Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/HCvl65YUi9Da5ABLDTKGMcGXWwY.roa
File: HCvl65YUi9Da5ABLDTKGMcGXWwY.roa (raw, json)
Hash identifier: NjYDXNrOd01IzKM6cl28mKF86ugSMp1TnJO/FmPeFVE=
Subject key identifier: 1C:2B:E5:EB:96:14:8B:D0:DA:E4:00:4B:0D:32:86:31:C1:97:5B:06
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 115C
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/HCvl65YUi9Da5ABLDTKGMcGXWwY.roa
Signing time: Sat 06 Apr 2024 06:22:50 +0000
ROA not before: Sat 06 Apr 2024 06:22:50 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4444 (0x115c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 6 06:22:50 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1C2BE5EB96148BD0DAE4004B0D328631C1975B06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:3e:37:c0:81:0f:3f:14:aa:16:c8:29:26:8c:
9c:21:2f:f2:46:5d:65:03:30:55:b3:20:41:da:b5:
d1:45:79:88:af:03:f3:db:e1:57:96:1b:c5:81:c6:
9d:55:a3:21:7a:a3:3a:8b:26:5f:0e:d5:85:ca:af:
51:2a:a2:23:60:32:ca:6a:97:0b:15:ed:60:49:a7:
7f:55:a1:b5:22:7e:e8:a6:ba:1b:f0:82:1b:f4:58:
0d:62:ec:39:b4:46:1f:e5:ee:ea:40:e3:5c:0f:1b:
97:d7:84:d7:d9:27:69:5e:de:7b:e8:9f:1d:8a:0a:
97:e5:1d:a2:db:37:57:1c:83:39:01:96:60:53:6a:
eb:ed:b3:01:50:c1:76:de:d9:60:3e:71:37:ec:86:
b0:10:a3:36:83:fe:da:d3:4d:c2:df:fe:1d:1d:5f:
8e:7f:46:2c:fe:21:cc:eb:b3:4e:49:4b:2b:47:b4:
d1:9c:cf:e2:d6:4f:37:e2:db:56:f2:98:79:07:ab:
89:94:ec:92:79:4b:f8:20:b2:9f:29:83:5f:d9:63:
b3:71:4c:5b:4e:9f:8e:36:dc:54:f9:1a:53:aa:ba:
48:f0:a4:82:39:0b:76:60:0e:56:d2:6a:44:1d:fc:
e8:48:20:76:b1:74:dd:d8:02:a4:03:71:7e:35:21:
ba:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:2B:E5:EB:96:14:8B:D0:DA:E4:00:4B:0D:32:86:31:C1:97:5B:06
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/HCvl65YUi9Da5ABLDTKGMcGXWwY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c0:3c:3e:bd:0f:24:00:05:21:a9:f2:32:cf:02:27:e0:94:bc:
f5:4a:f1:db:a5:80:b5:d6:7e:7f:4e:4a:f3:fb:23:52:c5:8a:
3f:8f:32:b5:58:3b:4a:84:e9:ad:ff:e0:50:ae:bd:52:b6:6f:
7b:1f:19:34:da:c2:cd:0a:30:ee:18:ba:0a:cd:13:94:32:cf:
1f:20:5d:f6:34:17:ad:6c:2a:64:35:bd:c6:cd:a4:c0:08:b9:
92:42:8b:43:a8:00:72:1c:72:5e:ce:82:f1:41:50:ab:1f:86:
a5:ec:a4:93:e2:f1:f7:0b:20:b6:45:1c:19:67:eb:a1:b2:fa:
f5:96:7f:cd:cd:e0:24:7d:3b:7f:98:62:8a:19:07:e9:54:60:
4f:dc:66:c9:2d:2d:13:6b:30:59:ac:71:75:30:b4:41:3d:c4:
b6:d3:28:2b:59:6d:b7:6b:9f:24:23:dc:25:f8:14:39:66:e5:
e6:da:8e:df:68:d0:cc:d2:5a:7d:02:02:c0:d7:19:bf:5e:39:
42:d2:6d:79:1f:7c:05:30:f7:e5:f6:c0:a3:79:3a:3f:b9:e0:
43:3a:bb:d8:0e:46:c6:06:1c:4e:3e:db:30:bf:d7:1d:d4:91:
37:5e:6c:1d:3e:b1:45:ad:4c:9f:04:a7:5f:5a:88:a2:c3:f7:
b0:a6:13:4f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEVwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDYw
NjIyNTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFDMkJFNUVCOTYxNDhC
RDBEQUU0MDA0QjBEMzI4NjMxQzE5NzVCMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+PjfAgQ8/FKoWyCkmjJwhL/JGXWUDMFWzIEHatdFFeYivA/Pb
4VeWG8WBxp1VoyF6ozqLJl8O1YXKr1EqoiNgMspqlwsV7WBJp39VobUifuimuhvw
ghv0WA1i7Dm0Rh/l7upA41wPG5fXhNfZJ2le3nvonx2KCpflHaLbN1ccgzkBlmBT
auvtswFQwXbe2WA+cTfshrAQozaD/trTTcLf/h0dX45/Riz+Iczrs05JSytHtNGc
z+LWTzfi21bymHkHq4mU7JJ5S/ggsp8pg1/ZY7NxTFtOn4423FT5GlOqukjwpII5
C3ZgDlbSakQd/OhIIHaxdN3YAqQDcX41IbrLAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUHCvl65YUi9Da5ABLDTKGMcGXWwYwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0hDdmw2NVlVaTlEYTVB
QkxEVEtHTWNHWFd3WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAwDw+vQ8kAAUhqfIyzwIn4JS89Urx26WA
tdZ+f05K8/sjUsWKP48ytVg7SoTprf/gUK69UrZvex8ZNNrCzQow7hi6Cs0TlDLP
HyBd9jQXrWwqZDW9xs2kwAi5kkKLQ6gAchxyXs6C8UFQqx+Gpeykk+Lx9wsgtkUc
GWfrobL69ZZ/zc3gJH07f5hiihkH6VRgT9xmyS0tE2swWaxxdTC0QT3EttMoK1lt
t2ufJCPcJfgUOWbl5tqO32jQzNJafQICwNcZv145QtJteR98BTD35fbAo3k6P7ng
Qzq72A5GxgYcTj7bML/XHdSRN15sHT6xRa1MnwSnX1qIosP3sKYTTw==
-----END CERTIFICATE-----
Generated at Sat Apr 6 09:49:22 2024 by rpki-client on console-fra.rpki-client.org