Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/IoctUs5wgGi0q95WyRlNwSch4F8.roa
File: IoctUs5wgGi0q95WyRlNwSch4F8.roa (raw, json)
Hash identifier: 67ZRKN12Zp4cX8oGj9Yk3DvFQHaK5bfhP95N723s/+Q=
Subject key identifier: 22:87:2D:52:CE:70:80:68:B4:AB:DE:56:C9:19:4D:C1:27:21:E0:5F
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0FBA
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/IoctUs5wgGi0q95WyRlNwSch4F8.roa
Signing time: Mon 01 Apr 2024 21:52:42 +0000
ROA not before: Mon 01 Apr 2024 21:52:42 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4026 (0xfba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 1 21:52:42 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=22872D52CE708068B4ABDE56C9194DC12721E05F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:cb:f5:93:6a:79:bd:94:0a:cc:d8:5f:9b:3c:
5a:5f:a5:98:2a:d5:a1:61:06:9e:12:fb:de:0c:e8:
a4:a5:41:5b:ce:e0:b9:c1:f3:da:c0:09:1b:e1:f4:
94:be:43:d7:4c:4c:a1:e3:b1:f9:58:9b:4d:19:6e:
d5:70:92:53:10:56:07:9d:26:50:e5:aa:5e:3a:ce:
1d:c8:e0:11:6f:ba:21:2a:f7:83:a8:f3:34:1b:02:
8c:a4:70:54:4f:80:bd:32:26:f9:af:5d:30:ad:1c:
c2:37:6d:e5:ab:da:2f:46:6a:28:65:fe:d1:fe:83:
5e:e8:08:b2:7c:be:09:10:60:fb:e2:95:38:36:ed:
37:14:49:15:34:4b:80:ca:a8:e6:93:c4:5a:7f:b6:
ac:e2:59:bf:2e:1b:b0:04:f3:76:28:74:35:9b:b8:
bd:29:9d:42:be:33:d0:70:44:6f:6b:25:c0:8a:a2:
ec:f9:ab:41:0f:ec:d3:dc:19:6f:ed:69:3e:f6:8c:
a8:36:6b:54:5e:c1:14:0a:56:59:40:cd:59:0b:24:
85:b4:50:f4:59:9b:8c:91:4e:e0:02:8e:f9:bc:fc:
34:6b:9c:c4:52:0c:7a:5f:4b:e1:3d:86:25:54:fb:
17:e8:b2:6c:1f:88:a8:14:6a:6d:e1:54:24:90:46:
42:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:87:2D:52:CE:70:80:68:B4:AB:DE:56:C9:19:4D:C1:27:21:E0:5F
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/IoctUs5wgGi0q95WyRlNwSch4F8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
28:0c:f4:f4:9e:4d:64:d6:b5:72:4f:57:05:83:ea:64:97:8c:
e2:34:f2:0d:b2:49:6f:6d:ad:96:dd:f2:67:d1:01:1b:ac:c1:
46:00:14:58:36:6a:ff:37:84:d1:64:48:49:84:65:28:63:23:
99:09:16:72:14:e8:17:a0:72:87:74:d3:09:4e:89:9f:04:48:
8d:70:b0:57:10:80:3f:fa:07:2f:c0:6a:16:05:7a:32:fc:95:
30:82:99:26:da:29:a1:32:3e:3c:1f:91:c8:b3:8b:1d:8a:27:
04:9b:b2:c4:79:f3:46:61:01:1a:17:01:d0:8a:41:42:7d:03:
84:af:45:3d:a7:94:db:36:1f:13:dc:3e:32:e0:58:f5:e7:81:
c1:cd:b1:22:c1:f7:72:5a:32:e4:34:00:37:58:0d:79:37:b7:
77:b4:d5:89:97:84:43:c7:df:cb:b1:6c:70:d8:b5:cd:f2:13:
ab:a3:72:fb:5c:73:e5:d4:f8:a6:80:cb:53:00:fa:30:87:36:
06:6e:d0:37:66:29:ef:2f:8b:19:96:39:bc:1c:c3:f4:73:36:
9d:d7:e1:37:be:11:74:b9:20:b1:8c:5c:8c:1e:74:fb:bc:cf:
ff:45:a8:e2:e8:c7:36:53:c6:d8:a3:81:e6:ca:fd:8d:08:f9:
34:7b:3f:14
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICD7owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MDEy
MTUyNDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIyODcyRDUyQ0U3MDgw
NjhCNEFCREU1NkM5MTk0REMxMjcyMUUwNUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyy/WTanm9lArM2F+bPFpfpZgq1aFhBp4S+94M6KSlQVvO4LnB
89rACRvh9JS+Q9dMTKHjsflYm00ZbtVwklMQVgedJlDlql46zh3I4BFvuiEq94Oo
8zQbAoykcFRPgL0yJvmvXTCtHMI3beWr2i9Gaihl/tH+g17oCLJ8vgkQYPvilTg2
7TcUSRU0S4DKqOaTxFp/tqziWb8uG7AE83YodDWbuL0pnUK+M9BwRG9rJcCKouz5
q0EP7NPcGW/taT72jKg2a1RewRQKVllAzVkLJIW0UPRZm4yRTuACjvm8/DRrnMRS
DHpfS+E9hiVU+xfosmwfiKgUam3hVCSQRkItAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUIoctUs5wgGi0q95WyRlNwSch4F8wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0lvY3RVczV3Z0dpMHE5
NVd5UmxOd1NjaDRGOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAKAz09J5NZNa1ck9XBYPqZJeM4jTyDbJJ
b22tlt3yZ9EBG6zBRgAUWDZq/zeE0WRISYRlKGMjmQkWchToF6Byh3TTCU6JnwRI
jXCwVxCAP/oHL8BqFgV6MvyVMIKZJtopoTI+PB+RyLOLHYonBJuyxHnzRmEBGhcB
0IpBQn0DhK9FPaeU2zYfE9w+MuBY9eeBwc2xIsH3cloy5DQAN1gNeTe3d7TViZeE
Q8ffy7FscNi1zfITq6Ny+1xz5dT4poDLUwD6MIc2Bm7QN2Yp7y+LGZY5vBzD9HM2
ndfhN74RdLkgsYxcjB50+7zP/0Wo4ujHNlPG2KOB5sr9jQj5NHs/FA==
-----END CERTIFICATE-----
Generated at Tue Apr 2 03:07:01 2024 by rpki-client on console-ams.rpki-client.org