Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/Ht6Ic1Nl05Eg6SSwBjrcNU8lnwA.roa
File: Ht6Ic1Nl05Eg6SSwBjrcNU8lnwA.roa (raw, json)
Hash identifier: JuWj8qKPrj1OG2FZeyD0ayF6hSdBtmkSOy0DpYYNgm4=
Subject key identifier: 1E:DE:88:73:53:65:D3:91:20:E9:24:B0:06:3A:DC:35:4F:25:9F:00
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1CC6
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Ht6Ic1Nl05Eg6SSwBjrcNU8lnwA.roa
Signing time: Mon 06 May 2024 16:54:17 +0000
ROA not before: Mon 06 May 2024 16:54:17 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7366 (0x1cc6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 6 16:54:17 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=1EDE88735365D39120E924B0063ADC354F259F00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5f:74:00:1a:23:b7:f6:b8:1f:d0:14:8f:b9:
72:e7:da:ca:ab:ca:49:1f:cf:65:18:73:02:7c:5d:
94:73:6c:39:f7:55:cc:05:c4:3a:ca:b5:97:ec:6d:
5d:ba:36:94:e5:cc:43:98:aa:db:25:86:33:0d:9e:
52:3d:f3:0b:23:0c:01:41:55:d3:73:e6:66:f7:9e:
71:df:47:7f:f3:88:cc:3c:26:41:83:70:8a:da:18:
ee:9e:e1:46:1c:67:cc:06:8f:f6:39:17:fa:fd:52:
d3:05:6e:e4:96:37:18:c3:3e:dd:a4:93:51:e5:c8:
59:4b:14:06:41:2b:01:df:77:60:1f:91:fa:97:f4:
06:e6:10:cb:cf:94:61:ce:82:a0:e7:53:24:c5:38:
5d:7d:12:ca:de:2c:4e:21:b7:6b:4e:ac:17:55:3e:
31:8a:e5:f9:58:c9:0a:9e:75:f8:8b:ce:a1:0c:64:
8b:07:59:de:bc:03:c6:af:0e:7f:fc:13:0c:2f:df:
80:44:3b:ea:62:71:15:66:22:e6:af:a5:14:e0:8d:
53:49:63:7e:b7:52:2b:66:3a:66:37:55:a7:3d:db:
3f:57:5a:b0:11:bc:ec:b1:33:09:f6:91:34:3b:aa:
bf:64:7f:16:9d:dd:e4:02:0b:fd:62:00:92:9a:de:
d6:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:DE:88:73:53:65:D3:91:20:E9:24:B0:06:3A:DC:35:4F:25:9F:00
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/Ht6Ic1Nl05Eg6SSwBjrcNU8lnwA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
20:cb:3c:bf:8f:4e:0a:73:d2:90:e5:75:7c:ab:eb:8c:15:21:
b0:9d:df:f9:d9:ac:be:9e:ab:fa:0d:d2:e9:8b:9f:2b:0a:fe:
8e:79:34:e9:9f:9f:55:99:50:f8:4f:47:a0:87:fc:ac:58:7b:
19:6e:eb:90:b7:9a:53:8a:74:3f:e5:dd:88:9f:be:a9:d0:56:
72:5a:f0:19:c7:c6:40:68:16:89:d4:8c:3e:53:3c:52:4e:db:
69:1b:41:0b:55:45:72:00:0f:af:e5:f1:df:92:67:fa:38:b4:
89:d2:05:3c:d0:7d:a7:3d:cc:7c:22:7d:67:5b:44:f7:08:db:
68:0e:6e:51:ae:06:4e:0e:b9:7c:cb:12:89:03:53:8b:28:a2:
08:bf:ca:a9:6e:6e:d2:98:10:fa:78:8a:c3:e8:4a:f1:fc:5b:
1a:19:7a:d4:1e:85:8e:79:41:c6:d3:76:02:d4:55:d2:ad:e8:
3d:03:07:85:c2:71:7f:08:07:83:f2:8a:ec:08:fe:37:8f:25:
b9:aa:4f:8d:36:62:a7:d7:cd:16:0b:31:73:e9:f2:16:81:eb:
45:97:4f:8c:51:31:8f:4e:4e:cc:dd:63:70:53:94:d9:c7:32:
8e:be:b0:46:7b:d2:aa:12:45:a7:e3:03:5e:20:35:e7:4c:59:
c3:8f:32:35
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICHMYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDYx
NjU0MTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFFREU4ODczNTM2NUQz
OTEyMEU5MjRCMDA2M0FEQzM1NEYyNTlGMDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyX3QAGiO39rgf0BSPuXLn2sqrykkfz2UYcwJ8XZRzbDn3VcwF
xDrKtZfsbV26NpTlzEOYqtslhjMNnlI98wsjDAFBVdNz5mb3nnHfR3/ziMw8JkGD
cIraGO6e4UYcZ8wGj/Y5F/r9UtMFbuSWNxjDPt2kk1HlyFlLFAZBKwHfd2AfkfqX
9AbmEMvPlGHOgqDnUyTFOF19EsreLE4ht2tOrBdVPjGK5flYyQqedfiLzqEMZIsH
Wd68A8avDn/8Ewwv34BEO+picRVmIuavpRTgjVNJY363UitmOmY3Vac92z9XWrAR
vOyxMwn2kTQ7qr9kfxad3eQCC/1iAJKa3taPAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUHt6Ic1Nl05Eg6SSwBjrcNU8lnwAwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0h0NkljMU5sMDVFZzZT
U3dCanJjTlU4bG53QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAIMs8v49OCnPSkOV1fKvrjBUhsJ3f+dms
vp6r+g3S6YufKwr+jnk06Z+fVZlQ+E9HoIf8rFh7GW7rkLeaU4p0P+XdiJ++qdBW
clrwGcfGQGgWidSMPlM8Uk7baRtBC1VFcgAPr+Xx35Jn+ji0idIFPNB9pz3MfCJ9
Z1tE9wjbaA5uUa4GTg65fMsSiQNTiyiiCL/KqW5u0pgQ+niKw+hK8fxbGhl61B6F
jnlBxtN2AtRV0q3oPQMHhcJxfwgHg/KK7Aj+N48luapPjTZip9fNFgsxc+nyFoHr
RZdPjFExj05OzN1jcFOU2ccyjr6wRnvSqhJFp+MDXiA150xZw48yNQ==
-----END CERTIFICATE-----
Generated at Mon May 6 22:25:04 2024 by rpki-client on console-fra.rpki-client.org