Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/IF7afhxpUUpslx0vHT4MUND5P2k.roa
File: IF7afhxpUUpslx0vHT4MUND5P2k.roa (raw, json)
Hash identifier: 3IVFIO1hXdoz2HQQzRBcXQRuOHwkfTl6sQ5Hq1HhLtw=
Subject key identifier: 20:5E:DA:7E:1C:69:51:4A:6C:97:1D:2F:1D:3E:0C:50:D0:F9:3F:69
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0E64
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/IF7afhxpUUpslx0vHT4MUND5P2k.roa
Signing time: Fri 29 Mar 2024 08:22:28 +0000
ROA not before: Fri 29 Mar 2024 08:22:28 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3684 (0xe64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 29 08:22:28 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=205EDA7E1C69514A6C971D2F1D3E0C50D0F93F69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:64:bd:8f:bb:02:69:52:48:93:ee:cb:ba:44:
c8:86:25:fd:b3:0c:08:5c:22:e6:bf:ed:00:b9:ac:
db:59:f4:9a:52:95:9b:ce:c1:a2:a2:f1:d0:24:e3:
a4:e0:b0:9a:24:52:1f:9a:be:a3:e1:4c:7c:d6:71:
23:6a:a8:cd:95:e0:83:63:1b:b6:14:b5:28:60:d4:
37:2c:ee:fc:6a:b6:8b:a9:72:fd:09:f5:f6:c3:16:
b1:b3:f8:24:1a:ec:89:03:99:2f:1e:4e:55:02:5c:
05:c4:78:bb:60:01:92:86:f5:cb:16:58:de:10:d3:
63:81:0d:b3:50:bc:3e:c5:6f:d2:54:90:0a:64:1a:
ab:dd:2f:e3:fb:d1:b9:ec:d9:91:c0:eb:0c:69:9e:
4e:6d:b2:b3:54:83:59:5a:7f:a3:3d:35:a7:3a:28:
4a:2f:e0:13:e6:79:69:69:4a:db:45:91:e4:6b:d2:
e6:9e:8f:a0:b0:ef:ee:91:db:d1:5b:53:e8:b7:4a:
5b:33:39:c3:e7:54:6c:bd:07:75:57:08:d9:bb:80:
20:2b:cf:3f:81:7a:df:88:79:6f:f8:e3:bf:15:e6:
fe:15:8c:2b:74:6b:61:05:1f:36:5c:6b:fc:8d:ec:
86:2d:ac:41:e0:40:44:d1:d1:2f:1d:52:e2:7d:82:
79:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:5E:DA:7E:1C:69:51:4A:6C:97:1D:2F:1D:3E:0C:50:D0:F9:3F:69
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/IF7afhxpUUpslx0vHT4MUND5P2k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
07:1e:73:1a:20:87:a0:5f:33:0f:0f:e2:28:fc:9f:a4:ca:b2:
af:38:7b:16:86:4e:df:ae:d2:4d:4b:2b:2d:72:f3:eb:79:0d:
42:93:3a:0a:23:d6:6a:c2:bb:da:d5:4d:03:c8:ce:71:81:fe:
e6:2f:00:30:6d:72:35:9b:92:55:9c:49:b7:3f:36:11:df:ff:
45:29:14:e8:7a:2c:61:b6:b2:42:77:0b:1d:cd:1b:0b:e0:8d:
db:48:2d:e0:4e:5e:95:63:8e:af:4f:23:65:9f:52:4d:a1:00:
0d:65:95:6a:96:a0:f2:ed:cf:16:a5:4c:5c:3d:fb:33:64:f6:
08:eb:9b:3a:8d:93:9f:08:d5:39:f4:fe:06:c5:89:9f:09:dd:
20:cf:6c:36:66:ab:b6:bd:69:e0:1a:43:4e:0b:15:21:b1:88:
b2:0e:dc:ac:80:89:2d:a4:2b:68:90:53:f3:0f:70:cf:66:af:
ce:bc:c5:47:df:31:be:87:06:bd:b1:7a:e6:1a:a7:d1:fe:c7:
80:70:a2:5c:37:08:f1:88:ee:59:16:84:d4:aa:53:2a:08:99:
63:2c:c7:02:3b:ce:8c:5f:3e:2b:97:c7:31:e2:9a:6f:a0:8f:
74:af:88:e7:5b:ae:e7:95:e8:23:61:09:6b:8a:35:d2:20:a3:
44:92:ea:c4
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDmQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMjkw
ODIyMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIwNUVEQTdFMUM2OTUx
NEE2Qzk3MUQyRjFEM0UwQzUwRDBGOTNGNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzZL2PuwJpUkiT7su6RMiGJf2zDAhcIua/7QC5rNtZ9JpSlZvO
waKi8dAk46TgsJokUh+avqPhTHzWcSNqqM2V4INjG7YUtShg1Dcs7vxqtoupcv0J
9fbDFrGz+CQa7IkDmS8eTlUCXAXEeLtgAZKG9csWWN4Q02OBDbNQvD7Fb9JUkApk
GqvdL+P70bns2ZHA6wxpnk5tsrNUg1laf6M9Nac6KEov4BPmeWlpSttFkeRr0uae
j6Cw7+6R29FbU+i3SlszOcPnVGy9B3VXCNm7gCArzz+Bet+IeW/4478V5v4VjCt0
a2EFHzZca/yN7IYtrEHgQETR0S8dUuJ9gnnbAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUIF7afhxpUUpslx0vHT4MUND5P2kwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0lGN2FmaHhwVVVwc2x4
MHZIVDRNVU5ENVAyay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEABx5zGiCHoF8zDw/iKPyfpMqyrzh7FoZO
367STUsrLXLz63kNQpM6CiPWasK72tVNA8jOcYH+5i8AMG1yNZuSVZxJtz82Ed//
RSkU6HosYbayQncLHc0bC+CN20gt4E5elWOOr08jZZ9STaEADWWVapag8u3PFqVM
XD37M2T2COubOo2TnwjVOfT+BsWJnwndIM9sNmartr1p4BpDTgsVIbGIsg7crICJ
LaQraJBT8w9wz2avzrzFR98xvocGvbF65hqn0f7HgHCiXDcI8YjuWRaE1KpTKgiZ
YyzHAjvOjF8+K5fHMeKab6CPdK+I51uu55XoI2EJa4o10iCjRJLqxA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 11:47:05 2024 by rpki-client on console-fra.rpki-client.org