Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/ITIGEHsy93yddj3Yxlwjqhla4h4.roa
File: ITIGEHsy93yddj3Yxlwjqhla4h4.roa (raw, json)
Hash identifier: qXcWWW7Vut+eSsgDZ6A1UVvC7RULfToQuch9rpYHY0g=
Subject key identifier: 21:32:06:10:7B:32:F7:7C:9D:76:3D:D8:C6:5C:23:AA:19:5A:E2:1E
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 16DE
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/ITIGEHsy93yddj3Yxlwjqhla4h4.roa
Signing time: Sat 20 Apr 2024 22:53:38 +0000
ROA not before: Sat 20 Apr 2024 22:53:38 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5854 (0x16de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 20 22:53:38 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=213206107B32F77C9D763DD8C65C23AA195AE21E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:15:5e:99:4e:59:21:0e:47:d8:b7:f7:b9:a2:
ad:e6:ef:ad:e4:b7:b3:ca:ab:61:ef:bd:b6:f2:33:
20:23:b5:ee:4c:65:52:e4:dc:2d:d9:89:91:42:4f:
67:2a:91:89:0f:0a:25:98:86:c3:fe:a3:c5:bd:b6:
4a:c4:3f:84:79:1d:85:93:8a:91:e2:cc:ad:be:d3:
41:63:5a:49:d1:57:40:da:22:e0:f5:4b:16:a4:c8:
37:91:fe:62:5a:23:32:69:fd:a0:43:f0:d6:f4:c9:
55:59:9d:f9:a9:6e:94:fe:45:c0:a5:6e:ff:26:b6:
47:67:37:26:ba:89:14:44:7c:55:d0:a3:ce:9d:54:
e9:9f:2f:c8:8c:83:d0:48:09:85:89:c0:5d:8b:6a:
07:9b:4c:30:52:a0:24:bf:f2:76:0d:9d:59:de:68:
e6:4c:bf:ea:f4:fe:b0:35:26:1e:f3:95:b6:41:95:
a3:58:bc:a3:51:e5:1f:8d:3a:49:05:67:33:82:40:
8f:ec:86:02:b6:d4:ff:aa:e3:ef:7f:75:49:bf:be:
a5:ea:1c:1b:e5:f6:bd:6f:15:42:01:43:56:7b:d2:
0c:79:57:00:a6:d3:5e:11:1d:33:24:93:2c:ef:6b:
7c:a6:c6:09:9f:e8:12:34:4c:62:f3:6e:56:67:65:
f7:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:32:06:10:7B:32:F7:7C:9D:76:3D:D8:C6:5C:23:AA:19:5A:E2:1E
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/ITIGEHsy93yddj3Yxlwjqhla4h4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
88:55:74:c6:81:35:d4:99:38:4c:b7:6d:21:de:5a:a6:4d:e1:
bf:f9:f4:e9:7e:fe:c2:3b:29:d9:00:a3:17:ea:e3:fe:2a:ca:
57:5f:a9:ba:4d:b6:ce:7f:11:9f:f1:69:de:40:2c:37:13:cd:
92:55:0d:1c:c5:f6:dd:ec:9d:c2:97:1b:e5:df:90:c2:dc:b0:
2c:0e:fb:8c:5a:cd:ef:66:89:b7:11:03:f5:ae:44:f5:58:23:
fd:e6:94:f9:c7:2f:cf:d9:e9:2e:12:82:77:83:dc:de:74:77:
8b:85:d4:4a:ce:8d:0f:6c:95:f1:65:8d:e9:b1:94:10:a8:2d:
05:9c:7e:6a:fc:15:1a:e9:d3:93:82:51:d2:bd:87:6a:53:f1:
fb:a9:b7:24:eb:19:07:a3:bb:91:05:3a:02:57:bb:30:3b:e9:
b4:fd:b8:17:81:76:07:76:b8:53:cf:5f:4f:dc:02:25:0c:a9:
e3:82:22:33:dd:4d:75:fb:f0:71:ae:96:e6:66:97:93:24:51:
3e:16:ea:da:53:93:64:40:23:22:19:38:84:c7:41:b1:07:9f:
56:f1:de:cc:0b:92:bc:d3:60:f1:28:de:8f:5f:f9:f7:23:8a:
54:0e:e8:7d:5e:5c:e8:30:c5:83:48:f7:c4:34:b0:50:ea:bd:
61:28:3b:9b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFt4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MjAy
MjUzMzhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIxMzIwNjEwN0IzMkY3
N0M5RDc2M0REOEM2NUMyM0FBMTk1QUUyMUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCTFV6ZTlkhDkfYt/e5oq3m763kt7PKq2HvvbbyMyAjte5MZVLk
3C3ZiZFCT2cqkYkPCiWYhsP+o8W9tkrEP4R5HYWTipHizK2+00FjWknRV0DaIuD1
SxakyDeR/mJaIzJp/aBD8Nb0yVVZnfmpbpT+RcClbv8mtkdnNya6iRREfFXQo86d
VOmfL8iMg9BICYWJwF2LagebTDBSoCS/8nYNnVneaOZMv+r0/rA1Jh7zlbZBlaNY
vKNR5R+NOkkFZzOCQI/shgK21P+q4+9/dUm/vqXqHBvl9r1vFUIBQ1Z70gx5VwCm
014RHTMkkyzva3ymxgmf6BI0TGLzblZnZffXAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUITIGEHsy93yddj3Yxlwjqhla4h4wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0lUSUdFSHN5OTN5ZGRq
M1l4bHdqcWhsYTRoNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAiFV0xoE11Jk4TLdtId5apk3hv/n06X7+
wjsp2QCjF+rj/irKV1+puk22zn8Rn/Fp3kAsNxPNklUNHMX23eydwpcb5d+Qwtyw
LA77jFrN72aJtxED9a5E9Vgj/eaU+ccvz9npLhKCd4Pc3nR3i4XUSs6ND2yV8WWN
6bGUEKgtBZx+avwVGunTk4JR0r2HalPx+6m3JOsZB6O7kQU6Ale7MDvptP24F4F2
B3a4U89fT9wCJQyp44IiM91Ndfvwca6W5maXkyRRPhbq2lOTZEAjIhk4hMdBsQef
VvHezAuSvNNg8Sjej1/59yOKVA7ofV5c6DDFg0j3xDSwUOq9YSg7mw==
-----END CERTIFICATE-----
Generated at Sat Apr 20 23:16:41 2024 by rpki-client on console-fra.rpki-client.org