Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/Hd4jZ5EikqeenPCtS2YOxCxw20s.roa
File: Hd4jZ5EikqeenPCtS2YOxCxw20s.roa (raw, json)
Hash identifier: bWFK2L7YCVJqM2CyMcxivc2PTg0AokiLSPKaDtxrmps=
Subject key identifier: 1D:DE:23:67:91:22:92:A7:9E:9C:F0:AD:4B:66:0E:C4:2C:70:DB:4B
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 15BA
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Hd4jZ5EikqeenPCtS2YOxCxw20s.roa
Signing time: Wed 17 Apr 2024 21:53:26 +0000
ROA not before: Wed 17 Apr 2024 21:53:26 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5562 (0x15ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 17 21:53:26 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1DDE2367912292A79E9CF0AD4B660EC42C70DB4B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a9:10:3d:ab:f1:f1:c8:4f:9b:fb:5f:5c:6f:
5b:04:e8:e0:70:66:13:f8:47:1b:be:62:32:d4:38:
47:e9:d4:f2:f6:06:fa:5f:fe:18:d0:f0:60:42:48:
a2:13:da:db:c0:e7:11:04:8d:bb:01:3d:93:c6:d3:
99:3d:84:92:6e:16:e2:2c:07:93:85:71:34:e4:de:
b3:8e:1d:ad:12:dc:87:d1:63:a9:7c:3c:ab:c4:9d:
36:6f:45:fe:14:f9:fa:3b:c9:66:0c:c8:5a:37:a4:
70:31:2b:2f:32:24:ae:a1:1d:b2:da:b3:02:b9:07:
c6:84:35:9d:fe:0f:d5:d4:28:a0:0d:af:81:4c:a4:
e8:8e:db:01:92:9b:ff:a5:e3:af:cb:00:ec:38:7c:
7b:f1:e8:5e:cf:4c:55:75:c8:80:41:8a:99:25:84:
8a:0a:6a:31:53:cb:e7:78:1d:33:a6:35:a6:88:1e:
ff:54:19:27:df:e0:9c:98:b7:61:0b:bc:7d:23:d9:
3c:5f:cd:b0:91:41:23:a2:47:96:ce:cf:79:ba:58:
9a:7c:ca:7a:7a:8b:c7:00:01:87:37:59:ce:9d:ca:
ae:58:21:4c:bf:e9:5c:d2:a1:ea:e9:5c:0d:1a:10:
b7:09:d6:d3:9a:f6:d3:47:8f:9e:6b:54:c3:18:ce:
ba:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:DE:23:67:91:22:92:A7:9E:9C:F0:AD:4B:66:0E:C4:2C:70:DB:4B
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Hd4jZ5EikqeenPCtS2YOxCxw20s.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d7:24:f1:e1:b2:e9:39:bf:0b:ed:31:7a:b3:fc:f8:0b:58:28:
47:9f:cd:7a:51:ff:9a:d6:c4:7c:fd:6d:b1:3f:98:f4:e3:d6:
52:ae:c2:83:0b:94:de:c1:95:05:12:bb:0e:3f:9c:9f:12:e9:
71:13:32:f4:a5:e0:1b:be:58:98:5f:a8:1f:e0:97:ca:84:26:
91:ce:77:ef:47:11:ae:a0:c8:1d:8d:14:72:f6:a1:15:df:93:
f5:05:8b:fb:1c:ee:a3:8e:d3:b2:0c:97:2f:37:20:e0:c1:95:
65:8e:d4:c6:75:cd:ef:d6:26:4c:e2:bd:c3:da:7a:c4:c0:a0:
d9:0e:66:2e:3f:c2:8a:7a:3c:75:9a:a4:9b:7a:dc:ca:c0:58:
96:7a:0f:80:06:49:09:93:2d:02:8c:7c:05:61:cf:9a:70:78:
e4:8c:0a:c0:07:51:30:5a:60:ab:ee:36:fc:2c:07:29:e0:8d:
c1:1b:d3:d2:66:b4:8d:0d:97:8a:53:4f:e5:c2:07:57:b8:16:
75:ac:9f:ad:96:1d:80:86:09:d3:3e:04:a8:c6:31:f6:d1:b8:
d9:87:e9:9f:fa:22:fe:43:30:de:8c:81:a9:26:9f:89:9b:bc:
e8:3c:1d:1f:b9:81:1b:34:41:86:c2:c2:da:80:64:7e:c7:0d:
75:fd:cd:15
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFbowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTcy
MTUzMjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFEREUyMzY3OTEyMjky
QTc5RTlDRjBBRDRCNjYwRUM0MkM3MERCNEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFqRA9q/HxyE+b+19cb1sE6OBwZhP4Rxu+YjLUOEfp1PL2Bvpf
/hjQ8GBCSKIT2tvA5xEEjbsBPZPG05k9hJJuFuIsB5OFcTTk3rOOHa0S3IfRY6l8
PKvEnTZvRf4U+fo7yWYMyFo3pHAxKy8yJK6hHbLaswK5B8aENZ3+D9XUKKANr4FM
pOiO2wGSm/+l46/LAOw4fHvx6F7PTFV1yIBBipklhIoKajFTy+d4HTOmNaaIHv9U
GSff4JyYt2ELvH0j2TxfzbCRQSOiR5bOz3m6WJp8ynp6i8cAAYc3Wc6dyq5YIUy/
6VzSoerpXA0aELcJ1tOa9tNHj55rVMMYzrpzAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUHd4jZ5EikqeenPCtS2YOxCxw20swHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0hkNGpaNUVpa3FlZW5Q
Q3RTMllPeEN4dzIwcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEA1yTx4bLpOb8L7TF6s/z4C1goR5/NelH/
mtbEfP1tsT+Y9OPWUq7CgwuU3sGVBRK7Dj+cnxLpcRMy9KXgG75YmF+oH+CXyoQm
kc5370cRrqDIHY0UcvahFd+T9QWL+xzuo47TsgyXLzcg4MGVZY7UxnXN79YmTOK9
w9p6xMCg2Q5mLj/Cino8dZqkm3rcysBYlnoPgAZJCZMtAox8BWHPmnB45IwKwAdR
MFpgq+42/CwHKeCNwRvT0ma0jQ2XilNP5cIHV7gWdayfrZYdgIYJ0z4EqMYx9tG4
2Yfpn/oi/kMw3oyBqSafiZu86DwdH7mBGzRBhsLC2oBkfscNdf3NFQ==
-----END CERTIFICATE-----
Generated at Wed Apr 17 23:09:17 2024 by rpki-client on console-fra.rpki-client.org