Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/L_SzIJzhKh1nJAj6SrZpZl8Wl2I.roa
File: L_SzIJzhKh1nJAj6SrZpZl8Wl2I.roa (raw, json)
Hash identifier: vbSLSw/Rmzd7s09DjoWvT4ZjYkNN17FZLQR/7903MYI=
Subject key identifier: 2F:F4:B3:20:9C:E1:2A:1D:67:24:08:FA:4A:B6:69:66:5F:16:97:62
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 13EE
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/L_SzIJzhKh1nJAj6SrZpZl8Wl2I.roa
Signing time: Sat 13 Apr 2024 02:53:18 +0000
ROA not before: Sat 13 Apr 2024 02:53:18 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5102 (0x13ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 13 02:53:18 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2FF4B3209CE12A1D672408FA4AB669665F169762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:7b:ba:c3:48:b3:16:a8:54:a9:2f:fb:fb:3a:
b5:c2:36:3b:4f:1d:72:cb:cf:6b:33:ce:58:77:b3:
2f:9a:20:e0:77:3b:85:fd:75:f2:26:27:3b:85:fd:
ea:51:8f:2f:19:77:d1:5d:3a:eb:8b:9a:f6:0c:b7:
ba:59:2d:6c:73:b3:5e:28:4e:50:b4:e5:24:39:b0:
43:01:de:ea:84:7d:45:3e:7b:41:43:24:8c:51:bf:
7c:75:ca:94:b8:e5:8c:f8:20:d0:f4:be:29:55:54:
50:90:04:66:5e:64:92:d1:6a:eb:8d:72:b2:3e:f6:
f0:65:ec:cd:22:38:ea:f0:6a:b6:7d:df:99:47:3b:
c2:a6:e4:c5:cb:42:6f:6f:53:e5:2b:52:e7:d4:7b:
5b:f1:76:04:a4:6a:ee:39:cc:a8:6d:9a:6d:ba:61:
ad:d8:53:b5:0c:66:a4:43:db:76:dd:b8:69:22:36:
41:51:ca:19:c4:45:21:68:5a:3a:81:c3:1d:fd:ae:
f5:05:0d:a2:86:b1:e6:0e:3e:0a:cd:7b:6e:28:9a:
21:6d:ef:ad:f5:cf:26:cd:d1:ab:ed:93:12:00:fa:
fc:a2:e7:15:58:9a:84:c9:78:e4:b0:51:a6:36:54:
4f:c7:ec:52:a4:37:0e:f4:01:37:70:a4:29:98:f5:
69:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:F4:B3:20:9C:E1:2A:1D:67:24:08:FA:4A:B6:69:66:5F:16:97:62
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/L_SzIJzhKh1nJAj6SrZpZl8Wl2I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5e:83:c7:c2:b9:7f:f5:ff:3e:d7:9c:7a:42:71:a2:db:8a:28:
40:b3:e9:7c:ec:8d:c8:37:3b:6b:66:25:d4:c7:07:04:27:b3:
50:e0:89:81:20:7a:2c:84:ee:fc:54:01:56:13:15:9b:b2:fe:
ee:f9:33:3d:09:87:0a:fe:c9:53:75:ae:45:18:40:5b:fe:66:
cd:a7:50:9e:d9:02:16:99:a7:b5:72:ee:ff:b6:1c:5d:d2:40:
4a:55:a3:f8:3d:3f:0f:ee:6c:50:cd:8f:b9:91:5e:31:c6:92:
cc:b9:6a:1f:fe:08:2c:04:07:13:a5:ff:6d:fa:fc:06:12:90:
15:b1:e9:34:4f:dc:eb:a6:c1:51:49:7f:38:26:4a:e6:84:a5:
14:b4:fd:b4:ba:c9:ff:b0:f2:d0:46:ea:4c:d8:0a:8f:08:93:
6e:91:02:5f:64:42:32:31:80:61:3a:b0:f6:90:eb:65:a8:a2:
8b:a6:9a:93:b3:24:7c:03:80:f2:2f:99:71:dd:2b:a1:ed:fd:
8a:a8:e1:a2:75:a2:1a:61:a0:1a:3a:c6:67:20:6e:90:50:1f:
d6:1c:90:ae:3a:2e:46:96:b6:bd:a8:8a:9f:fa:d7:1d:a0:3d:
59:a5:74:3f:c8:4c:2f:4c:46:51:bd:3a:82:6e:ef:79:25:ba:
c9:cd:51:60
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICE+4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTMw
MjUzMThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJGRjRCMzIwOUNFMTJB
MUQ2NzI0MDhGQTRBQjY2OTY2NUYxNjk3NjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhe7rDSLMWqFSpL/v7OrXCNjtPHXLLz2szzlh3sy+aIOB3O4X9
dfImJzuF/epRjy8Zd9FdOuuLmvYMt7pZLWxzs14oTlC05SQ5sEMB3uqEfUU+e0FD
JIxRv3x1ypS45Yz4IND0vilVVFCQBGZeZJLRauuNcrI+9vBl7M0iOOrwarZ935lH
O8Km5MXLQm9vU+UrUufUe1vxdgSkau45zKhtmm26Ya3YU7UMZqRD23bduGkiNkFR
yhnERSFoWjqBwx39rvUFDaKGseYOPgrNe24omiFt7631zybN0avtkxIA+vyi5xVY
moTJeOSwUaY2VE/H7FKkNw70ATdwpCmY9WkPAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUL/SzIJzhKh1nJAj6SrZpZl8Wl2IwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0xfU3pJSnpoS2gxbkpB
ajZTclpwWmw4V2wySS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAXoPHwrl/9f8+15x6QnGi24ooQLPpfOyN
yDc7a2Yl1McHBCezUOCJgSB6LITu/FQBVhMVm7L+7vkzPQmHCv7JU3WuRRhAW/5m
zadQntkCFpmntXLu/7YcXdJASlWj+D0/D+5sUM2PuZFeMcaSzLlqH/4ILAQHE6X/
bfr8BhKQFbHpNE/c66bBUUl/OCZK5oSlFLT9tLrJ/7Dy0EbqTNgKjwiTbpECX2RC
MjGAYTqw9pDrZaiii6aak7MkfAOA8i+Zcd0roe39iqjhonWiGmGgGjrGZyBukFAf
1hyQrjouRpa2vaiKn/rXHaA9WaV0P8hML0xGUb06gm7veSW6yc1RYA==
-----END CERTIFICATE-----
Generated at Sat Apr 13 04:20:31 2024 by rpki-client on console-ams.rpki-client.org