Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/H_pTKjUflWfrSABq0Ge2WINMQAI.roa
File: H_pTKjUflWfrSABq0Ge2WINMQAI.roa (raw, json)
Hash identifier: +H57XxSanuW2hqSDVOCZURNY369cJgQj7etXeoy0tn8=
Subject key identifier: 1F:FA:53:2A:35:1F:95:67:EB:48:00:6A:D0:67:B6:58:83:4C:40:02
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 16A4
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/H_pTKjUflWfrSABq0Ge2WINMQAI.roa
Signing time: Sat 20 Apr 2024 08:23:30 +0000
ROA not before: Sat 20 Apr 2024 08:23:30 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5796 (0x16a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 20 08:23:30 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1FFA532A351F9567EB48006AD067B658834C4002
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9a:cb:af:40:64:f4:24:e7:30:b1:99:95:77:
8a:02:8e:e7:48:4c:77:af:7e:c5:e4:9b:29:8f:47:
a7:52:5d:e9:56:0f:76:31:24:ca:84:de:e6:b3:08:
34:ab:9f:4a:fd:31:10:2e:c6:e5:87:36:48:f6:ab:
7c:4d:ea:23:6e:f6:20:de:e4:e7:bb:b4:17:45:93:
57:37:3c:4e:8f:2c:14:11:ca:cf:9a:5f:a9:d2:a2:
dc:a2:5b:85:17:f2:ff:33:5f:cf:21:31:f5:f1:ea:
20:9d:36:60:32:aa:b7:6a:5f:4e:00:ef:0a:f2:81:
5e:0d:da:83:41:bc:20:e0:db:22:9c:1d:2d:22:cc:
d4:0e:1c:96:45:b7:a6:d3:a7:1a:1d:85:98:fa:8e:
4a:f2:aa:87:f3:20:b8:27:1f:c6:8f:65:72:64:c8:
92:3b:b7:a2:44:7b:b7:60:33:85:cf:5b:51:86:aa:
0e:56:f3:6e:a0:a6:49:92:31:6b:11:47:2a:2f:aa:
5b:82:21:93:96:5a:0f:71:11:4c:f6:06:e9:48:3f:
44:12:bd:fb:9c:29:83:c2:48:42:ad:e0:7b:da:e5:
c2:97:c9:67:ee:23:f0:de:69:5e:ae:31:72:96:da:
5a:73:31:d1:8f:16:9f:0c:4b:8c:61:3e:4c:ff:64:
c3:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:FA:53:2A:35:1F:95:67:EB:48:00:6A:D0:67:B6:58:83:4C:40:02
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/H_pTKjUflWfrSABq0Ge2WINMQAI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
dc:48:d2:e9:90:69:c3:f6:62:a7:c5:ab:b1:1a:c1:46:35:64:
5f:e6:60:97:7c:1d:a6:62:d5:8e:fb:f6:bf:7e:ad:bc:16:2c:
1c:ef:6a:fc:01:da:f6:d3:f3:ff:20:79:35:98:5e:f4:72:0d:
c7:ce:c8:00:87:03:17:d8:57:9a:86:1c:de:70:d9:e9:0e:f7:
db:86:9f:1f:c0:16:f8:81:7a:a2:ef:f3:b7:e8:86:dd:5d:33:
bf:2c:4b:e1:6f:0f:93:a8:9a:28:ce:c3:53:a1:73:43:5a:9b:
77:03:5a:31:d7:ea:45:0a:dd:b6:66:d5:89:6a:d5:4f:ab:6b:
c0:dd:d8:10:c4:ae:26:73:24:7a:38:8c:9a:79:9e:0b:17:f2:
43:5b:79:ae:03:4b:06:bf:ce:dd:6f:80:fd:01:5d:1d:52:d1:
87:20:77:b5:ef:ec:47:c5:85:ea:36:66:8f:44:7c:11:c0:80:
e6:73:a0:7e:55:44:e7:bf:40:0f:26:9f:45:89:60:a3:bc:b5:
bf:93:a4:b6:55:1d:88:4b:3d:c1:f7:d2:e8:f9:2d:b3:34:5b:
5f:28:0d:e5:33:cb:9e:84:4a:96:cd:ed:6d:49:73:59:e8:70:
8f:87:eb:8e:05:77:1d:9c:18:7b:a3:3c:6e:cb:85:20:02:4c:
6c:4c:38:26
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFqQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjAw
ODIzMzBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFGRkE1MzJBMzUxRjk1
NjdFQjQ4MDA2QUQwNjdCNjU4ODM0QzQwMDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQComsuvQGT0JOcwsZmVd4oCjudITHevfsXkmymPR6dSXelWD3Yx
JMqE3uazCDSrn0r9MRAuxuWHNkj2q3xN6iNu9iDe5Oe7tBdFk1c3PE6PLBQRys+a
X6nSotyiW4UX8v8zX88hMfXx6iCdNmAyqrdqX04A7wrygV4N2oNBvCDg2yKcHS0i
zNQOHJZFt6bTpxodhZj6jkryqofzILgnH8aPZXJkyJI7t6JEe7dgM4XPW1GGqg5W
826gpkmSMWsRRyovqluCIZOWWg9xEUz2BulIP0QSvfucKYPCSEKt4Hva5cKXyWfu
I/DeaV6uMXKW2lpzMdGPFp8MS4xhPkz/ZMPnAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUH/pTKjUflWfrSABq0Ge2WINMQAIwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0hfcFRLalVmbFdmclNB
QnEwR2UyV0lOTVFBSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEA3EjS6ZBpw/Zip8WrsRrBRjVkX+Zgl3wd
pmLVjvv2v36tvBYsHO9q/AHa9tPz/yB5NZhe9HINx87IAIcDF9hXmoYc3nDZ6Q73
24afH8AW+IF6ou/zt+iG3V0zvyxL4W8Pk6iaKM7DU6FzQ1qbdwNaMdfqRQrdtmbV
iWrVT6trwN3YEMSuJnMkejiMmnmeCxfyQ1t5rgNLBr/O3W+A/QFdHVLRhyB3te/s
R8WF6jZmj0R8EcCA5nOgflVE579ADyafRYlgo7y1v5OktlUdiEs9wffS6PktszRb
XygN5TPLnoRKls3tbUlzWehwj4frjgV3HZwYe6M8bsuFIAJMbEw4Jg==
-----END CERTIFICATE-----
Generated at Sat Apr 20 10:40:30 2024 by rpki-client on console-fra.rpki-client.org