:26:
5c:d2:c4:37:77:16:07:1f:5e:ce:fe:a6:fe:6a:3b:
40:16:6c:ed:1a:ab:9c:71:d4:81:61:d0:85:78:e7:
39:6c:0c:93:de:08:91:7f:f9:3c:df:e0:2a:c5:a4:
6b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:8E:B8:32:6D:E3:F3:18:FA:85:35:05:D7:41:28:94:40:E8:BC:F2
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/GI64Mm3j8xj6hTUF10EolEDovPI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c7:b8:6d:fb:d8:67:7c:a9:75:4c:52:8d:cd:9f:e4:23:64:d0:
8f:27:ec:e1:0d:0b:42:b5:78:4f:f5:7b:9c:8f:9e:2c:7c:39:
fa:0c:b5:55:48:26:4d:22:93:74:ba:8a:b3:be:1c:f7:e5:13:
8f:c3:71:ef:bd:a8:e5:e3:18:3b:c7:b7:1a:b9:d1:94:8d:bc:
20:06:1b:f2:86:ef:fe:eb:61:33:16:1d:bd:5d:a6:4a:ff:aa:
68:e6:c2:45:c6:e1:6a:32:7c:2b:b5:8c:f6:0d:0b:86:79:a4:
48:45:17:43:da:ac:19:6e:18:4b:dc:48:df:52:8f:76:a2:47:
c5:c5:aa:4a:43:af:08:e4:7c:75:bc:03:db:67:8d:a9:cb:ff:
37:58:3e:b8:26:52:66:27:61:63:4c:dd:c3:6f:12:99:e0:5d:
01:89:50:4b:a7:2b:80:5d:47:f3:a4:71:e3:ce:f0:5f:31:4e:
4d:44:84:35:14:6b:c1:92:56:d7:b9:ce:5d:94:23:b2:56:d4:
38:87:bc:0f:5a:0c:a6:0f:d3:b4:0c:80:30:c8:0d:8c:f2:da:
8a:56:ea:8a:31:3c:bc:0a:11:77:97:d5:37:8f:26:f4:66:93:
e4:1e:2a:e8:0f:63:41:93:8a:4b:91:eb:73:46:f2:2d:5e:e1:
d6:5e:19:a8
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICGcwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0Mjgx
ODI0NDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE4OEVCODMyNkRFM0Yz
MThGQTg1MzUwNUQ3NDEyODk0NDBFOEJDRjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC94nE6sQPXNQeRfhiKTLDzPDHtErMtYFZclK0FS10LpVuawt26
IBc5YvF6BzE9mRtQ7oUsLl+0HBYEsOVTU7nSBetOU5VuqrnctNX1V/P43yLfhYJD
LFOtwcXrLw6BbnCNvzULNTvW/spxMocaOJKs8rH0Lli7cE4cVD2MC7HhrgLKtjOM
UwAHgRO2UpYzbHlPkpwGV11l2ZzZlNKQYINfYkrkE73PjZ/MXrUqfd1FIUMTc4RK
54aML+p5VzYtlLJjhMSpxdWqknKAXnj+UuxUJlzSxDd3FgcfXs7+pv5qO0AWbO0a
q5xx1IFh0IV45zlsDJPeCJF/+Tzf4CrFpGstAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUGI64Mm3j8xj6hTUF10EolEDovPIwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0dJNjRNbTNqOHhqNmhU
VUYxMEVvbEVEb3ZQSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAx7ht+9hnfKl1TFKNzZ/kI2TQjyfs4Q0L
QrV4T/V7nI+eLHw5+gy1VUgmTSKTdLqKs74c9+UTj8Nx772o5eMYO8e3GrnRlI28
IAYb8obv/uthMxYdvV2mSv+qaObCRcbhajJ8K7WM9g0LhnmkSEUXQ9qsGW4YS9xI
31KPdqJHxcWqSkOvCOR8dbwD22eNqcv/N1g+uCZSZidhY0zdw28SmeBdAYlQS6cr
gF1H86Rx487wXzFOTUSENRRrwZJW17nOXZQjslbUOIe8D1oMpg/TtAyAMMgNjPLa
ilbqijE8vAoRd5fVN48m9GaT5B4q6A9jQZOKS5Hrc0byLV7h1l4ZqA==
-----END CERTIFICATE-----
Generated at Sun Apr 28 20:02:20 2024 by rpki-client on console-ams.rpki-client.org