Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/LmzFgagoYYd790evcvVMLdYUj1M.roa
File: LmzFgagoYYd790evcvVMLdYUj1M.roa (raw, json)
Hash identifier: DngOaGco7ggRHa03R+fYdJbTEOg7W4XF90gniQL7n/E=
Subject key identifier: 2E:6C:C5:81:A8:28:61:87:7B:F7:47:AF:72:F5:4C:2D:D6:14:8F:53
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 15D4
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/LmzFgagoYYd790evcvVMLdYUj1M.roa
Signing time: Thu 18 Apr 2024 04:23:23 +0000
ROA not before: Thu 18 Apr 2024 04:23:23 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5588 (0x15d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Apr 18 04:23:23 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2E6CC581A82861877BF747AF72F54C2DD6148F53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:fe:d8:d6:68:bb:cd:09:4c:35:45:0e:8e:90:
b2:a3:ba:1b:72:fc:ab:58:17:77:54:84:ae:6f:61:
67:7a:2d:17:d4:5a:17:7c:8f:9a:d6:4a:0c:1b:60:
67:95:0b:87:0c:c2:2d:7a:2a:f9:8e:78:f4:ac:32:
54:f1:e9:b6:7c:15:42:72:66:45:69:e9:19:9a:6c:
7e:79:50:b9:32:ea:27:74:50:72:28:46:35:1e:af:
0a:7c:4a:eb:b2:e8:90:03:f4:c3:b1:e8:2f:a8:b4:
0c:51:43:5b:a3:18:67:36:bc:8c:ef:37:ea:5c:6e:
b8:b4:2f:84:3c:09:dd:5c:e9:ea:41:52:f6:15:d2:
d6:60:73:10:5a:52:00:3a:41:8e:1c:a5:f5:25:49:
28:e7:ea:88:c1:c5:d8:e3:c6:9f:2b:ab:ab:3a:c2:
57:11:6c:ba:e0:ba:bb:30:74:7a:fa:1e:13:3a:b4:
1f:dc:e5:c7:b5:60:2c:5f:b2:c0:55:9a:ee:cd:db:
e8:2f:0f:53:0d:9b:a1:f5:a0:30:b1:c3:e0:c7:82:
3c:9b:53:d8:10:ce:0a:cf:09:48:cd:da:51:d8:8f:
f5:ca:cd:f2:9c:81:2f:86:0b:25:07:5b:ae:33:88:
87:a9:2f:1d:d6:ba:63:d0:b4:81:20:a9:57:64:69:
75:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:6C:C5:81:A8:28:61:87:7B:F7:47:AF:72:F5:4C:2D:D6:14:8F:53
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/LmzFgagoYYd790evcvVMLdYUj1M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9b:82:e4:5a:26:5c:b9:eb:10:41:2d:a5:73:43:8c:59:6a:a1:
9f:75:6c:4a:d3:9a:29:19:db:0b:bc:7c:3e:56:87:52:0b:8a:
c4:c9:70:f2:1c:c0:d4:db:23:e5:c1:64:48:18:1f:6a:de:ae:
67:b5:81:9a:2d:36:c2:19:68:10:f1:b2:79:a5:91:39:43:24:
01:79:3e:13:e1:91:25:f7:ff:fd:e3:c2:34:52:f9:9d:88:29:
00:86:64:34:16:be:35:a0:23:2e:67:28:b8:56:b4:cc:52:23:
5c:80:af:3c:97:af:f6:dd:3d:dc:fe:80:8f:9e:c6:1e:e4:e4:
a4:f5:16:bc:fa:b7:07:ef:de:b1:96:fa:1d:7c:c8:e6:33:83:
84:79:4b:63:22:af:fd:ee:2f:02:79:b8:aa:10:f6:0b:46:08:
71:ef:93:bf:ed:c8:c2:d4:e2:1d:eb:ba:aa:dd:49:7f:09:55:
8e:64:e2:ef:f4:79:d9:63:5e:60:9f:3d:79:7c:27:b1:66:5e:
ab:01:4c:56:fc:03:b2:35:81:aa:a8:f9:da:88:4e:39:10:40:
98:34:66:be:03:2c:31:56:6b:0f:d0:40:92:1a:61:22:d8:cc:
7a:34:ac:96:5a:10:be:62:a0:06:33:96:80:7b:f7:1d:cc:e2:
e3:e0:65:66
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICFdQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA0MTgw
NDIzMjNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJFNkNDNTgxQTgyODYx
ODc3QkY3NDdBRjcyRjU0QzJERDYxNDhGNTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1/tjWaLvNCUw1RQ6OkLKjuhty/KtYF3dUhK5vYWd6LRfUWhd8
j5rWSgwbYGeVC4cMwi16KvmOePSsMlTx6bZ8FUJyZkVp6RmabH55ULky6id0UHIo
RjUerwp8Suuy6JAD9MOx6C+otAxRQ1ujGGc2vIzvN+pcbri0L4Q8Cd1c6epBUvYV
0tZgcxBaUgA6QY4cpfUlSSjn6ojBxdjjxp8rq6s6wlcRbLrgurswdHr6HhM6tB/c
5ce1YCxfssBVmu7N2+gvD1MNm6H1oDCxw+DHgjybU9gQzgrPCUjN2lHYj/XKzfKc
gS+GCyUHW64ziIepLx3WumPQtIEgqVdkaXXPAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQULmzFgagoYYd790evcvVMLdYUj1MwHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0xtekZnYWdvWVlkNzkw
ZXZjdlZNTGRZVWoxTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAm4LkWiZcuesQQS2lc0OMWWqhn3VsStOa
KRnbC7x8PlaHUguKxMlw8hzA1Nsj5cFkSBgfat6uZ7WBmi02whloEPGyeaWROUMk
AXk+E+GRJff//ePCNFL5nYgpAIZkNBa+NaAjLmcouFa0zFIjXICvPJev9t093P6A
j57GHuTkpPUWvPq3B+/esZb6HXzI5jODhHlLYyKv/e4vAnm4qhD2C0YIce+Tv+3I
wtTiHeu6qt1JfwlVjmTi7/R52WNeYJ89eXwnsWZeqwFMVvwDsjWBqqj52ohOORBA
mDRmvgMsMVZrD9BAkhphItjMejSslloQvmKgBjOWgHv3Hczi4+BlZg==
-----END CERTIFICATE-----
Generated at Thu Apr 18 05:47:15 2024 by rpki-client on console-fra.rpki-client.org