Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/LwnSkOo4WzhDAKdelt-2FwIOw78.roa
File: LwnSkOo4WzhDAKdelt-2FwIOw78.roa (raw, json)
Hash identifier: ogeYIyKznPAhJs1xdvxfMl8HldIxkes6IQUgGYly4r4=
Subject key identifier: 2F:09:D2:90:EA:38:5B:38:43:00:A7:5E:96:DF:B6:17:02:0E:C3:BF
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 0EC6
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/LwnSkOo4WzhDAKdelt-2FwIOw78.roa
Signing time: Sat 30 Mar 2024 08:52:31 +0000
ROA not before: Sat 30 Mar 2024 08:52:31 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3782 (0xec6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: Mar 30 08:52:31 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2F09D290EA385B384300A75E96DFB617020EC3BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:eb:39:08:8d:1f:b4:6e:6e:0e:dd:1d:ef:ac:
42:a2:c3:e5:07:ba:ca:da:85:ac:d2:12:74:f1:9f:
dd:96:c9:ee:9a:18:51:38:cb:2e:42:02:b6:eb:37:
31:96:11:9b:f6:ec:a5:77:af:59:01:41:07:d1:b9:
29:f9:16:ed:a6:d3:18:5d:62:e9:4e:67:db:64:4b:
ae:9a:3d:04:ce:24:14:c6:a4:aa:37:74:44:19:48:
31:4e:2f:61:e9:ea:cc:82:19:f2:94:61:f0:c6:31:
8e:6e:1a:60:36:a1:10:93:4a:06:0c:f1:a9:0d:99:
f9:46:c7:63:b0:01:7d:53:be:29:8f:e4:cb:d4:d7:
b9:66:18:aa:b3:67:e9:bb:99:16:e7:cb:d4:fe:79:
ca:cf:74:c4:8e:d0:cd:5f:78:59:a7:17:45:0f:c6:
16:d1:84:73:97:a4:58:e8:34:6c:57:ae:a8:a6:d6:
76:d7:12:da:c6:1b:c3:3b:8e:a6:2a:9a:5a:89:4e:
ff:23:d0:f5:93:ee:e5:1d:7a:9c:d8:23:84:f0:60:
97:73:2c:ea:94:a0:4e:bd:4c:15:c2:88:2f:46:f3:
ca:1e:ac:20:11:90:f4:d8:8c:36:65:9a:f5:99:3a:
e1:82:6e:cc:83:14:02:72:c0:ff:7f:5c:6f:21:30:
95:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:09:D2:90:EA:38:5B:38:43:00:A7:5E:96:DF:B6:17:02:0E:C3:BF
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/LwnSkOo4WzhDAKdelt-2FwIOw78.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
90:b1:81:42:29:0e:b6:7f:19:f7:55:e0:b2:cc:fa:0e:47:35:
d0:fc:94:28:3b:fb:c3:58:c4:9f:92:be:f1:e9:03:18:28:8f:
82:93:37:0b:3e:cb:40:95:a9:e2:6d:88:51:a6:7f:ac:ff:98:
c8:48:49:99:be:c8:d8:0e:a1:bf:c4:42:b7:44:46:c7:98:b2:
ac:10:ee:75:cf:e7:f1:a7:8d:94:01:9d:75:c6:fe:80:8f:92:
ff:f0:7b:79:6f:ca:87:6b:d0:73:c5:5f:ba:24:c8:81:22:2e:
ff:18:3c:dc:89:bf:17:24:00:6b:d8:fc:57:b1:37:f0:c5:af:
5e:18:a1:db:9f:08:1c:ce:d3:b1:8d:5a:8d:0c:5a:b0:59:82:
87:8f:b8:81:d2:72:9f:29:1f:e1:3d:50:7b:64:ed:e7:d7:b6:
9f:99:88:87:9f:56:ca:ec:93:21:b8:a0:9e:65:89:cc:97:f9:
0f:17:e6:76:39:07:47:7a:d1:83:44:11:54:3f:c0:9c:b9:2e:
b1:30:28:7a:f0:64:c4:f7:6f:2a:7b:45:d4:75:ac:a7:c5:ff:
38:5d:eb:ff:ad:ab:5e:02:28:e0:d2:a2:0c:bd:c0:bf:6d:9e:
71:1c:77:b3:0d:be:7e:92:86:7d:02:b7:ab:8d:36:18:58:30:
16:80:f3:0a
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDsYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDAzMzAw
ODUyMzFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJGMDlEMjkwRUEzODVC
Mzg0MzAwQTc1RTk2REZCNjE3MDIwRUMzQkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCt6zkIjR+0bm4O3R3vrEKiw+UHusrahazSEnTxn92Wye6aGFE4
yy5CArbrNzGWEZv27KV3r1kBQQfRuSn5Fu2m0xhdYulOZ9tkS66aPQTOJBTGpKo3
dEQZSDFOL2Hp6syCGfKUYfDGMY5uGmA2oRCTSgYM8akNmflGx2OwAX1TvimP5MvU
17lmGKqzZ+m7mRbny9T+ecrPdMSO0M1feFmnF0UPxhbRhHOXpFjoNGxXrqim1nbX
EtrGG8M7jqYqmlqJTv8j0PWT7uUdepzYI4TwYJdzLOqUoE69TBXCiC9G88oerCAR
kPTYjDZlmvWZOuGCbsyDFAJywP9/XG8hMJVFAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQULwnSkOo4WzhDAKdelt+2FwIOw78wHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzL0x3blNrT280V3poREFL
ZGVsdC0yRndJT3c3OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAkLGBQikOtn8Z91Xgssz6Dkc10PyUKDv7
w1jEn5K+8ekDGCiPgpM3Cz7LQJWp4m2IUaZ/rP+YyEhJmb7I2A6hv8RCt0RGx5iy
rBDudc/n8aeNlAGddcb+gI+S//B7eW/Kh2vQc8VfuiTIgSIu/xg83Im/FyQAa9j8
V7E38MWvXhih258IHM7TsY1ajQxasFmCh4+4gdJynykf4T1Qe2Tt59e2n5mIh59W
yuyTIbignmWJzJf5DxfmdjkHR3rRg0QRVD/AnLkusTAoevBkxPdvKntF1HWsp8X/
OF3r/62rXgIo4NKiDL3Av22ecRx3sw2+fpKGfQK3q402GFgwFoDzCg==
-----END CERTIFICATE-----
Generated at Sat Mar 30 10:18:03 2024 by rpki-client on console-ams.rpki-client.org