Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/I5XccjoBWjpiEs_VB5pARrTSqjY.roa
File: I5XccjoBWjpiEs_VB5pARrTSqjY.roa (raw, json)
Hash identifier: waVUQ7CUlIpEX12xXZ4JNWO/jZn8CLV4yBT/1qDp4gM=
Subject key identifier: 23:95:DC:72:3A:01:5A:3A:62:12:CF:D5:07:9A:40:46:B4:D2:AA:36
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0EE8
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/I5XccjoBWjpiEs_VB5pARrTSqjY.roa
Signing time: Sat 30 Mar 2024 17:22:32 +0000
ROA not before: Sat 30 Mar 2024 17:22:32 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3816 (0xee8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 30 17:22:32 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2395DC723A015A3A6212CFD5079A4046B4D2AA36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:3c:d7:84:e0:50:8f:ba:10:1b:ce:ae:81:e2:
7b:aa:1f:c8:25:8a:0b:24:06:b7:da:bb:5b:7c:e4:
1a:ef:14:1e:bd:a3:e6:e7:2e:20:b1:5e:1c:a6:64:
e4:96:b3:63:f4:ba:49:12:b3:72:ed:10:a5:0f:f8:
82:f1:75:8f:1d:6b:fa:f9:87:28:b1:83:90:09:4b:
41:8f:f2:26:fc:b3:0e:90:aa:44:42:6b:49:95:12:
30:ba:b4:07:c9:f3:27:c6:50:a1:05:40:26:03:10:
61:53:15:e9:69:0f:0c:ef:08:41:cf:d7:22:40:a8:
83:9f:80:64:01:b7:84:87:fd:4b:4c:5a:c1:2e:4e:
88:75:b1:a6:8c:65:14:32:10:f7:74:5e:53:b3:82:
9a:a7:c0:1f:61:58:aa:ad:18:cd:82:70:d2:3f:20:
6a:87:dc:cd:c0:3a:9a:39:28:a6:5a:82:94:cf:5a:
fe:eb:c2:49:91:b7:ae:25:2e:0e:d2:ac:92:c5:03:
66:53:02:12:9c:e4:da:e2:aa:12:e1:cb:60:0e:5e:
d7:ba:43:70:ca:ea:58:c9:7b:a7:f1:6b:4b:c7:d9:
d8:ad:3a:d9:2c:e7:e0:e7:33:56:d1:fa:13:93:20:
26:be:5e:01:c5:f0:f4:c9:9f:cd:6f:8d:79:34:db:
28:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:95:DC:72:3A:01:5A:3A:62:12:CF:D5:07:9A:40:46:B4:D2:AA:36
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/I5XccjoBWjpiEs_VB5pARrTSqjY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
79:ae:9a:cc:29:4e:cc:f3:fc:92:f8:1b:f5:70:65:36:91:02:
76:4f:6b:ff:77:f8:78:b3:6c:b5:a0:6f:65:f9:48:2f:99:a4:
61:96:7e:53:74:71:ca:8b:ed:46:59:f2:3f:5e:90:ee:26:b1:
9d:94:54:2a:51:df:ce:7d:9d:30:58:e1:a3:25:28:ea:a4:43:
96:00:7f:76:e1:bc:b9:2a:96:ed:75:8d:5f:ff:97:55:e9:b5:
b1:f8:5a:dd:a6:d4:dc:e1:27:21:9b:8a:c0:fe:ba:ac:64:d9:
42:e3:1b:65:7f:1b:78:6c:58:f7:cb:74:96:a8:9d:7e:93:4f:
6e:48:fc:a8:45:25:b7:80:6e:41:07:3e:43:4b:2a:3a:4a:9b:
dd:86:a3:58:81:92:36:47:8d:9b:d4:ad:bd:e7:ba:c3:e2:65:
5d:83:95:f7:ab:4f:20:b5:1f:68:e6:a0:8a:0e:6e:61:74:e5:
0e:3b:a1:14:8e:2c:27:8a:e9:8f:40:de:4d:0c:08:97:85:aa:
01:97:ca:cc:44:73:e6:54:9a:d1:38:b3:22:25:8b:09:52:e1:
9e:86:2b:2c:4b:39:f8:53:81:11:c6:75:29:cd:bc:d1:24:70:
a8:d3:96:68:bf:91:dd:ea:eb:ea:b5:03:d0:2c:03:a3:60:4f:
99:94:ea:40
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDugwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMzAx
NzIyMzJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIzOTVEQzcyM0EwMTVB
M0E2MjEyQ0ZENTA3OUE0MDQ2QjREMkFBMzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZPNeE4FCPuhAbzq6B4nuqH8gligskBrfau1t85BrvFB69o+bn
LiCxXhymZOSWs2P0ukkSs3LtEKUP+ILxdY8da/r5hyixg5AJS0GP8ib8sw6QqkRC
a0mVEjC6tAfJ8yfGUKEFQCYDEGFTFelpDwzvCEHP1yJAqIOfgGQBt4SH/UtMWsEu
Toh1saaMZRQyEPd0XlOzgpqnwB9hWKqtGM2CcNI/IGqH3M3AOpo5KKZagpTPWv7r
wkmRt64lLg7SrJLFA2ZTAhKc5NriqhLhy2AOXte6Q3DK6ljJe6fxa0vH2ditOtks
5+DnM1bR+hOTICa+XgHF8PTJn81vjXk02yhLAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUI5XccjoBWjpiEs/VB5pARrTSqjYwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0k1WGNjam9CV2pwaUVz
X1ZCNXBBUnJUU3FqWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAea6azClOzPP8kvgb9XBlNpECdk9r/3f4
eLNstaBvZflIL5mkYZZ+U3RxyovtRlnyP16Q7iaxnZRUKlHfzn2dMFjhoyUo6qRD
lgB/duG8uSqW7XWNX/+XVem1sfha3abU3OEnIZuKwP66rGTZQuMbZX8beGxY98t0
lqidfpNPbkj8qEUlt4BuQQc+Q0sqOkqb3YajWIGSNkeNm9Stvee6w+JlXYOV96tP
ILUfaOagig5uYXTlDjuhFI4sJ4rpj0DeTQwIl4WqAZfKzERz5lSa0TizIiWLCVLh
noYrLEs5+FOBEcZ1Kc280SRwqNOWaL+R3err6rUD0CwDo2BPmZTqQA==
-----END CERTIFICATE-----
Generated at Sat Mar 30 18:41:10 2024 by rpki-client on console-ams.rpki-client.org