Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/I6elYnEW3NQv3u7i98ym4pKmE4w.roa
File: I6elYnEW3NQv3u7i98ym4pKmE4w.roa (raw, json)
Hash identifier: 4MPnAyuJ/Q3g3ajLy8/WhluXuuVwwJl2BLtwu/M1Co0=
Subject key identifier: 23:A7:A5:62:71:16:DC:D4:2F:DE:EE:E2:F7:CC:A6:E2:92:A6:13:8C
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 15F8
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/I6elYnEW3NQv3u7i98ym4pKmE4w.roa
Signing time: Thu 18 Apr 2024 13:23:25 +0000
ROA not before: Thu 18 Apr 2024 13:23:25 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5624 (0x15f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 18 13:23:25 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=23A7A5627116DCD42FDEEEE2F7CCA6E292A6138C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:11:9e:88:d8:88:16:df:8e:d4:bc:6a:f6:56:
6a:1d:86:09:d3:45:be:76:e0:aa:df:1e:39:97:89:
92:03:d1:b1:1d:dd:1d:41:d1:0c:ae:ae:0e:c3:3f:
79:12:d5:a7:8b:de:16:a8:2d:4f:37:93:85:91:d1:
ee:28:91:d6:36:da:b0:ae:e6:f5:26:9b:fe:d9:63:
1c:b9:05:60:0b:40:01:2f:6f:e5:9a:02:59:44:03:
c5:d7:16:9c:c5:19:1f:3e:48:49:26:73:2b:ea:f9:
c2:4f:ef:71:69:f1:6d:92:b8:84:19:c4:14:81:82:
75:02:cb:91:00:54:a9:cf:5b:2e:32:f7:86:4c:4a:
21:7c:01:14:3d:7d:7f:45:be:81:f2:48:82:74:99:
51:6a:13:27:89:a1:49:13:cb:d5:a8:39:46:fc:26:
9b:47:ba:d2:c9:e7:7e:00:8a:05:9c:14:e5:ac:cc:
1b:7c:86:3e:8a:21:ab:7f:5f:45:5f:4a:a9:a5:06:
5d:53:45:a0:8c:4b:2b:51:d3:c1:0a:9d:20:0a:2e:
5e:ac:50:14:28:fb:c3:13:21:a6:25:e9:1e:27:85:
ff:5e:7d:c3:df:6f:c6:22:31:85:fa:66:1a:c5:24:
f2:86:75:c8:c4:68:2d:2f:21:bc:c7:7b:55:c6:4d:
91:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:A7:A5:62:71:16:DC:D4:2F:DE:EE:E2:F7:CC:A6:E2:92:A6:13:8C
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/I6elYnEW3NQv3u7i98ym4pKmE4w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cd:3a:94:e4:6c:b1:40:b1:cc:76:52:a6:11:ce:08:f4:0f:e1:
2d:89:6e:3b:82:1e:df:c2:db:f6:de:35:67:5d:97:9d:03:13:
cd:46:13:77:4d:fc:35:8a:0d:b6:cd:5c:b1:66:81:d2:5f:bb:
96:ca:0c:fc:f1:91:15:73:d8:03:74:ce:90:d8:79:26:53:ce:
02:5a:86:00:91:64:b0:5a:fb:86:f2:dd:99:43:8f:9e:23:c1:
a4:f5:7c:51:ed:d1:ae:c9:50:9e:61:1f:25:6a:8b:07:45:05:
eb:72:c0:54:c4:42:21:b6:60:df:43:3f:90:c9:98:32:cf:47:
cc:21:20:dc:23:65:bc:18:e2:82:04:54:57:c0:be:94:c1:74:
9c:34:17:d9:83:f9:09:74:cc:f6:60:4e:fc:fd:a7:01:cc:7c:
af:6c:b0:ef:02:cf:fd:5d:64:4c:50:fe:5e:51:b8:ef:cf:da:
25:c2:d9:06:c7:f6:f2:95:5a:45:bb:4b:00:dd:75:77:3e:ad:
37:64:28:b0:af:de:0f:98:bb:59:12:66:74:aa:f0:c2:0e:c6:
57:7c:d5:19:f6:d9:23:6b:cf:96:f5:90:35:2d:48:2d:ca:21:
6d:5f:68:cd:5b:f4:e8:41:7a:be:d1:48:c7:96:e2:8d:47:81:
0a:12:3d:eb
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFfgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTgx
MzIzMjVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIzQTdBNTYyNzExNkRD
RDQyRkRFRUVFMkY3Q0NBNkUyOTJBNjEzOEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMEZ6I2IgW347UvGr2VmodhgnTRb524KrfHjmXiZID0bEd3R1B
0Qyurg7DP3kS1aeL3haoLU83k4WR0e4okdY22rCu5vUmm/7ZYxy5BWALQAEvb+Wa
AllEA8XXFpzFGR8+SEkmcyvq+cJP73Fp8W2SuIQZxBSBgnUCy5EAVKnPWy4y94ZM
SiF8ARQ9fX9FvoHySIJ0mVFqEyeJoUkTy9WoOUb8JptHutLJ534AigWcFOWszBt8
hj6KIat/X0VfSqmlBl1TRaCMSytR08EKnSAKLl6sUBQo+8MTIaYl6R4nhf9efcPf
b8YiMYX6ZhrFJPKGdcjEaC0vIbzHe1XGTZEBAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUI6elYnEW3NQv3u7i98ym4pKmE4wwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0k2ZWxZbkVXM05RdjN1
N2k5OHltNHBLbUU0dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAzTqU5GyxQLHMdlKmEc4I9A/hLYluO4Ie
38Lb9t41Z12XnQMTzUYTd038NYoNts1csWaB0l+7lsoM/PGRFXPYA3TOkNh5JlPO
AlqGAJFksFr7hvLdmUOPniPBpPV8Ue3RrslQnmEfJWqLB0UF63LAVMRCIbZg30M/
kMmYMs9HzCEg3CNlvBjiggRUV8C+lMF0nDQX2YP5CXTM9mBO/P2nAcx8r2yw7wLP
/V1kTFD+XlG478/aJcLZBsf28pVaRbtLAN11dz6tN2QosK/eD5i7WRJmdKrwwg7G
V3zVGfbZI2vPlvWQNS1ILcohbV9ozVv06EF6vtFIx5bijUeBChI96w==
-----END CERTIFICATE-----
Generated at Thu Apr 18 17:39:16 2024 by rpki-client on console-fra.rpki-client.org