Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/IzSSpuxk9mYPu_wp_qKeqNiVW0Q.roa
File: IzSSpuxk9mYPu_wp_qKeqNiVW0Q.roa (raw, json)
Hash identifier: tNoxoQezh3Dugs0Z+2rgzCMyg7kwtlSeywk4HpuDwYM=
Subject key identifier: 23:34:92:A6:EC:64:F6:66:0F:BB:FC:29:FE:A2:9E:A8:D8:95:5B:44
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0ED8
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/IzSSpuxk9mYPu_wp_qKeqNiVW0Q.roa
Signing time: Sat 30 Mar 2024 13:22:38 +0000
ROA not before: Sat 30 Mar 2024 13:22:38 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3800 (0xed8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 30 13:22:38 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=233492A6EC64F6660FBBFC29FEA29EA8D8955B44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b5:e1:70:9b:6f:c3:cf:bd:2d:05:58:df:85:
83:41:d3:ca:a1:64:17:e6:03:9c:d8:76:d3:8a:f7:
53:44:03:d4:18:49:f5:54:96:c1:a8:d9:fe:e8:92:
7f:0f:1e:11:3d:09:c7:15:c7:45:8f:d9:8c:7c:19:
51:fa:bc:0c:1e:7b:a4:68:b8:2b:70:10:ac:ef:5b:
7a:0a:f5:ca:e2:2a:a9:2d:45:a5:42:3f:8c:22:aa:
68:63:6d:5e:e8:65:c9:ef:ed:65:36:00:51:37:25:
48:c0:c3:f6:c9:73:11:6a:b9:2b:8b:5d:2d:b1:e6:
ce:6a:66:5d:1c:e9:54:a2:81:a4:b0:49:47:62:8a:
74:24:21:33:6d:f1:95:b7:38:3c:26:71:ee:ac:e1:
ac:a4:7c:70:50:ee:70:5b:5e:db:a4:0e:e5:6b:7b:
bf:fb:cc:72:e2:64:1c:26:ac:6b:01:58:bb:32:9d:
7b:88:7e:8d:5e:d6:8c:e4:7a:cf:4f:6e:4c:73:ce:
73:79:ae:b3:a0:f8:7e:ff:9d:14:e2:eb:ab:8d:bf:
47:81:f8:57:e2:28:b6:ce:12:cb:fc:cb:2e:dc:cd:
7e:ec:25:3f:14:16:21:ec:27:35:e9:4e:c1:ff:d7:
c0:55:9a:f5:3e:58:5b:17:31:59:6a:f8:0c:96:82:
43:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:34:92:A6:EC:64:F6:66:0F:BB:FC:29:FE:A2:9E:A8:D8:95:5B:44
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/IzSSpuxk9mYPu_wp_qKeqNiVW0Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
94:d6:e0:72:2e:b7:77:15:b1:2a:36:4b:2a:78:bb:66:e2:5d:
18:d8:ec:a8:28:5b:a1:78:83:fc:c4:ce:0e:e8:44:a8:23:6c:
c6:e2:ef:6a:e1:ed:7a:0b:0d:4c:e2:d0:4c:ef:80:db:7b:74:
5c:5a:38:b2:59:4a:23:27:53:83:6c:d9:05:0b:85:28:8b:e0:
cd:ed:84:43:30:5a:b3:7d:1a:63:fc:46:46:29:2d:c1:51:8b:
8b:f1:94:d0:43:cf:0c:03:8f:5b:63:62:2e:90:c9:03:99:96:
b3:bf:7d:1d:dc:58:14:66:c8:92:35:7c:b3:3f:cc:62:b7:ba:
76:72:e0:1f:71:14:9f:9f:eb:eb:ff:b8:7b:e8:e2:52:86:41:
32:c7:57:45:25:65:21:3c:ab:d5:f7:dc:90:0b:de:ce:30:cb:
70:af:f9:6f:65:19:91:17:7e:15:ac:3b:f9:f4:87:31:e4:75:
f6:f8:eb:20:aa:5a:a3:1c:d7:13:f4:d4:ba:11:73:26:a6:2a:
62:e7:cc:97:79:10:41:42:14:32:fa:1f:c6:5f:8c:4c:af:17:
93:e7:53:bc:be:ba:09:21:ea:bd:bf:0d:58:d9:69:19:90:83:
be:81:04:0b:61:9b:f7:c9:cf:e1:57:b4:8b:3a:d5:8b:0e:2f:
d5:8c:83:c7
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDtgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMzAx
MzIyMzhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIzMzQ5MkE2RUM2NEY2
NjYwRkJCRkMyOUZFQTI5RUE4RDg5NTVCNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyteFwm2/Dz70tBVjfhYNB08qhZBfmA5zYdtOK91NEA9QYSfVU
lsGo2f7okn8PHhE9CccVx0WP2Yx8GVH6vAwee6RouCtwEKzvW3oK9criKqktRaVC
P4wiqmhjbV7oZcnv7WU2AFE3JUjAw/bJcxFquSuLXS2x5s5qZl0c6VSigaSwSUdi
inQkITNt8ZW3ODwmce6s4aykfHBQ7nBbXtukDuVre7/7zHLiZBwmrGsBWLsynXuI
fo1e1ozkes9PbkxzznN5rrOg+H7/nRTi66uNv0eB+FfiKLbOEsv8yy7czX7sJT8U
FiHsJzXpTsH/18BVmvU+WFsXMVlq+AyWgkMHAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUIzSSpuxk9mYPu/wp/qKeqNiVW0QwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0l6U1NwdXhrOW1ZUHVf
d3BfcUtlcU5pVlcwUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAlNbgci63dxWxKjZLKni7ZuJdGNjsqChb
oXiD/MTODuhEqCNsxuLvauHtegsNTOLQTO+A23t0XFo4sllKIydTg2zZBQuFKIvg
ze2EQzBas30aY/xGRiktwVGLi/GU0EPPDAOPW2NiLpDJA5mWs799HdxYFGbIkjV8
sz/MYre6dnLgH3EUn5/r6/+4e+jiUoZBMsdXRSVlITyr1ffckAvezjDLcK/5b2UZ
kRd+Faw7+fSHMeR19vjrIKpaoxzXE/TUuhFzJqYqYufMl3kQQUIUMvofxl+MTK8X
k+dTvL66CSHqvb8NWNlpGZCDvoEEC2Gb98nP4Ve0izrViw4v1YyDxw==
-----END CERTIFICATE-----
Generated at Sat Mar 30 15:08:16 2024 by rpki-client on console-fra.rpki-client.org