Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/HW1Imz46sPGpKPU8zb6nev1rmuU.roa
File: HW1Imz46sPGpKPU8zb6nev1rmuU.roa (raw, json)
Hash identifier: SUKF84/zZqnAWmZDmOYKgIbox+irLXVEMnJ88mChZao=
Subject key identifier: 1D:6D:48:9B:3E:3A:B0:F1:A9:28:F5:3C:CD:BE:A7:7A:FD:6B:9A:E5
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 13D4
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/HW1Imz46sPGpKPU8zb6nev1rmuU.roa
Signing time: Fri 12 Apr 2024 20:23:17 +0000
ROA not before: Fri 12 Apr 2024 20:23:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5076 (0x13d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 12 20:23:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1D6D489B3E3AB0F1A928F53CCDBEA77AFD6B9AE5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9f:6e:82:44:1f:16:f7:a1:79:37:fd:b5:92:
42:c5:b1:7b:4a:30:71:be:43:37:ba:91:96:f9:6b:
c8:19:aa:3f:e1:ca:3f:28:9f:03:16:9b:af:9b:8e:
59:92:2b:9a:0a:7b:a8:62:91:c4:6e:eb:28:aa:53:
e2:2d:4f:03:32:7f:5e:04:22:1c:43:16:69:96:d9:
5f:2e:74:82:c2:e3:8b:ce:45:86:76:8f:79:8a:05:
ea:62:88:04:c4:03:21:73:f4:4f:51:43:d9:66:29:
22:89:49:7d:04:cd:2c:6b:57:80:9a:66:b3:cd:db:
94:f9:83:91:d7:8d:b2:6f:62:98:ec:bf:ef:6e:18:
83:17:92:d8:30:f3:61:78:30:47:5a:bc:80:de:51:
d7:54:18:8a:04:4e:8e:9a:25:80:74:6f:ea:18:da:
be:cc:3a:7f:7d:1d:02:31:52:3f:74:da:37:4a:0d:
db:8b:e0:10:e4:b5:4f:67:e2:57:6d:84:48:6c:6c:
f1:3a:19:0b:29:bc:f0:0f:d6:e5:cd:c1:93:60:ae:
81:8d:ef:60:83:7d:a3:c1:73:38:67:89:18:81:97:
54:30:e8:12:60:22:e7:20:11:e8:92:f5:42:df:59:
ef:f6:78:fd:c0:3d:c7:04:43:a1:7a:a6:6c:ef:3e:
b6:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:6D:48:9B:3E:3A:B0:F1:A9:28:F5:3C:CD:BE:A7:7A:FD:6B:9A:E5
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/HW1Imz46sPGpKPU8zb6nev1rmuU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
94:26:f8:6b:c5:d3:3f:a3:0f:32:98:4a:03:f2:cb:b2:a5:d0:
e1:9c:96:e5:82:02:80:ee:33:3e:23:8e:c5:c6:fa:bd:3c:51:
ae:19:9e:df:4f:48:c8:4f:f1:46:48:ae:07:8e:c9:ed:42:a1:
53:15:58:6d:e7:03:cb:59:c3:60:b3:af:18:1a:c5:77:d5:41:
94:5b:53:10:5a:ee:9f:d5:0f:46:53:e3:ad:71:99:3f:01:b6:
80:dd:a2:c9:ef:b4:7f:d9:2b:4d:30:22:90:96:65:eb:8c:3c:
f6:10:f9:f0:76:a4:be:74:94:35:3e:70:83:f1:b7:a4:9f:92:
a7:91:1e:6d:d4:b1:fa:64:26:6d:2e:8f:9e:35:5b:35:99:61:
e8:39:f0:16:c8:29:b3:5a:1a:2f:da:22:13:c9:5a:eb:86:36:
18:73:0d:d1:5c:27:70:be:f2:1c:5b:40:75:46:b3:2b:97:2d:
0c:ae:7d:36:42:11:22:ec:f9:3c:8e:db:7a:f5:d9:68:f8:56:
7a:14:90:96:28:47:e5:98:a2:d3:d0:70:39:cc:ec:fc:4a:46:
85:c7:1f:37:53:bf:3f:70:09:9e:a3:44:e5:9f:8f:9d:d3:18:
21:bc:03:32:88:0e:bd:b4:54:00:71:4e:09:db:8b:38:75:ea:
3c:a8:bc:ec
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICE9QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTIy
MDIzMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFENkQ0ODlCM0UzQUIw
RjFBOTI4RjUzQ0NEQkVBNzdBRkQ2QjlBRTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCcn26CRB8W96F5N/21kkLFsXtKMHG+Qze6kZb5a8gZqj/hyj8o
nwMWm6+bjlmSK5oKe6hikcRu6yiqU+ItTwMyf14EIhxDFmmW2V8udILC44vORYZ2
j3mKBepiiATEAyFz9E9RQ9lmKSKJSX0EzSxrV4CaZrPN25T5g5HXjbJvYpjsv+9u
GIMXktgw82F4MEdavIDeUddUGIoETo6aJYB0b+oY2r7MOn99HQIxUj902jdKDduL
4BDktU9n4ldthEhsbPE6GQspvPAP1uXNwZNgroGN72CDfaPBczhniRiBl1Qw6BJg
IucgEeiS9ULfWe/2eP3APccEQ6F6pmzvPrYzAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUHW1Imz46sPGpKPU8zb6nev1rmuUwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0hXMUltejQ2c1BHcEtQ
VTh6YjZuZXYxcm11VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAlCb4a8XTP6MPMphKA/LLsqXQ4ZyW5YIC
gO4zPiOOxcb6vTxRrhme309IyE/xRkiuB47J7UKhUxVYbecDy1nDYLOvGBrFd9VB
lFtTEFrun9UPRlPjrXGZPwG2gN2iye+0f9krTTAikJZl64w89hD58HakvnSUNT5w
g/G3pJ+Sp5EebdSx+mQmbS6PnjVbNZlh6DnwFsgps1oaL9oiE8la64Y2GHMN0Vwn
cL7yHFtAdUazK5ctDK59NkIRIuz5PI7bevXZaPhWehSQlihH5Zii09BwOczs/EpG
hccfN1O/P3AJnqNE5Z+PndMYIbwDMogOvbRUAHFOCduLOHXqPKi87A==
Generated at Fri Apr 12 21:19:41 2024 by rpki-client on console-fra.rpki-client.org