Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/I5zX4IWYWlpq8ABZKCvUb2SLkWg.roa
File: I5zX4IWYWlpq8ABZKCvUb2SLkWg.roa (raw, json)
Hash identifier: +zi8ycmQ9r/CxBOTpKqlMGkElzGZMuNCJIoAVzBRtJg=
Subject key identifier: 23:9C:D7:E0:85:98:5A:5A:6A:F0:00:59:28:2B:D4:6F:64:8B:91:68
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1BBE
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/I5zX4IWYWlpq8ABZKCvUb2SLkWg.roa
Signing time: Fri 03 May 2024 22:54:12 +0000
ROA not before: Fri 03 May 2024 22:54:12 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7102 (0x1bbe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 3 22:54:12 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=239CD7E085985A5A6AF00059282BD46F648B9168
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:75:be:ca:93:13:01:74:00:3d:d6:d5:b9:e3:
ba:21:8d:ea:7b:2a:16:35:74:7a:d8:2f:3b:bc:e7:
8e:4c:de:16:a7:81:73:9a:61:43:9c:e6:0b:9e:e5:
ab:51:01:1a:b0:3b:80:23:8c:f6:04:6a:22:95:a3:
c7:a4:67:84:31:e6:a6:aa:b4:31:e9:8b:ba:e6:b5:
2d:e3:0d:18:73:c7:45:9f:8f:ec:df:b1:a9:7c:2f:
67:b4:c9:ba:34:71:b1:c0:d2:66:e8:56:e0:7b:74:
0c:1e:5d:d6:2b:13:5b:ac:3e:f5:c9:19:b3:74:35:
c3:20:4f:80:a6:b1:23:8a:f8:43:f0:0e:d1:ad:fd:
d6:3b:c9:b6:a4:39:53:7a:ea:04:59:0b:f9:43:88:
d9:5a:c1:20:90:9d:12:f2:a1:fa:b2:a2:27:4a:7e:
a6:79:0b:fe:09:8d:b5:25:05:da:a8:4f:b2:e0:03:
e7:90:93:d1:02:43:6e:0f:00:55:14:37:ea:28:d5:
8a:a6:40:78:e2:94:38:ac:c8:94:e9:42:0b:57:6a:
c7:74:d5:9b:91:63:84:ea:3a:20:9f:a4:96:ee:6e:
db:22:2c:46:53:f2:d6:2b:1b:a3:46:43:a8:93:3a:
86:52:e3:4d:29:99:49:48:a3:53:c8:5c:9f:b4:bb:
1f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:9C:D7:E0:85:98:5A:5A:6A:F0:00:59:28:2B:D4:6F:64:8B:91:68
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/I5zX4IWYWlpq8ABZKCvUb2SLkWg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
08:00:b7:da:51:06:bd:bb:3a:66:8f:86:64:5c:02:04:bf:c6:
35:3a:db:62:08:f2:cb:11:4e:aa:85:09:ab:b6:c6:52:ef:c2:
51:5b:f2:cf:48:1a:6d:25:3f:88:70:c5:2e:37:3f:42:b5:db:
24:d3:68:09:ff:64:57:31:47:87:63:cd:6f:94:8d:f3:32:bb:
d9:a6:93:8e:16:c3:99:a3:3d:0b:a1:d9:29:ef:7d:36:22:59:
51:cd:ac:b0:d7:3d:9e:cd:4f:49:47:2f:e4:f9:62:f8:cd:5f:
56:6a:de:83:31:ca:ce:bc:bd:fa:af:4d:d3:a8:87:75:95:c0:
1e:75:c5:a5:6a:59:50:c2:1e:a9:cc:fb:fb:4f:96:c1:17:d2:
0e:93:30:61:3b:b6:4b:e2:09:b5:fa:d7:8e:80:3b:9b:bf:dc:
61:a0:32:a1:24:7e:98:bc:01:46:b6:2d:f1:49:96:7d:41:af:
96:9c:51:02:46:77:3c:6c:31:d8:aa:1a:51:9b:b6:39:75:96:
fe:c4:99:4e:55:1c:81:3d:89:3a:db:a3:7d:67:76:53:82:d9:
97:de:91:f1:1e:67:08:6c:31:ad:69:96:08:c9:f9:39:ef:a6:
ab:d0:0f:13:a6:8d:b0:1f:87:dc:b4:a7:89:ae:32:4c:ba:78:
62:28:f3:e4
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICG74wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDMy
MjU0MTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIzOUNEN0UwODU5ODVB
NUE2QUYwMDA1OTI4MkJENDZGNjQ4QjkxNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRdb7KkxMBdAA91tW547ohjep7KhY1dHrYLzu8545M3hangXOa
YUOc5gue5atRARqwO4AjjPYEaiKVo8ekZ4Qx5qaqtDHpi7rmtS3jDRhzx0Wfj+zf
sal8L2e0ybo0cbHA0mboVuB7dAweXdYrE1usPvXJGbN0NcMgT4CmsSOK+EPwDtGt
/dY7ybakOVN66gRZC/lDiNlawSCQnRLyofqyoidKfqZ5C/4JjbUlBdqoT7LgA+eQ
k9ECQ24PAFUUN+oo1YqmQHjilDisyJTpQgtXasd01ZuRY4TqOiCfpJbubtsiLEZT
8tYrG6NGQ6iTOoZS400pmUlIo1PIXJ+0ux+rAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUI5zX4IWYWlpq8ABZKCvUb2SLkWgwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0k1elg0SVdZV2xwcThB
QlpLQ3ZVYjJTTGtXZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEACAC32lEGvbs6Zo+GZFwCBL/GNTrbYgjy
yxFOqoUJq7bGUu/CUVvyz0gabSU/iHDFLjc/QrXbJNNoCf9kVzFHh2PNb5SN8zK7
2aaTjhbDmaM9C6HZKe99NiJZUc2ssNc9ns1PSUcv5Pli+M1fVmregzHKzry9+q9N
06iHdZXAHnXFpWpZUMIeqcz7+0+WwRfSDpMwYTu2S+IJtfrXjoA7m7/cYaAyoSR+
mLwBRrYt8UmWfUGvlpxRAkZ3PGwx2KoaUZu2OXWW/sSZTlUcgT2JOtujfWd2U4LZ
l96R8R5nCGwxrWmWCMn5Oe+mq9APE6aNsB+H3LSnia4yTLp4Yijz5A==
-----END CERTIFICATE-----
Generated at Sat May 4 01:54:35 2024 by rpki-client on console-fra.rpki-client.org